Advanced attackers are able to infiltrate and move silently through networks while causing devastating effects to enterprises. Emulation of these threats through red team operations is the best method of assessing the true risk that advanced threats present to the enterprise. Adaptive Red Team Tactics is the course for you to expand your penetration testing skillset with threat emulation tactics or to conduct full Red Team exercises. This engaging course builds on the techniques offered in Veris Group’s Adaptive Penetration Testing course and is designed to teach participants how to evade common security controls, identify high-value targets, infiltrate an organization’s network, and demonstrate risk through data mining.
Red Team tactics often involve utilizing common penetration testing and administrative tools in different ways. However, a specialized toolset can greatly enhance the effectiveness of techniques used in Red Team operations. Cobalt Strike, developed by Strategic Cyber, LLC (http://www.advancedpentest.com/), provides a framework for advanced threat emulation previously only available to specialized Red Teams, including proprietary payloads, anti-virus evasion, and advanced post-exploitation within a collaborative workspace. Veris Group has partnered with Strategic Cyber to provide participants with Cobalt Strike to better demonstrate the impact and capabilities of the enemy.
At the conclusion of the course, participants will be able to:
A custom version of the latest Backtrack image will be provided to students – all exercises will be able to be performed from this virtual machine. PDF Version of Slide Deck, Course Lab Write-ups
Students will need to bring their own laptop with:
Mr. McGuire is a Manager of Penetration Testing at Veris Group, LLC where he leads penetration testing and vulnerability assessment efforts for commercial clients and major Federal agencies, including the Department of Justice (DOJ) and the Department of Homeland Security (DHS). He specializes in penetration testing methodologies, tools and techniques and wireless & mobile device security. David has extensive experience in conducting large scale, highly specialized and technically difficult network vulnerability assessments, penetration tests and adversarial (red team) network operations. In addition, he has considerable experience in training participants from various disciplines in computer security, adversarial network operations and penetration testing methodologies, including at major industry conferences such as the Black Hat. Previously, David was the senior technical lead at a large Department of Defense (DoD) Red Team, providing mission planning and direction through numerous large scale operations. David has a Bachelor's Degree in Computer Information Technology and is a CREST Certified Infrastructure Tester, GIAC Certified Penetration Tester (GPEN), GIAC Certified Web Application Penetration Tester (GWAPT) and Offensive Security Certified Professional (OSCP).
Mr. Truncer is a Security Engineer at Veris Group, LLC, where he performs a variety of vulnerability assessments and penetration tests for Federal and commercial customers. His specialties include wireless network assessments, technical vulnerability assessments, and penetration testing. Christopher specializes in develops focused training for specific aspects of security assessments, including auditing wireless networks and exploiting flaws in network services to gain access to the host. Additionally, Christopher specializes in developing custom lab environments for training on real world penetration testing scenarios. Christopher has both designed and participated in various security conference Capture the Flag events. Christopher has a Bachelor's degree in Information Technology from Florida State University and is a GIAC Certified Web Application Penetration Tester (GWAPT), Offensive Security Wireless Professional (OSWP) and Certified Ethical Hacker (CEH).