Defense and Offense: Understanding attackers through Red Team tactics

TrustedSec | July 22-25



Overview

Day 1
---------------------------
  • Introduction to Attacker Techniques
  • Common Methods for Exploitation
  • Diving into Recon
  • Threat Modeling
  • Vulnerability Analysis
  • Exploitation
  • Post Exploitation
  • Reporting
  • Methods for Persistence and Evasion
  • Exercise I: First compromise
  • Lateral Movement and Pivoting
  • Exercise II: Lateral Movement


Day 2 Outline
---------------------------
  • Introduction to Python Programming
  • Input/Output with OS Commands
  • Python Network Programming
  • Circumventing Security Defenses through Custom Code
  • Understanding Attacker Mindsets
  • Exercise I: Writing your own backdoor
  • Targeted Attacks
  • Excercise II: Simulated Breach


Day 3 Outline
---------------------------
  • Developing a Common Defense
  • Introduction to Hunt Teaming
  • Detection through Event Log Analysis
  • Exercise I: Basic Detection
  • Tools, tricks, and free scripts!
  • Network Analysis
  • Identifying threats on the network
  • Identifying threats on the endpoint
  • Exercise II: Identifying Behavior
  • Using existing technology in the network
  • Excercise III: Defending the Network

Day 4 Outline
---------------------------
  • Analyzing Malicious Files
  • Understanding C2 Infrastructure
  • Excercise I: Analyzing Malicious DOCX/XLS
  • PowerShell Programming Hands On
  • Excercise II: Writing your Own PowerShell Detection
  • OSX and Linux Detection
  • Excercise III: Developing To Your Needs

Who Should Take this Course

  • Defenders
  • Penetration Testers
  • Beginners to Offense
  • Wanting to learn coding
  • Anyone looking to strengthen their detection capabilities.

Student Requirements

Students should have an understanding of basic Linux commands and be able to navigate through Linux.

What Students Should Bring

Students must have a laptop with VMWare/Fusion or similar (VirtualBox is not recommended) and ability to run multiple VMs.

What Students Will Be Provided With

A penetration testing distribution will be provided to you (through PenTesters Framework) and other virtual machines. Additionally a fully simulated network will also be provided for the course.

Free scripts, tools, and custom code to help defend and understand offense.

Trainers

David Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective. David also serves as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated where he ran the entire INFOSEC program. David is a co-author of the book "Metasploit: The Penetration Testers Guide", the creator of the Social-Engineer Toolkit (SET), Artillery, and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. David is the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. David is the co-founder of DerbyCon, a large-scale conference in Louisville, Kentucky. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.