The attacks continue to change and most organizations still don't have the capabilities to detect the basic attacks. Adversarial simulation relies on attacks that are designed to maintain persistence and gain access to the data needed. This course focuses on the latest attack techniques giving penetration testers the ability to learn the new techniques but also focuses on teaching how to best defend against the attacks. The term hunt team focuses on taking a proactive approach in assuming an environment is already compromised. This course will cover both red and blue team efforts and provide methods for understanding how to best detect threats in an enterprise.
This course is completely hands on!
At the end of day 1 - you will be attacking a fully simulated network and performing offensive capabilities against our trainers who have to defend! At the end of day 2 - you will be defending while our trainers go on the offense while you try to stop and detect the attacks.
This course applies real-world offense and defense capabilities to truly paint the full picture of understanding how attacks happen today and how to best prevent them.
The course is completely fresh and contains all of the latest pentester methods as well as unreleased methods as well as the ways that actually stop us.
Day 1 Outline
Introduction to Attacker Techniques
Common Methods for Exploitation
Methods for Persistence and Evasion
Lateral Movement and Pivoting
Circumventing Security Defenses
Understanding Attacker Mindsets
Performing an adversarial simulation
Simulated Attack Scenario on Live Network (TRAINERS DEFENSE, STUDENTS OFFENSE)
Day 2 Outline
Developing a Common Defense
Introduction to Hunt Teaming
Performing a hunt team exercise
Tools, tricks, and free scripts!
Identifying threats on the network
Identifying threats on the endpoint
Using existing technology in the network
Defending the Network - Live Network Defense (STUDENTS DEFENSE, TRAINERS OFFENSE)
WHO SHOULD TAKE THIS COURSE
Blue Team Members
Students can be from all different types of backgrounds and knowledge. Regardless if you are a penetration tester, or someone that focuses on defense - this course is for you. We heavily recommend at the minimum having basic systems administration experience - this will help you with hands on.
WHAT STUDENTS SHOULD BRING
Laptop with VMWare/Fusion or similar (VirtualBox is heavily not recommended).
Kali Linux in a virtual machine (or primary OS)
OR Ubuntu (LTS) with PenTesters Framework already loaded and up-to-date (github.com/trustedsec/ptf).
Windows system (Windows 7+)
WHAT STUDENTS WILL BE PROVIDED WITH
Electronic copies of all of the course material.
Custom scripts and techniques for both offense and defense