Skip Main Navigation
Eventbrite
Browse Events
Organize
Help
Log InSign Up
Menu
Page Content
This event has ended.
Adversary Tactics - RTO Training Course - SO-CON 2021 (GMT-7)

Actions Panel

Nov 01

Adversary Tactics - RTO Training Course - SO-CON 2021 (GMT-7)

Online Event - This course will take place online, using virtual software to stream live instructors during the scheduled delivery hours.

By SpecterOps

When and where

Date and time

Mon, Nov 1, 2021, 8:00 AM – Thu, Nov 4, 2021, 4:00 PM PDT

Location

Online

Refund Policy

Refunds up to 7 days before event
Eventbrite's fee is nonrefundable.

About this event

Online Event

This course will take place online, using virtual software to stream live instructors during the scheduled delivery hours of 8:00AM to 4:00PM PDT (GMT-7) / 11:00AM to 7:00PM EDT (GMT-4). Confirmed attendees will receive logistics information one week prior to the event.

-----------------------------------------------------------------------------

Upgrade your Red Team engagements with bleeding-edge Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This course will teach students how to infiltrate networks, gather intelligence, and covertly persist in a network like an advanced adversary. Students will use the skillsets taught in Adversary Tactics: Red Team Ops to go up against live incident responders in an enterprise lab environment designed to mimic a mature real-world network. Students will learn to adapt and overcome Blue Team response through collaborative feedback as the course progresses.

Topics covered include:

  • Design and deploy sophisticated, resilient covert attack infrastructure
  • Utilize advanced Active Directory attack techniques to execute domain enumeration, escalation, and persistence
  • Perform sophisticated post-exploitation actions, including sophisticated data mining, going beyond just achieving “Domain Admin”
  • Use cutting-edge lateral movement methods to move through the enterprise
  • Practice “offense-in-depth” by utilizing a variety of tools and techniques in response to defender actions and technical defenses
  • Effectively train network defenders to better protect themselves against advanced, persistent adversaries

Course Summary

As organizations work to keep from becoming the next breach headline, they increasingly look to exercise their defenses through simulation of the sophisticated attackers they face. Organizations that have adopted an “assume breach” mentality understand it's a matter of when - not if - they will be compromised by these adversaries. The best way to test enterprise security operations against advanced threat actors is through application of the adversary mindset - commonly known as red teaming - through exercises that leverage the same tactics, techniques and procedures (TTPs) as real adversaries. If you’re looking to learn the tradecraft of adversary simulation operations in enterprise environments, sharpen your offensive technical skillset, and understand how to detect modern offensive tradecraft, this is the course for you.

This intense course immerses students in a single simulated enterprise environment, with multiple domains, up-to-date and patched operating systems, modern defenses, and active network defenders responding to malicious activities. In keeping with the assumed breach mentality, the course provides detailed attacker tradecraft post initial access, which includes; performing host situational awareness and "safety checks", establishing resilient command and control (C2) infrastructure, escalation privileges locally, breaking out of the beachhead, performing advanced lateral movement, escalating in Active Directory, performing advanced Kerberos attacks, and achieving red team objectives via data mining and exfiltration.

The course focuses on “offense-in-depth”, the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques. To drive this concept home, students will go up against live incident responders that actively hunt for and block malicious activity in the environment. The responders will provide real-time feedback and a daily summary to students to demonstrate what artifacts attacks can leave behind, and how students can adapt their tradecraft to minimize their footprint.

Learn to use some of the most well-known offensive tools from the authors themselves, including co-creators and developers of Mythic, PowerView, PowerShell Empire, Unmanaged Powershell, Covenant, Merlin, Rubeus, GhostPack, and BloodHound!

Course Syllabus

Day 1:

  • Introduction & Course Overview
  • Red Team Operations Overview
  • Attack Infrastructure
  • Lab Introduction
  • Host Situational Awareness
  • C#/PowerShell Weaponization
  • Local Privilege Escalation

Day 2:

  • Defensive Debrief of Day 1 Student Tradecraft
  • An Introduction to Adversary Detection
  • Credential Abuse
  • Active Directory Situation Awareness
  • Payload Methodology
  • Lateral Movement
  • SQL Abuse

Day 3:

  • Defensive Debrief of Day 2 Student Tradecraft
  • OPSEC Considerations
  • Active Directory Domain Trusts
  • Kerberos Overview
  • Kerberos Attacks (Gold and Silver tickets, and Forged Ticket Detection)

Day 4:

  • Defensive Debrief of Day 3 Student Tradecraft
  • Bloodhound - Visualizing Attack Paths
  • Data Protection API (DPAPI)
  • Advanced Kerberos Attacks
  • Complete Lab Debrief
  • Final Defensive Debrief and Evaluation of Student Tradecraft

Student Requirements

This is an advanced course that will include a large amount of time in a simulated complex enterprise with active defensive personnel. Students should have previous penetration testing training and/or experience with penetration testing tools and techniques. Additionally, experience with at least one Command and Control (C2) frameworks is highly preferred (e.g., Apfell\Mythic, Covenant, Cobalt Strike, Metasploit, etc). Lastly, the course covers various aspects of Windows, Active Directory, and C#\PowerShell, so some familiarity with these technologies will be beneficial.

Hardware Requirements

  • Internet Connection
  • 8GBs of RAM
  • Modern Web Browser capable of rendering HTML5

Accommodations

Training will be taking place virtually.

FAQs

How can I contact the organizer with any questions?

Please email info@specterops.io with any questions.  

What's the refund policy?

Full refunds will be provided up to 7 days before the course start date.

Tags

  • Online Events
  • Online Classes
  • Online Science & Tech Classes
Event ended

Adversary Tactics - RTO Training Course - SO-CON 2021 (GMT-7)


Follow this organizer to stay informed on future events

SpecterOps

Event creator

Events you might like

  • Social Media Marketing Tactics

    Social Media Marketing Tactics
    Social Media Marketing Tactics

    Thu, Feb 2, 2023 10:00 AM PST (-08:00)
    Free
  • Team Leader Tactics - Leadership Workshop

    Team Leader Tactics - Leadership Workshop
    Team Leader Tactics - Leadership Workshop

    Thu, Feb 9, 2023 9:00 AM EST (-05:00)
    CA$35
  • Fraud and Crypto Asset Investments; Criminal Tactics, Recovery Options?

    Fraud and Crypto Asset Investments; Criminal Tactics, Recovery Options?
    Fraud and Crypto Asset Investments; Criminal Tactics, Recovery Options?

    Wed, Feb 8, 2023 3:00 PM GMT (+00:00)
    Free
  • Boost Your Vehicle Service Contract Sales without High Pressure Tactics!

    Boost Your Vehicle Service Contract Sales without High Pressure Tactics!
    Boost Your Vehicle Service Contract Sales without High Pressure Tactics!

    Tue, Feb 7, 2023 1:00 PM EST (-05:00)
    $39
  • Tactical Telephone Sales

    Tactical Telephone Sales
    Tactical Telephone Sales

    Wed, Feb 8, 2023 10:00 AM GMT (+00:00)
    £377.89
  • Digital Marketing and Digital Advertising ( award-winning course)

    Digital Marketing and Digital Advertising ( award-winning course)
    Digital Marketing and Digital Advertising ( award-winning course)

    Thu, Feb 23, 2023 6:00 PM GMT (+00:00)
    Free
  • [LIVE / ONLINE ] Amazon Advertising (PPC) and SEO Training Course

    [LIVE / ONLINE ] Amazon Advertising (PPC) and SEO Training Course
    [LIVE / ONLINE ] Amazon Advertising (PPC) and SEO Training Course

    Wed, Feb 1, 2023 9:00 AM GMT (+00:00)
    £240
  • The 7 Tactical Steps to Launch

    The 7 Tactical Steps to Launch
    The 7 Tactical Steps to Launch

    Fri, Feb 17, 2023 6:00 PM MST (-07:00)
    $59
  • PROFESSIONAL FOOTBALL - TACTICAL SCOUTING AND ANALYSIS WORKSHOP - LEVEL 1

    PROFESSIONAL FOOTBALL - TACTICAL SCOUTING AND ANALYSIS WORKSHOP - LEVEL 1
    PROFESSIONAL FOOTBALL - TACTICAL SCOUTING AND ANALYSIS WORKSHOP - LEVEL 1

    Wed, Feb 22, 2023 7:00 PM GMT (+00:00)
    £65.71 - £76.55
  • Adverse Childhood Experiences w/ Dr. Keely

    Adverse Childhood Experiences w/ Dr. Keely
    Adverse Childhood Experiences w/ Dr. Keely

    Thu, Feb 2, 2023 7:00 PM CST (-06:00)
    Free

Site Navigation

Use Eventbrite

  • How it Works
  • Pricing
  • Eventbrite Boost
  • Eventbrite Mobile Ticket App
  • Eventbrite Check-In App
  • Eventbrite App Marketplace
  • Event Registration Software
  • Content Standards
  • FAQs
  • Sitemap

Plan events

  • Sell Tickets Online
  • Event Planning
  • Sell Concert Tickets Online
  • Event Payment System
  • Solutions for Professional Services
  • Event Management Software
  • Community Engagement
  • Virtual Events Platform
  • QR Codes for Event Check-In
  • Post your event online

Find events

  • Browse Online Events
  • Get the Eventbrite App

Connect with us

  • Report This Event
  • Help Center
  • Terms
  • Privacy
  • CA Privacy Notice
  • Accessibility
  • Community Guidelines
Eventbrite + Ticketfly

© 2023 Eventbrite