€3,206.50

Adversary Tactics - VRO Training Course - EU - June 2022

Actions and Detail Panel

€3,206.50

Event Information

Share this event

Date and time

Location

Location

Hilton Brussels Grand Place

3 Carrefour de l'Europe

1000 Bruxelles

Belgium

View Map

Refund policy

Refund policy

Refunds up to 7 days before event

Event description
Hybrid Event - This course will take place onsite in Brussels and online, using virtual software to stream live instructors.

About this event

Hybrid Event

This course will take place both In Person in Brussels and Live Online (using virtual software to stream live instructors). Course scheduled delivery hours will be 9:00AM to 5:00PM CET.

Limited In Person seating is available on a first-come, first-served basis. If you would like to attend In Person, select the "In Person ticket type" during registration.

Confirmed attendees will receive logistics information one week prior to the event.

-----------------------------------------------------------------------------

COVID Safety Protocols

  • Vaccine Status: All attendees and staff must be fully vaccinated to attend trainings. Vaccine verification will be conducted onsite.
  • Masks: Masks must be worn by everyone in attendance. Masks should be well-fitting and cover the nose and mouth.
  • Hand Sanitizing & Washing: Hand sanitizing stations will also be available throughout the training space. We encourage people to wash their hands frequently.
  • Social Distancing: Seats within the classrooms will be laid out to provide six feet of spacing between students. As for social distancing while not in your seat, we ask that you do your best and keep your mask on.
  • Testing: Testing options will be provided onsite.

-----------------------------------------------------------------------------

Relying on publicly available and stock tooling to leverage weaknesses in enterprise Windows environments to execute effective red team operations is becoming increasingly difficult. However, complex environments, with custom applications and configurations, often contain significant exploit potential attackers could utilize. Red team operators capable of taking advantage of these weaknesses can simulate more advanced adversaries, and help organizations remove difficult to identify attack chains. This course teaches the methodology and tools to find, triage, and utilize exploitable vulnerabilities on Windows systems in time-sensitive engagements. You will dive into the vulnerability classes that SpecterOps routinely finds in mature environments and practice methods of identification, triage, and exploitation.

Course Summary

During red team operations, operators often find themselves in situations with no obvious path to escalate and break out of the beachhead - target systems are patched, automated tooling doesn't detect abusable misconfigurations, exploitation frameworks fall flat, and the common manual analysis techniques are exhausted. In these situations, an operator's ability to rapidly find and triage previously undisclosed vulnerabilities can mean the difference between achieving objectives and providing an effective red team engagement or remaining stuck on that beachhead and backtracking in pursuit of other avenues.

In Adversary Tactics: Vulnerability Research for Operators, you will learn an operator-focused approach to find the vulnerabilities needed to escalate privileges, execute arbitrary code, or facilitate lateral movement in Windows environments. We will give you the methodology and identify tools to find these weaknesses during active operations, when costly lead time and dedicated lab environments are unavailable. This course covers the vulnerability classes that SpecterOps routinely finds on engagements and dives into their root causes, identification techniques, and exploitation methods. Finally, you will learn to make each vulnerability operational with hands-on exercises designed for various experience levels (from beginner to advanced). You don't need to be an exploitation wizard to achieve success as a red team operator, but you will find the ability to quickly triage and operationalize concepts presented will increase your effectiveness when operating in mature environments.

Course Syllabus

Day 1:

  • Introduction to Vulnerability Research
  • Tools of the Trade
  • Windows Access Control List (ACL) Abuses
  • .NET Vulnerabilities

Day 2:

  • Interprocess Communication (IPC)
  • File & Protocol Handlers
  • File System Bugs
  • Driver-Based Vulnerabilities
  • Vulnerability Disclosure

Student Requirements

This course is not for beginners and includes a team-based, on-keyboard execution of complex red team tradecraft, vulnerability identification, and exploitation. Participants should be comfortable with penetration testing and red team concepts and tools, and generally familiar with Windows internals.

Hardware Requirements

  • Internet Connection
  • 8GBs of RAM
  • Modern Web Browser capable of rendering HTML5

Accommodations

Training will be taking place at the Hilton Brussels Grand Place in Brussels, Belgium.

FAQs

How can I contact the organizer with any questions?

Please email info@specterops.io with any questions.  

What's the refund policy?

Full refunds will be provided up to 7 days before the course start date.

Share with friends

Date and time

Location

Hilton Brussels Grand Place

3 Carrefour de l'Europe

1000 Bruxelles

Belgium

View Map

Refund policy

Refunds up to 7 days before event

{ _('Organizer Image')}

Organizer SpecterOps

Organizer of Adversary Tactics - VRO Training Course - EU - June 2022

Save This Event

Event Saved