Red teaming workshop dedicated to improve
participant capabilities during red team assessment
The purpose of the workshop is to improve students red teaming capabilities and stealthiness by covering the following topics:
project management:
- define your goals
- define your scope
Initial foothold:
- efficiently performing phishing
- evasion of URL reputation tool
- payload generation
- infection vectors
- abusing of cloud solutions (office 365, etc.)
- artifacts that should be avoided
lateral movement:
- tools to use to avoid detection as much as possible
- performing efficient recon
- protocols to avoid
- executables to avoid
- escalating privileges on the network without using exploits
- using Windows features against themselves
post exploitation (I have Domain Admin, then what?):
- capturing credentials
- achieving your pre-defined goals
- searching huge organization networks for specific hosts
- targeting the right users
The hands-on lab will cover all of these sections.
Participants should bring:
a computer is required with windows and linux (VMs are fine)
Participants must know or have:
participants need to have basic windows and programming skills.
programming languages:
- python
- c#, c, javascript