Masterclass: Red Team – Blue Team Operations
Al. Jerozolimskie 134, Warsaw, Poland
September 16th-20th, 2019

Register Now

What is this course about

This is a deep dive course on Red Team – Blue Team Operations: the cyber kill chain – reconnaissance, attack planning and delivery, system exploitation, privilege escalation and lateral movement, anomalies detection, discovery of industry attacks and threats, understanding how compromised system or solution looks like, defining the indicators of the attack, and incident handling. There are only 15 seats available, so hurry up!

Who is it for

Red team and blue team members, enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Take-away

On completion of this course you will be able to:
• Analyze emerging trends in attacks
• Identify areas of vulnerability within your organization
• Prepare a risk assessment for your organization
• Report and recommend countermeasures
• Develop a threat management plan for your organization
• Organize Red Team – Blue Team exercises

Course Syllabus

Module 1

Identifying Areas of Vulnerability

 

    1. Defining the assets which your company needs to protect
    2. Defining the other sensitive information that needs to be protected

Module 2

Modern Attack Techniques

 

  • 1. OS platform threats and attacks
  • 2. Web based threats and attacks
  • 3. E-mail threats and attacks
  • 4. Physical access threats and attacks
  • 5. Social threats and attacks
  • 6. Wireless threats and attacks

Module 3

Reconnaissance

 

  • 1. Open Source Intelligence (OSINT)
  • 2. Google hacking
  • 3. Social Media presence
  • 4. DNS
  • 5. Shodan
  • 6. Physical reconnaissance
  • 7. Port scanning
  • 8. Service discovery
  • 9. SIEM
  • 10. Intrusion Prevention Systems

Module 4

Weaponization

 

  • 1. Generating malicious payload
  • 2. Hiding malicious content in Office Suite documents
  • 3. Reverse shells
  • 4. Metasploit
  • 5. Empire
  • 6. AV evasion techniques

Module 5

Delivery

 

  • 1. Building phishing campaign
  • 2. Planting malicious device
  • 3. Attacks on 3rd parties
  • 4. Enabling phishing protection
  • 5. O365 / Safe links
  • 6. Smart Screen
  • 7. Secure proxy
  • 8. Sinkholing
  • 9. APT campaigns

Module 6

Exploitation and Installation

 

  • 1. Types of vulnerabilities
  • 2. Establishing foothold
  • 3. Stage-less and staged payloads / C&C
  • 4. Anti-Virus
  • 5. Firewall
  • 6. Application Whitelisting
  • 7. WDAC
  • 8. Living Off the Land Binaries
  • 9. Exploit Guard
  • 10. AMSI

Module 7

Privilege escalation

 

  • 1. Privileged accounts
  • 2. System services security
  • 3. Common misconfigurations
  • 4. Security tokens
  • 5. Just Enough Administration
  • 6. Patch maintenance

Module 8

Lateral movement

 

  • 1. Credential harvesting
  • 2. Mimikatz
  • 3. Network reconnaissance
  • 4. Building network map
  • 5. Responder
  • 6. Pass-the-hash
  • 7. Pass-the-ticket
  • 8. Credential Guard
  • 9. LAPS
  • 10. GPO policies
  • 11. Windows ATA
  • 12. Defender ATP

Module 9

Persistency

 

  • 1. Sleeping agents
  • 2. Piggybacking on network packets
  • 3. Rootkits
  • 4. Sysinternals
  • 5. Searching for rogue servers
  • 6. Looking for network anomalies
Register Now

Click here to browse the modules:

Your teacher

Mike Jankowski-Lorek

Security Database and Machine Learning Expert CQURE

The course is delivered by Dr. Mike Jankowski-Lorek – Cloud Security and Database Expert with more than 12-years’ experience in the field. Mike designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform for medium to enterprise-level organizations. Mike holds multiple certifications, especially security, database and software development related. He holds a Ph.D. in Computer Science.

Prerequisites

Experience

You should have good hands-on experience in administering Windows infrastructure. At least 8 years in the field is recommended.

PRICES

 
Early Bird: 2500 EUR + 40 EUR (lab fee) valid until July 12
 
Regular price: 2750 EUR + 40 EUR (lab fee)

 
If you have any question or request, you can contact us at training@cqure.pl
If we cancel training after your order, you will be refunded the full price of the training.

×