Red Team Adversary Emulation, focuses on approaching an organization’s security from the view of a real-world adversary. In this course, we perform a live Adversary Emulation exercise and try to steal customer data of a FinTech startup. We are hired by a FinTech startup to conduct an adversary emulation exercise and steal their customer data (before an actual adversary). This exercise assumes zero knowledge about the target network.
During an adversary emulation exercise we mimic a real world cyber attack with a specific objective, such as stealing customer data, launching a ransomware attack etc. This course follows the Red Team Operations Attack Lifecycle to conduct this exercise. We go through each phase in a step-by-step manner and build our attack path as we move ahead. We employee a variety of techniques, such as
- Active and passive information gathering
- Gaining foothold into the network
- Host Discovery
- Privilege Escalation (Linux and Windows)
- Automated Active Directory domain enumeration
- Persistence via command and control center
- Active Directory attacks
to achieve our objective. Upon completion of the exercise, we will prepare and submit a report to the organization’s management.
This course also covers installation and usage of tools such as, PoshC2, Mentalist, BloodHound, Mimikatz, Metasploit, PowerUp, icacls, PowerShell etc.
This is a beginner friendly course. If you have just started your career in offensive cybersecurity or are preparing for penetration testing exams then this course is for you. If you are already a penetration tester or a red teamer, with a few years of experience under your belt, then you would already know most of the above mentioned techniques. However, if you are interested in witnessing a live adversary emulation exercise, please feel free to follow along.
Who this course is for:
- Students curious about conducting a real-world security engagement
- Students preparing for penetration testing certifications
- Beginners in Red Teaming
- Cybersecurity Professionals
- Information Security Managers
What you’ll learn
- How to plan and manage adversary emulation exercise
- Difference between red teaming and adversary emulation
- MITRE ATT&CK Framework
- Red team operations attack lifecycle
- How to conduct adversary emulation exercise on a live organization
- Open Source Intelligence (OSINT) techniques to gather information
- Weaponizing exploits to gain foothold into the network
- Password brute-forcing using custom generated lists
- Phishing an employee
- Escalating Privileges on Linux and Windows systems
- Active Directory enumeration using BloodHound
- Active Directory attacks
- Establishing persistence via PoshC2 (command and control center software)
- Creating an engagement report
How to block Zippyshare ads – https://youtu.be/f9Q8WGL-2MA
Free Download Links-
Note: Comment below if you find the download links dead and comment with fake or temporary Email-id is going to be ignored.