CyberArk Red Team TTP
Summary
Description
Objectives
Upon completion of this course the participant will be able to:
Understand different tactics, techniques and procedures utilized by attackers
Understand the operational consideration of targeted adversaries
Know how to test security products by executing custom attacks
Know how to better identify indicators of malicious activities
Audience
Individuals who will be responsible for SOC activities
Blue-Teamers / Threat hunters
Anyone who is interested in offensive security
Penetration testers / Red-Teamers
Prerequisites
Technical Prerequisites:
- Computer with Internet connectivity
- Web browser that supports HTML5
Course Prerequisites:
- Basic Windows knowledge Basic
- UNIX/Linux knowledge
- Basic Scripting or Programing Experience (recommended)
Outline
Code execution
Opsec / non opsec safe code execution
AV/EDR evasion
Application whitelisting bypass
Memory injection
Custom implants
Covert Channels
Staged vs stateless payloads
Http / https based c2 communication
SMB DNS Application layer
C2 Domain fronting Persistence
Windows native persistence
On disk persistence
Fileless malware
Dll hijack Privilege escalation
Understanding Windows privileges
Common privilege escalation
3rd party escalation
Fuzzing for windows privesc vulnerabilities
Lateral movement
Situational awareness
Abusing credentials for lateral movement
Understanding protocols usage during lateral movement
Pivoting segmented networks