3-Day Training: Red Teaming as a Service – Simulating Blackhat Attacks for Organisations (Amsterdam, Netherlands – May 6-8, 2019) – ResearchAndMarkets.com

Training: Red Teaming as a Service: Simulating Blackhat Attacks for
training has been added to ResearchAndMarkets.com’s

The goal of the training is to give a red teamer’s perspective to
hackers and penetration testers who want to up their game of VAPT. We
will start first with the fundamental concepts of red teaming and its
process followed by differentiating how red-teaming is different than
normal pentesting and the benefits of having a red-teaming approach
towards application security testing.

After this, the training will build upon from the ground up starting
with the fundamental concepts of Information Gathering and Recon +
various un-common tools and techniques to gather much more information
about a target. We will then share red-teaming techniques for VA of Web
and Mobile Applications where we will discuss various tools and tricks
to find more bugs which will be followed by exploitation and data
extraction methodologies. Not only will we be going through various
automated tools and manual analysis, but the focus will also be on
making the tools work efficiently and effectively by tweaking and
debugging them.

This will also include multiple case studies of interesting Business
Logic vulnerabilities and how to spot them. Then we will cover numerous
pivoting and privilege escalation mechanisms that help a red teamer move
swiftly inside a corporate network without alerting the SOCs. The
training will be packed with tons of real-life case studies we encounter
during our staple + BONUS: A step by step case study of how we owned
various pharmaceutical devices inside a corporate manufacturing network
of a million dollar pharma client who wanted more than VAPT.

Key Learning Objectives

  • Red Teaming and its approaches
  • Setting up a lightweight testing environment for maximum efficiency
  • OSINT techniques
  • Hunting for bugs and vulnerabilities that slip past automated scanners
  • Manual Exploitation of critical vulnerabilities and customizing public
    tools to work better
  • Data exfiltration techniques
  • Network Pivoting
  • Being stealthy, clean yet efficient while walking inside corporate
  • Interesting Case Studies

Prerequisite Knowledge

  • VAPT Basics
  • Network and OS Basics
  • OWASP Top 10
  • SANS Top 25

Hardware/Software Requirements

  • Laptop with Linux (Kali preferred in Virtual Machine) and min 4 GB ram
    (8 GB if VM)
  • Working Internet Connection via LAN and WiFi
  • Basic pentesting tools like Burp Suite (Pro preferred), Sqlmap and
    scripting engines like python and perl etc
  • Virtualbox/VMware


Time: 9.00am – 6.00pm

Day 1

  • Introduction
  • What we do
  • What is the training going to be about
  • Lab Setup for real-life red teaming
  • Red Teaming techniques, methodologies and tricks across phases of VAPT
  • Real life Case studies, interesting hacks and how they were done
  • Red Teaming – What and Why
  • The process
  • Demand: A complete black box red teaming exercise to test how well the
  • existing security team is doing
  • Information: The name of the organisation and the most critical assets
  • VAPT Process to follow:
  • Information Gathering and Recon
  • Asset Mapping and Level 2 Recon
  • Vulnerability Assessment – P0s and P1s only
  • Penetration – Find the single most critical point of entry that will
  • lead us quickest to the HVTs
  • Escalate pivot Escalate pivot. till we own everything
  • Assess the damage on each pawned asset
  • Lab setup
  • Environment
  • OS
  • Security Configuration
  • Tools to install
  • Pro Tips
  • Information Gathering and Recon
  • Why
  • What to gather – Domains, subdomains, IP ranges, server arch, other
  • online devices, emails, leaked passwords, SSL signatures, Whois,
  • organisations, related people, web applications, mobile applications,
  • development technologies used, etc
  • How to gather – Automated and Manual Recon
  • Asset Mapping and Level 2 Recon
  • Identifying critical assets
  • Per-asset recon – Port and Service Enumeration, Web App technology
  • stacks, Server software in use, Mobile app stack, Physical network
  • architecture, domain history, server hosting history, Employee History
  • ,Social Media Presence etc
  • Web Application Wreakage
  • Information gathering on web apps and servers
  • Subdomain harvesting,Zone Walking
  • Shodan and Censys
  • Hunting Directorys
  • Port and Service Scanning
  • Public Exploits
  • Vulnerabilities we will look at:
  • Uncommon SQLis
  • Command execution
  • Code Injection
  • Shell Uploads
  • File Inclusions
  • Business Logic Flaws
  • Payment Gateway Flaws
  • Authentication /Authorisation flaws (Vertical And Horizontal)
  • IDORs
  • SSRF
  • XXE
  • Security Misconfigurations
  • Brute force/ Rate-limiting Flaws
  • Attacking CMS – WordPress, Drupal, Joomla

Day 2

  • Interesting Case Studies and Bypassing Tricky Firewalls
  • Pivoting From Web apps to Servers and Servers to Network
  • Gaining server access
  • SQLi
  • Shells
  • File inclusions
  • Command/Code injection
  • XXE
  • Misconfigured Services
  • Components with vulnerabilities
  • Lab Setup
  • Metasploit with DB
  • Workspaces and importing Nmap scans
  • Team Server and Armitage
  • FUD Reverse Shell tricks
  • Privilege escalation
  • Local exploits
  • Exploiting misconfigurations
  • Poweshell exploitation
  • Automating Domain Controller takeover
  • Looting passwords, hashes, tokens and much more
  • Network Pivoting
  • Passing the hash
  • Manual Pivoting
  • Multi Level Pivoting
  • Hacking from within
  • Data Exfiltration techniques
  • Reporting
  • Tips to avoid making noise in the network
  • Case Studies

Day 3

  • Practice and Doubts
  • Live Hacking Challenges on Vulnerable Environments
  • Walkthrough for challenges after completion

For more information about this training visit https://www.researchandmarkets.com/research/t73bg4/3day_training?w=4


Laura Wood, Senior Press Manager
E.S.T Office Hours Call 1-917-300-0470
For U.S./CAN Toll Free Call
For GMT Office Hours Call +353-1-416-8900
Topics: Professional
Development and Training

Thank you for donating to DutchNews.nl.

We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.

Make a donation