Sophisticated adversaries are constantly setting and raising the bar for what are considered advanced attacks. Stealthy persistence, log and disk-less pivoting, advanced malware, custom exploitation, and unrelenting privilege escalation are just a few traits that comprise advanced adversarial trade craft. Adversary simulation is the next step in red team operations to better mimic the stealth, sophistication, and persistence of real-world adversaries. Challenge yourself to Dark Side Dev: Adversary Simulation, and move beyond reliance on the "low-hanging exploitable fruit" of unpatched systems, local admin privileges, clear-text passwords, and easy egress.
Dark Side Ops II: Adversary Simulation builds on Silent Break Security's Dark Side Ops: Custom Penetration Testing training by furthering participants' abilities to think, operate, and develop tools just like sophisticated, real-world attackers. If you want to 1) build confidence in your offensive approach and capabilities, 2) learn about and implement the techniques of stealthy malware and backdoors, and 3) achieve the operational results of a sophisticated adversary, then Dark Side Ops II: Adversary Simulation is for you. Dark Side Ops II: Adversary Simulation provides participants with hands-on labs over an intense, two-day course.
- Discover new external attack techniques to gain stealthy internal network access without social engineering
- Leverage configuration weaknesses to fully compromise database servers
- Reverse engineer .NET applications to identify 0-day vulnerabilities
- Bypass even the tightest of egress controls through custom code execution techniques
- Learn about and perform disk-less pivoting techniques
- Implement the latest in code and DLL injection techniques completely undetectable by AV
- Learn about and bypass the latest in application whitelisting
- Prevent and block defensive incident responders from analyzing your tools, payloads, and backdoors
- Build easy-to-use and versatile malware, backdoors, and loaders to diversify your toolset and capabilities
As part of the course, participants will receive access to multiple virtual machines where their skills and proficiency will be challenged through a series of intense, hands-on lab exercises. Participants will also be provided with a LOT of custom code to facilitate their learning process and push them to consider improved attack techniques and new attack vectors.
Dark Side Ops II: Adversary Simulation is ideal for offensive security enthusiasts with an interest in development, who are passionate about security and anxious to improve their skills beyond basic tool/script usage. Penetration testing experience performing reconnaissance, launching exploits, and post-exploitation is beneficial, but not required.
Participants should have at least:
- An intermediate level of systems administration experience using Windows or Linux.
- Some experience with penetration testing techniques or frameworks.
- Some experience with programming (.NET, Python, C++, or PowerShell preferred).
A Laptop with the following capabilities:
- Administrator access to allow for modifying network configuration, sniffing traffic, etc.
- Wireless connection
- Capable of running two virtual machines simultaneously using either VMware Workstation or Player
- 80GB of free disk space
Participants will receive course materials and lab manuals as well as TONS of custom code.