On This Page

Dark Side Ops II: Adversary Simulation

Silent Break Security | December 4 - 5



Overview

Sophisticated adversaries are constantly setting and raising the bar for what are considered advanced attacks. Stealthy persistence, log and disk-less pivoting, advanced malware, custom exploitation, and unrelenting privilege escalation are just a few traits that comprise advanced adversarial trade craft. Adversary simulation is the next step in red team operations to better mimic the stealth, sophistication, and persistence of real-world adversaries. Challenge yourself to Dark Side Dev: Adversary Simulation, and move beyond reliance on the "low-hanging exploitable fruit" of unpatched systems, local admin privileges, clear-text passwords, and easy egress.

Dark Side Ops II: Adversary Simulation builds on Silent Break Security's Dark Side Ops: Custom Penetration Testing training by furthering participants' abilities to think, operate, and develop tools just like sophisticated, real-world attackers. If you want to 1) build confidence in your offensive approach and capabilities, 2) learn about and implement the techniques of stealthy malware and backdoors, and 3) achieve the operational results of a sophisticated adversary, then Dark Side Ops II: Adversary Simulation is for you.
Dark Side Ops II: Adversary Simulation provides participants with hands-on labs over an intense, two-day course.

  • Discover new external attack techniques to gain stealthy internal network access without social engineering
  • Leverage configuration weaknesses to fully compromise database servers
  • Reverse engineer .NET applications to identify 0-day vulnerabilities and decryption keys
  • Bypass even the tightest of egress controls through custom code execution techniques
  • Learn about and perform disk-less pivoting techniques
  • Implement the latest in code and DLL injection techniques completely undetectable by AV
  • Learn about and bypass the latest in application whitelisting
  • Prevent and block defensive incident responders from analyzing your tools, payloads, and backdoors
  • Build easy-to-use and versatile malware, backdoors, and loaders to diversify your toolset and capabilities


As part of the course, participants will receive access to multiple virtual machines where their skills and proficiency will be challenged through a series of intense, hands-on lab exercises. Participants will also be provided with a LOT of custom code to facilitate their learning process and push them to consider improved attack techniques and new attack vectors.

Go custom or go home!

Who Should Take this Course

Dark Side Ops II: Adversary Simulation is ideal for offensive security enthusiasts with an interest in development, who are passionate about security and anxious to improve their skills beyond basic tool/script usage. Penetration testing experience performing reconnaissance, launching exploits, and post-exploitation is beneficial, but not required.

Student Requirements

Participants should have at least:
An intermediate level of systems administration experience using Windows or Linux.
Some experience with penetration testing techniques or frameworks (Metasploit, Core Impact, etc.).
Some experience with programming (.NET, Python, C++, or PowerShell preferred).

What Students Should Bring

A Laptop with the following capabilities:
  • Administrator access to allow for modifying network configuration, sniffing traffic, etc.
  • Wireless connection
  • Capable of running two virtual machines simultaneously using either VMware Workstation or Player
  • 80GB of free disk space

What Students Will Be Provided With

Participants will receive course materials and lab manuals in electronic PDFs, as well as TONS of custom code.

Trainers

Brady Bloxham is founder of Silent Break Security where he focuses on improving the information security industry by helping organizations understand how attacker's think, operate, and covertly exploit company networks. This unique insight originates from Brady's days working for the NSA, United States Air Force, and DoD contractors. While working for the government, Brady earned multiple awards for exceptional performance in conducting cyber-operations and development of custom capabilities. Brady continues to research and develop custom Windows pen testing tools and persistence techniques, and has contributed to and been mentioned in several books, including "Professional Penetration Testing". Sharing much of the research and tool development, Brady enjoys speaking and training at DEF CON, DerbyCon, Black Hat, ISSA, ISACA, and other security conferences.