Blackhat hackers penetrate enterprise networks in the flash of an eye, ravage endpoints for sensitive data, and silently exfiltrate the keys to your kingdom without ever popping an AV alert, flagging the SIEM, or being blocked by the proxy. Dark Side Ops: Custom Penetration Testing enables participants to "break through" to the next level of sophisticated offensive operations by removing their dependence on 3rd-party penetration testing tools, allowing for outside-the-box thinking and custom tool development leveraging the latest in API abuse and advanced code execution techniques. Participants are provided with hands-on experience into the black hat techniques currently used by hackers to bypass network-based enterprise intrusion detection and prevention systems (IDS/IPS), layer 7 web proxies, and data loss prevention (DLP) solutions. The custom approach doesn't stop there. Participants learn advanced evasion techniques of corporate host-based countermeasures including antivirus and application white-listing solutions by developing, compiling, and deploying custom backdoors, payloads, and persistence deep into protected enterprise networks.
At the end of this course students will be able to:
- Execute PowerShell scripts covertly through in-memory only execution techniques.
- Compile custom code to keylog target workstations, take screenshots, execute Mimikatz, and much more...all while running in memory!
- Build custom payload droppers, beaconing backdoors, and interactive shells.
- Conduct highly targeted and sophisticated custom client-side and social engineering attacks.
- Escalate workstation and network privileges without an exploit.
- Bypass defensive host and network defense countermeasures such as anti-virus applications, firewalls, IDS, IPS, SIEMs, and strict egress filtering.
- Establish custom, stealthy persistence in a target network.
- Pivot undetected throughout a network like a pro using SMB named pipes and other new and novel techniques.
- Exfiltrate data from a target network using custom applications and network monitoring evasion techniques.
- Compile and deploy an advanced, custom HTTP beaconing payload developed internally by the trainers and used regularly on engagements to effectively infiltrate company networks.
Participants will receive source code to a variety of offensive tools, including custom shells, backdoors, C2 listening posts, and social engineering exploitation techniques. To reinforce the knowledge provided by the instruction, participants will complete labs throughout the day, where the coding skills, custom payload delivery, and advanced pivoting techniques from course intrusion will all be necessary.
Go custom or go home! :)
Dark Side Ops: Custom Penetration Testing is ideal for offensive security enthusiasts with an interest in development, who are ready to take their skills beyond tool, script, or fill-in-the-blank penetration testing framework dependence. L33t programming skills are not necessary to enjoy this course. If you're interested in being able to build or modify custom offensive tools to bypass the latest offensive countermeasures, this course is for you. This course is equal parts attack/exploit, malware coding/programming, and hands-on lab environment. Participants will not leave this course disappointed.
Students should have at least:
- a intermediate level of systems administration experience using Windows or Linux.
- some experience with penetration testing techniques or frameworks (Metasploit, Core Impact, etc.).
- some experience with programming (C++, Python, or PowerShell preferred).
Laptop with wireless connection, capable of running two virtual machines simultaneously using either VMware Workstation or Player, 80GB of free disk space and administrator access to allow for modifying network configuration, sniffing traffic, etc.
The Silent Break Security team has been providing offensive security training for over 10 years. As a company, our core philosophy is centered on a deep, technical understanding of real-world attacks backed by the highest standards of quality in all that we do. From the trainers to the training content to the security services, Silent Break Security represents the best.