Course Objectives
- Understand how to perform a red-team simulated attack exercise from planning, through execution to delivery and lateral movement.
- Identify the tools that you will need to successfully run a simulated attack exercise.
- Consider the risks to client’s systems from executing a simulated attack and be able to list some measures you can take to minimise these risks.
- Learn how to identify and exploit weaknesses on the internal network whilst minimising the chance of discovery.
- Test yourself against a real-life exercise.
Course Outlines
- This course is designed to introduce you to the techniques used to simulate advanced attacks against client’s networks.
- The focus will be on executing the tactics used by real threat groups in the wild such as spear-phishing and browser based attacks, followed by operating covertly within a client’s network.
- These simulations are sometimes referred to as “red-teaming”.
- It covers exploitation of the human factor to gain a foothold on clients’ networks, how to establish communications in modern corporate networks and how to exploit weaknesses within internal networks from outside the perimeter.
- The course will focus primarily on corporate Windows networks with common security controls in place, including detective and monitoring controls.
Duration
To-be-confirmed