Skip Main Navigation
Page Content

Save This Event

Event Saved

Melbourne: Red Teaming - The Offensive Techniques

Mossé Cyber Security Institute

Monday, 3 April 2017 at 9:00 am - Tuesday, 4 April 2017 at 6:00 pm (AEST)

Melbourne: Red Teaming - The Offensive Techniques

Ticket Information

Ticket Type Sales End Price * Fee Quantity
Early Bird Ticket Ended $2,000.00 $0.00
Standard Ticket 31/03/2017 $2,300.00 $0.00
* Prices include GST

Share Melbourne: Red Teaming - The Offensive Techniques

Event Details

Abstract

Mossé Security teaches a unique approach to penetration testing, using deep system knowledge and lesser-known techniques that will arm the student with true offensive capabilities. This class is designed to train students to think beyond the need for known exploits.

This is a unique course that really provides students with the knowledge and skills required to carry out real world attacks, and teaches students how to plan and execute a successful attack against a target, using the same techniques and mindsets that real attackers use.

Alternating between hands-on exercises and lectures the students will walk away having been given the chance to apply and utilize the new skills that they've learned.

  • How real attacks are planned and carried out
  • Unique exploitation techniques that are uncommon public knowledge
  • End to end attack methodologies
  • How to use and deploy true offensive techniques
  • Attacker opsec both on and off boxes

Students will spend a significant amount of time creating their own custom tools in a lab environment. The labs are designed around the students working through the following:

  • Software weaponization and custom payload creation
  • Web recon and how automation works for you
  • Initial exploitation vectors from basic to advanced
  • Command and Control
  • Lateral movement with custom tools
  • Stealth
  • Evading detection on all levels
  • Exploiting both Windows and *Nix networks
  • Abuse of PAM authentication for lateral movement

Students will test all of the skills they have gained in the course against a target network specially designed for the class. The labs will be interwoven into the lecture so that students will receive a significant amount of time to practically exercise these new skills as they learn. By the end of the class students will have spent roughly 50% of the time in a lab environment.

Course Outline:

Introduction

  • Introducing the fundamentals
  • Introducing the mentality for Offensive Hacking Operations

Weaponization Software

  • The basics of MSF and why attackers don’t really use it
  • Attacker toolsets
    • How to steal exploits from metasploit, exploit packs, etc
    • Using eclipse and jdk-gui for customizing the exploit
    • Delivering the exploit and custom payloads
  • Rapid malware prototyping with other languages and platforms
    • Concepts of malware and capabilities
    • Learning Autoit
    • Developing some simple tools
  • Utilize Sieve (Attack Research's php web phishing tool)
  • Java exploitation techniques

Initial Exploitation

  • Real attacker versus penetration testers reconnaissance techniques
  • Web hacking techniques for Black Hats
  • Building tools to automate reconnaissance exercises
  • Using Powershell and Autoit to avoid detection

On Host

  • Undertaking reconnaissance on users registry and file systems
  • Introduction to Windows Securable Objects
  • Identifying securable object vulnerabilities for root
  • Finding assets on a network like a true attacker
  • Event log scraping
  • Bypassing anti-virus and next-gen enterprise security products
  • Powershell ISE 0day
  • Shadow Copy and Persistence

Lateral Movement

  • Abusing Single Sign On
  • Building your own mimikatz for evasion
  • Pass the Hash techniques without passing the hash
  • Mastering WMI + Powershell
    • WMI for code execution on remote hosts
    • Building your own WMI + Powershell toolkit

Student Requirements

Student laptops must be running OSX, Linux, or Windows and they must have the ability to disable all antivirus on the machine. You must have administrative access on your machine as well for sniffing traffic, adjusting firewalls, etc, etc.

No prior Red Teaming experience is necessary.

About Your Trainer

Among professionals in the security industry, Benjamin Mossé is regarded as an ethical innovator. His company offerings comprise varied IT services with specific focus on attack simulations and intelligence. Mossé Cyber Security Institute provides cyber security courses, trainings and workshops geared for IT techs and other corporate employees spanning various industries, government bodies, and institutions.

Benjamin Mossé conducts over 300 technical security assessments, numerous of them Red Team exercises which have involved complex and multi-faceted approaches to be precisely coordinated. In this workshop, Benjamin Mossé shares some of the best techniques he has used to compromise an estimated 30,000 machines in the last 8 years.

Terms and Conditions for Mossé Cyber Security Institute Courses

  • Payment is required at the time of booking.
  • Cancellation notifications after 14 days prior to course commencement date are not eligible for refund.
  • Cancellations received between 15 and 28 days prior to course commencement will be charged 50% of the course fee.
  • Students are allowed 1 reschedule per class. Transfers received between 15 – 28 days prior to course commencement will be charged a $300 (incl GST) administrative fee. The new session date must be given at the time of the reschedule notification and rescheduled classes must be taken within 6 months of original scheduled date.
  • Transfers received 14 days or less prior to course commencement will be charged 50% of the course fee. The new session date must be given at the time of the reschedule notification and rescheduled classes must be taken within 6 months of original scheduled date.
  • Payment must be made in full prior to any rescheduling.
  • Student substitutions can be made in writing 48 hours prior to a class start.
  • If a student does not attend a scheduled session, there will be no refund or reschedule given. Payment is forfeited.
  • Mossé Security reserves the right to cancel a course and will endeavour to provide participants with as much notice as possible. Upon cancellation, any fees already paid by the participant will be refunded.
Have questions about Melbourne: Red Teaming - The Offensive Techniques? Contact Mossé Cyber Security Institute

Save This Event

Event Saved

When & Where


The Cluster
Level 17
31 Queen Street
Melbourne, Victoria 3000
Australia

Monday, 3 April 2017 at 9:00 am - Tuesday, 4 April 2017 at 6:00 pm (AEST)


  Add to my calendar
Melbourne: Red Teaming - The Offensive Techniques
Things to do in Melbourne Class Science & Tech

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.