Intrusion Operations

Course Description:

Modern day attackers are relentlessly developing new tradecraft and methodologies that allow them to successfully compromise hardened targets for a variety of motivations. While it may look easy from the outside, there are many latent steps that attackers take to ensure their success. Our job as red teamers is emulate this attack life cycle in an effort to identify and remedy these vulnerabilities.

Attackers bring unique perspectives, tools, and resources to the table in their efforts to accomplish their goals, requiring organizations to do the same by consistently applying new defensive technologies and procedures to prevent their environment from being breached. When conducting a red team assessment against organizations with mature security programs, you need to ensure you are using the latest tradecraft and techniques to help avoid detection. That's where we come in!

Step by step, we will take you through the attacker lifecycle and capture best practices that you can follow to protect your access. You will start with no information, build a profile on your target, persist within their environment, bypass modern defenses, and achieve the goals of your test. We will immerse students in a new environment and require the application of techniques taught throughout the class. You're going to learn methods to capture information about your target before even gaining access, writing custom malware to evade detection, use the latest application whitelisting bypasses to survive and compromise protected systems, develop strategies for persisting within the target environment, and accomplishing the goals of your assessment.

We are pulling back the curtain! The methods we teach are based upon past-experience in real world scenarios that FortyNorth Security has used to compromise and maintain access while avoiding detection by the target's blue team. Upon completion of the class, you will have an arsenal of new techniques that can be utilized to yield highly successful assessments. If attending while in a blue team capacity, you will have the ability to see what tools and techniques modern attackers are using to compromise hardened environments and develop techniques to help protect your organization.

Bio:

Christopher Truncer (@ChrisTruncer) is a co-founder and Offensive Security Lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing toolsets. Chris began developing tools that are not only designed for the offensive community, but can enhance the defensive community's ability to defend their network as well.