Attending this event?
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
View analytic
Tuesday, January 22 • 9:00am - 5:00pm
Real World Red Team Attacks [Day 1 of 2]

Sign up or log in to save this to your schedule and see who's attending!

Course Abstract

The days of exploiting MS08-067, encoding with Shikata Ga Nai, and blindly scanning are gone. Both Blackhat hackers and pentesters alike have shifted to using more advanced techniques to bypass AV, implement a smaller footprint to evade SIEM detection, and continually stay persistent to devastate enterprise networks. If you are looking to take your craft to the next level, this is the primer course for you.

This training course was custom developed to put you right in the action and simulate real world red team attacks. You'll take the approach as a red teamer to social engineer your way into a company, gain information about the network, pivot to valuable resources, and gain access to all the company's secrets.

This isn't your average pentest course! We built the labs around what we are seeing as red teamers.

Training Syllabus

Day 1:

- Red Team Mindset
- Recon
- Creating Malware For Your Campaigns
- Setting Up C2 Servers
- Social Engineering
- Compromise Your Victims
- Living Off The Land
- Moving Laterally In Windows/Active Directory

Day 2:

- Pivoting/Lateral Movement in Linux
- Compromising Common Applications for Post Exploitation
- DNS C2 And Network Limitations
- Local Linux Privilege Escalation
- Creating Valuable Reports

Upon Completion of this training, attendees will know:

How to think like the bad guys do
How to evade AV and network detection tools
How to get around Windows protections
How to live off the land
How to write valuable reports to improve security

Attendees should bring:

Laptop with:
- administrator access (to disable host firewall)
- network connectivity and dongles
- capacity to run two virtual machines simultaneously using either VMware Workstation or Player or Fusion (for OS X).
- 30GB of free disk spaces

And, a passion to learn!

Pre-requisites for attendees:

Familiarity with Metasploit and similar tools
Basic understanding of penetration testing methodology and tools
Basic GNU/Linux command line
Basic understanding of Active Directory

avatar for Peter Kim

Peter Kim

Director of Vulnerability Research, Blizzard Entertainment
Peter Kim has been in the information security industry for the last 12 years and has been running red teams/penetration testing for the past 8 years. He has worked for multiple utility companies, Fortune 1000 entertainment companies, government agencies, and financial organizations.He... Read More →

Tuesday January 22, 2019 9:00am - 5:00pm
Club Room
Feedback form isn't open yet.