SecurityBSides Trainings

Course Description

Adversary Tactics: Red Team Operations immerses participants in a single simulated enterprise environment, with multiple networks, hardened endpoints, modern defenses, and active network defenders responding to red team activities. We will focus on in-depth attacker tradecraft for post-initial access; breaking out of the beachhead, establishing resilient command and control (C2) infrastructure, gaining situational awareness through OPSEC-aware host and network enumerations, performing advanced lateral movement and sophisticated Active Directory escalation, gaining persistence (userland, elevated, and domain flavors), and performing advanced Kerberos attacks, data mining, and exfiltration. All while focusing on the importance of “offense-in-depth,” the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques. Come learn to use some of the most well-known offensive tools from the authors themselves, including co-creators and developers of PowerView, PowerShell Empire, Covenant, Mythic, Rubeus, GhostPack, and BloodHound.


  • be able to read simple C++ code and simple scripts
  • be familiar with writing basic scripts using python/ruby/…
  • be ready to dive into a debugger and read asm for hours and hours and hours
  • be ready to think out of the box and have a strong desire to learn
  • be fluent with managing Windows / Linux operating system and with using vmware workstation/virtualbox
  • be familiar with using Metasploit (msfconsole, msfvenom, meterpreter)

Instructor Bio - TBA


Key Learning Objective

Understanding Stack Buffer Overflows

Advanced Techniques in Exploit Development

Memory Protection Bypass Techniques

Exploitation Techniques Update and Optimization

Introduction to x64 Stack-Based Exploitation

Understanding the Mechanics of Exploitation

Exploit Detection and Protection

Return Oriented Programming (ROP)

Bypassing Memory Protections

Real-world Application and Practice