Mastering Red Team Operations

During this 5-day course in 35 hours of super intensive training you will gain crucial cybersecurity knowledge and skills in terms of Mastering Red Team Operations. Moreover, you will be able to:

• Get the highest quality and unique learning experience – the class is limited to 16 participants by default.
• Get the opportunity to interact with our world-renowned Experts.
• Go through CQURE’s custom lab exercises and practice them after the course.
• Receive a lifelong certification after completing the course!

This Live Virtual Class consists of 9 Modules in terms of Mastering Red Team Operations. They include essential theory combined with individual practice during the exercises as well as loads of hands-on tools and real-case scenarios.

Module 1: APT Attacks & Red Team Infrastructure on AWS

• What is an APT Attack?
• Attack Stages & MITRE ATT&CK Framework
• APT Attack Lifecycle
• Real-wordl APT Attacks Analysis
• Setting Up Infrastructure in AWS & Terraform
• Building Caldera C2 Infrastructure

Module 2: Phishing & Social Engineering Mastery

• Creating and Phishing Platform with GoPhish
• Building Phishing Pages with EvilGinx 2
• OSINT-based Phishing Planning
• 2-Factor Authentication Bypass Techniques

Module 3: Initial Access Techniques

• Spearphishing with Malicious Documents
• Advanced LNK File Techniques
• COM Object File Techniques
• Hands-on Spearphishing Lab

Module 4: HTTP Malware Development

• Buidling AWS Test Environment
• Implementing Caldera C2 Communication
• Data Encoding & JSON Parsing
• Command Execution Framework

Module 5: Advanced Malware Features

• Plugin Framework Implementation
• Keylogger Development
• Advanced Persistence Methods
• DLL-Based Malware Techniques

Module 6: Privilege Escalation Development

• UAC Bypass Implementation
• Application Shimming Techniques
• Service-Based Escalation
• SYSTEM Account Access

Module 7: Malware Obfuscation

• String Encyption Implementation
• Dynamic API Loading
• Steganography Techniques
• Anti-Analysis Methods

Module 8: Network Trafic Obfuscation

• HTTPS Communication
• DNS-ICMP Channel Development
• Traffic Steganography
• HTML Smuggling Implementation

Module 9: EDR Bypass Techniques

• Process&DLL Injection
• API Unhooking Methods
• Invisible Process Injection
• AppLocker Bypass Development

Module 10: Credential Access

• LSASS Memory Dumping
• Token Impersonation
• RDP Session Hijacking
• Credential Extraction

Module 11: Domain Controller Attack Path

• Pass-the-Hash Implementation
• Kerberos Attack Development
• Golden Ticket Creation
• Domain Takeover Techniques

Module 12: Advanced Lateral Movement

• WMI/PowerShell Movement
• Scheduled Task Deployment
• Remote COM Execution
• Lateral Movement Automation

This course is designed for technical security professionals across offensive and defensive roles. Red teamers, penetration testers, researchers, analysts, architects, and hunters will gain hands-on skills in adversary emulation, malware development, evasion, and threat detection. System administrators and cloud security engineers will also benefit by learning post-exploitation, privilege abuse, and cloud attack simulation techniques.