Shubhitesh Dhanuka
Working at Deutsche Bank
" The best hands-on experienced i ever had. From tools like cobalt strike to BloodHound, everything at one place.. I have cleared THREE interviews after ORTP certification! "
About "Offensive RedTeam Professional" Live Course
The "Offensive RedTeam Professional" certification program was designed by a black hat team, application developer, and exploit writer to automate the red teaming hunting process.
This course covers both offensive and defensive strategies, and after finishing the course, a candidate can handle any cyber security incident.
ORTP's professional objective is to react faster, detect, analyze, and provide a complete solution to the enterprise. We focus on manual as well as automated red teaming processes.
In this professional training, the instructor will demonstrate 90+ plus tools and frameworks, but as we mentioned, tools are only for visibility, and we will put more focus on scenario-by-scenario red teaming practices.
And this course also focuses on writing our own tools and exploits so they can handle any incident according to enterprise complexity or any red teaming practices.
You Are In Good Company
Here is what they experienced!
"Cobalt Strike become my favorite tool.."
Ms. Joana Ebert
"Exploiting Vulnerabilities Everyday Now"
Rahul Sain
"Doesn't Get Any Better :)"
Charles Terry
RedTeam Training Highlighted Modules
Each module focuses on simulating attacks on an organization.
AWS & Azure Red Teaming Practices
Reverse Engineering
SSL Red Teaming Practices
Kerberos Attacks
Cyber Kill Chain
Exploit Writing
Docker Container technology
Kubernetes Red Teaming Practices
API Red Teaming Practices
Red Team Ops with Cobalt Strike
Visualize active directory with BloodHound
Enterprise Network Red Teaming Practices
Web Application Red Teaming Practices
Covert Communication
Firewall Red Teaming Practices
Pivoting & Tunneling
Live Instructor Led Training Schedule
Weekend 3 hours sessions at 09:00 AM IST to 11:00 PM IST
Stating from 9th Jan, 2023
Who Should Attend
If you like to find red flags, RedTeam training is for you
Information security managers
Security Analysts
Penetration Testers
Security Consultants
IT employee
Network Engineer
IT Security Professionals
Anyone who wants to deep dive into Penetration Testing and become RedTeam Operator
Past Participates of Hacker Associate Work At:
ORTP Course Syllabus
150+ Modules cover every aspect of Red Team Operator
+ Active Scanning
+ Passive scanning
+ Scanning IP Blocks
+ Accumulating System Information
+ Collecting Remote Host Information
+ Collecting Remote Identification Information
+ Collecting Victim Network Information
+ Obtain Victim Organization Information
+ Collecting Information Through Social Media
+ Overview of AWS Services
+ Amazon Web Services Regions and Availability Zones
+ Identify Types of Attack used on AWS
+ Defining AWS Blueprints
+ External Infrastructure of your AWS cloud
+ Application(s) you host/create on your platform
+ Internal Infrastructure of your AWS cloud
+ AWS configuration review
+ Application Programming Interface
+ Web applications hosted by organization
+ Analyzing Programming languages
+ Virtual machines and operating systems
+ Analyzing the security of the AWS Cloud
+ Analyzing security in the AWS cloud
+ Explore various tools for AWS
+ Inspect an automated framework for assessing AWS Infrastructure
+ Write your own tools for AWS infrastructure assessment
Tools to be tested for AWS Security includes
Governance
+ Recognize AWS usage/implementation
+ Define AWS boundaries and identify assets
+ Access policies
+ Identify, review, and evaluate risks
+ Inventory and documentation
+ Add AWS to the risk assessment
+ IT security and programme administration
Network Management
+ Network Security Controls
+ Physical links
+ Granting and revoking access
+ Environment Isolation
+ Inventory and documentation
+ DDoS defence layers
+ Malicious code controls
Encryption Control
+ AWS Console access
+ AWS API access
+ IPsec Tunnels
+ SSL Key Management
+ Protect PINs at rest
Logging and Monitoring
+ Centralized log storage
+ Review policies for "adequacy"
+ Examine the Identity and Access Management (IAM) credential report
+ Aggregate from multiple sources
+ Intrusion detection & response
Section 1
+ Azure Service Overview
+ Amazon Web Services Regions and Availability Zones
+ Defining Azure Blueprints
+ Methods by which your Azure data can be compromised
+ External Infrastructure of your Azure cloud
+ Application(s) you host/create on your platform
+ Azure cloud's internal infrastructure
+ Azure configuration review
+ Application Programming Interface
+ Web applications hosted by your organization
+ Programming languages
+ Virtual machines and operating systems
+ Analyzing the security of the Azure Cloud
+ Evaluating security in the Azure Cloud
+ Explore various tools for Azure
+ Inspect an automated framework for assessing Azure Infrastructure
+ Creating a custom tool to assess Azure Infrastructure
+ Red-Team Best Practices
Section 2
+ Azure Authorization Checks
+ Enumeration of Azure AD
+ Azure Policies
+ Azure PowerShell
+ Azure Cloud-shell
+ Azure Internal Recon
+ Azure Privilege Escalation
+ The Golden SAML & Primary refresh token
+ Managing Azure Identities and Governance
+ Azure Storage Security etc
+ Azure Key Vault
+ Azure Security Center
+ Azure Sentinel
+ Azure Best Practices
+ A Quick Overview of IPv4 and IPv6
+ IPv4 vs. IPv6: What's the Difference?
+ Exploit Chain for IPv4-based Networks Developed by Hacker Associates
+ Exploit Chain for IPv6-based Networks by Hacker Associates
+ Exploring attack techniques based on IPv4 and IPv6
+ How do you keep your IPv6 neighbors from discovering you?
+ How can you keep your IPv6 address management secure?
+ Attacks on IPv6 Neighbor Discovery Mitigation
+ IPv6 attack techniques and mitigations
+ THC IPv6 Attack Toolkit
+ Red Teaming Best Practices
+ Kerberos: A Quick Overview
+ Identifying how Kerberos works and configuring it
+ KDC: Key Distribution Centre
+ AS: Authentication Service
+ TGT: Ticket Granting Ticket
+ SPN: Service Principal Name
+ PAC: Privilege Attribute Certificate
+ Service Tickets
+ Attacking Kerberos, the Windows ticket-granting service
+ Kerbrute Enumeration: No domain access required
+ Pass the Ticket Attack: Access as a user to the domain required
+ Kerberoasting : Access as any user required
+ AS-REP Roasting: Access as any user required
+ Golden Ticket: Full domain compromise (domain admin) required
+ Silver Ticket: Service hash required
+ Skeleton Key: Full domain compromise (domain admin) required
+ Red Teaming Best Practices
+ A brief overview of Active Directory
+ Domain Controller (DC)
+ Forests, trees, domains
+ Users and groups
+ Trusts and Policies
+ AD Enumeration
+ AD Domain Services and Authentication
+ AD in the Cloud (Azure AD)
+ Abusing Kerberos
+ Cross Trust Attacks
+ Enumerating Server Managers
+ Enumeration with Bloodhound: GUI interface
+ Maintaining Access
+ Post Exploitation Technique
+ Defences and Bypass – PowerShell
+ Red Teaming Best Practices
+ Overview of container technology
+ Introduction to Docker
+ Docker Container Configuration
+ Docker Commands
+ Docker Images
+ Docker Compose
+ Docker Engine
+ Docker Networking & Registry
+ Docker Misconfiguration
+ Hacker Associate Docker containers Exploit Chain
+ Docker vulnerability static analysis
+ Docker Exploitation
+ Red Teaming Best Practices
+ A Brief Introduction of Kubernetes
+ Monitoring and logging
+ Application Lifecycle Management
+ Kubernetes Security
+ Cluster Maintenance
+ Create and deploy a Kubernetes cluster
+ Networking
+ Storage
+ Red Teaming Best Practices
+ Convert Communication
+ Cobalt Strike Model
+ Setting up infrastructure and troubleshooting
+ Customize Beacon’s network indicators using C2
+ Weaponized Cobalt Strike’s Beacon Payload
+ Initial Access Process
+ Privilege Escalation
+ Abusing Lateral Movements
+ Pivoting with Cobalt Strike’s SSH sessions
+ A Quick Overview of Tunneling and Pivoting
+ Network Chain Exploitation
+ Hacker Associate Tunneling and Pivoting Exploit Chain
+ Proxy Pivoting
+ Pivoting the VPN
+ Use proxy chains and SSH to pivot
+ Using the Netcat relay to pivot
+ Proxy SOCKS
+ Additional tools and techniques
+ Best Practices for Red Teaming
+ Abuse Elevation control mechanism
+ Access token manipulation
+ Boot or Logon Auto start Execution
+ Boot or Logon Initialization scripts
+ Create or modify system processes
+ Escape to Host
+ PE (horizontal and vertical)
+ The Event Triggered Execution
+ Exploitation for Privilege Escalation
+ Red Team Best Practices
+ Network sniffing using AiTM (Adversary-in-the-Middle)
+ Brute Force
+ Password Spraying attacks
+ Forge Web Credentials
+ Modify Authentication Process
+ OS Credential Dumping
+ Two Factor Authentication Interception
+ Forced Authentication
+ Kerberos ticket theft or forgery
+ Steal Web Session Cookie
+ Introduction to Command and control server
+Communication using application layer
+ Exploiting different Protocols SMB, SSH, or RDP
+ Encrypted Channels
+ Multi-Stage Channels
+ Protocol Tunneling
+ Top-10 OWASP Web Security Risks
+ Top 10 OWASP Mobile Apps
+ Reverse Engineering
+ TLS/SSL Attacks
+ Red Team Best Practices for Web and Mobile Applications
+ Automated Exfiltration
+ Exfiltration Over Alternative Protocol
+ Exfiltration Over the C2 Channel
+ Exfiltration Over Other Network Mediums
+ Exfiltration Over Other Physical Medium
+ Exfiltration Over Web Services
+ Transfer Data to the Cloud Account
Letter from Instructor (CISO and CEO)
Do You Want To Learn RedTeam operations from the well-recognized place?
Aloha, I am Harshad Shah, Founder & CEO of Hacker Associate known as a Technologist & also a Technology Motivational Speaker, Sr. Information Security Consultant & Corporate Trainer having Expertise in Latest and High-End Technologies like IoT, Machine Learning, Artificial Intelligence, Splunk, Docker, DevSecOps, AWS, Cloud Computing, Big Data Analytics.
Global Offensive Hacker Associate Community focuses on "Next Generation Technology" and we do more research on the industry-based products, current enterprise security level, application level assessment, Scada, AI & IoT assessments, and based on our team research we create a specialized program for candidates.
