Powered by Humanitix
More dates
Mon Oct 7th 2024, 9:00 am - Thu Oct 10th 2024, 5:00 pm CDT (Opens in new tab)

Adversary Tactics: Red Team Operations II - October 2024 (In-person & Virtual; US Time)

Get Tickets

Event description

This is a Hybrid event; participants can choose to join us in person in the Denver, Colorado area or virtually via Zoom. Stay tuned for more details about the event and venue!

Early Bird Pricing - Take advantage of early bird pricing for this training, register by August 8, 2024 to receive 25% off your order during checkout!

New Follow-on to Adversary Tactics: Red Team Operations!

We're excited to announce the new red teaming course from SpecterOps! The course is in active development, but take a peak below for a preview of the syllabus and to register for the inaugural delivery of the course in October 2024!

    Course Summary

    As modern architecture increasingly shifts services and data from on-premises infrastructure to the cloud, Identity becomes the thread that ties everything together.

    Our new "Adversary Tactics: Red Team Operations II" (working title, final title coming soon!) course is a follow-on to our "Adversary Tactics: Red Team Operations" course and offers an in-depth look at identity-driven tradecraft, targeting both on-premises and hybrid identities. Participants will learn how to abuse the intricacies of different authentication and authorization mechanisms to traverse on-premises and cloud environments, gain access to integrated systems, and even cross tenants. Participants will also be equipped with a practical approach to identifying known attack paths and forging new ones within complex operational environments and across people, processes, and technology.


    Course Syllabus

    Day 1

    • Attack Path Identification Methodology
    • Active Directory Situational Awareness
    • Active Directory Guided Attacks
    • Kerberos Delegation Abuse
    • NTLM Tradecraft
    • Authentication Coercion Techniques

    Day 2

    • Introduction to PKI, Active Directory Certificate Services, and PKINIT
    • Certificate Abuse Techniques and Shadow Credentials
    • Active Directory Federation Services, SSO, and SAML Attacks

    Day 3

    • Okta Deployment Scenarios
    • Okta Abuse for Lateral Movement and Privilege Escalation
    • SCCM Tradecraft and Hierarchy Takeover Techniques

    Day 4

    • Introduction to Entra ID and Azure Architecture
    • OAuth and OpenID Flows in Entra ID
    • Consent and Grant Flows
    • Token Abuse
    • Targeting Hybrid Environments
    • Cross-Tenant and Supply Chain Attacks

    Participant Requirements

    Prerequisites for this course include a foundational understanding of red team operations, which is covered in our "Adversary Tactics: Red Team Operations" course. This new course is designed for red teamers and penetration testers who wish to master tradecraft suitable for mature environments, as well as defenders and general security practitioners who aim to understand the advanced tradecraft commonly used by sophisticated threat actors.

    In-person Attendee Benefits

    We will announce exclusive benefits for in-person attendees soon! We highly encourage you to join us in person for the training if you can.

    FAQs

    How can I contact the organizer with any questions?

    Please email training@specterops.io with any questions.  

    What's the refund policy?

    Full refunds will be provided up to 7 days before the course start date.

    What are the hardware requirements for attending the course?

    Courses are based in the SpecterOps training portal and accessible via an internet connection; no VMs are required for labs. The following are recommended hardware requirements:

    • Internet Connection
    • 8GBs of RAM
    • Modern Web Browser capable of rendering HTML5
    Powered by

    Tickets for good, not greed Humanitix donates 100% of profits from booking fees to charity

    Refund policy

    Refunds are available up to 7 days prior to the event