Dark Side Ops: Custom Penetration Testing
Overview
Black hat hackers penetrate enterprise networks in the flash of an eye, ravage endpoints for sensitive data, and silently exfiltrate the keys to your kingdom without ever popping an AV alert, flagging the SIEM, or being blocked by the proxy. Dark Side Ops: Custom Penetration Testing enables participants to "break through" to the next level by removing their dependence on 3rd-party penetration testing tools, allowing for outside-the-box thinking and custom tool development leveraging the latest in API abuse and advanced code execution techniques. Participants are provided with hands-on experience into the black hat techniques currently used by hackers to bypass network-based enterprise intrusion detection and prevention systems (IDS/IPS), layer 7 web proxies, and data loss prevention (DLP) solutions. The custom approach doesn't stop there. Participants learn advanced evasion techniques of corporate host-based countermeasures including antivirus and application white-listing solutions by developing, compiling, and deploying custom backdoors, payloads, and persistence deep into protected enterprise networks.
At the end of this course students will be able to:
- Build custom payload droppers, beaconing backdoors, and interactive shells.
- Conduct highly targeted and sophisticated custom client-side and social engineering attacks.
- Escalate workstation and network privileges without an exploit.
- Bypass defensive host and network defense countermeasures such as anti-virus applications, firewalls, IDS, IPS, SIEMs, and strict egress filtering.
- Establish custom, stealthy persistence in a target network.
- Pivot undetected throughout a network like a pro using port redirection, tunneling, and proxying.
- Exfiltrate data from a target network using custom applications and network monitoring evasion techniques.
- Compile and deploy an advanced, custom HTTP beaconing payload developed internally by the trainers and used regularly on engagements to effectively infiltrate company networks.
Participants will receive source code to a variety of offensive tools, including custom shells, backdoors, C2 listening posts, and social engineering exploitation techniques. To reinforce the knowledge provided by the instruction, participants will complete labs throughout the day, where the coding skills, custom payload delivery, and advanced pivoting techniques from course intrusion will all be necessary.
Go custom or go home! :)
Who Should Take this Course
Dark Side Ops: Custom Penetration Testing is ideal for offensive security enthusiasts ready to take their skills beyond tool, script, or fill-in-the-blank penetration testing framework dependence. L33t programming skills are not necessary to enjoy this course. If you're interested in being able to build or modify custom offensive tools to bypass the latest offensive countermeasures, this course is for you. This course is equal parts attack/exploit, malware coding/programming, and hands-on lab environment. Participants will not leave this course disappointed.
Student Requirements
Students should have at least:
- A medium level of systems administration experience using Windows or Linux.
- Some experience with penetration testing techniques or frameworks (Metasploit, Core Impact, etc.).
- Some experience with programming (C++ or Python preferred).
What Students Should Bring
- Laptop with administrator access to allow for modifying network configuration, sniffing traffic, etc.
- Laptop with wired connection
- Laptop capable of running two virtual machines simultaneously using either VMWare Workstation or Player
- Windows development environment with the following software installed:
-Visual Studio Express (free) or Professional ($)
-Python (not 3.0!) with py2exe installed
-Favorite text editor for writing code (Notepad++, Komodo Edit, etc.)
What Students Will Be Provided With
- 16 GB USB thumb drive
- TONS of custom code/tools
- Custom persistence techniques
- Course documentation and labs
- Course virtual machines
Trainers
Brady Bloxham is founder and Principal Security Consultant at Silent Break Security, where he focuses on providing advanced, custom penetration testing services. Brady started his career working for the various three letter agencies, where he earned multiple awards for exceptional performance in conducting classified network operations. Brady stays current in the information security field by presenting at DEF CON, DerbyCon, ISSA, ISACA, and various other security conferences, as well as providing training on building custom offensive security tools and advanced penetration testing techniques. Brady also maintains the PwnOS project and holds several highly regarded certifications. :)
Bryce Kunz's experience includes being the vice president of Computer Network Exploitation Services for Defense Point Security, a global network exploitation and vulnerability analyst within the Department of Defense (DoD), and the incident response manager for the Department of Homeland Security's (DHS) Security Operations Center (SOC). With the combination of offensive and defensive experience, Bryce has invaluable experience in advanced attacks, malware bypass techniques, and covert network operations. Bryce is also the creator of PwnOS v2.0, an exploitable virtual machine, and has spoken at various conferences. Bryce received an MBA from a NSA designated "Center of Excellence" with an emphasis in Information Assurance (IA) on a full academic scholarship from the National Science Foundation (NSF). Bryce is an avid researcher in the field of information security and stays current in the field through custom tool development, exploitation research, and reverse engineering.