Registration is open for our next course.
September 5 – 6, 2024
Offensive Development
(Virtual over Zoom)
Course Length: 16 Hours (2 Days)
Format: Virtual
Tuition: $700 per person (USD)
Includes: 30 day access to Terraform labs, certificate of participation, and class recordings that never expire.
Course Description:
White Knight Labs proudly presents “Offensive Development,” an intermediate-level course meticulously crafted for cybersecurity professionals. This program is not for beginners; it’s tailored for those looking to elevate their skills in the complex art of offensive cybersecurity. As the digital threat landscape continually evolves, so does our curriculum. This course is dynamically updated to incorporate new techniques and research findings, ensuring you’re always at the cutting edge of offensive development methodologies.
Course Syllabus
- Terraform Lab Deployment in students’ AWS environments
- Guacamole Walkthrough
- Portable Executable Primer
- Windows API Primer
- Converting PE Files to Shellcode (Donut, Windows-Only Tools)
- Process Injection: CreateRemoteThread
- Shellcode Storage (text section)
- Shellcode Storage (resources section)
- Process Injection: Process Hollowing
- Process Injection: Early Bird
- Process Injection: MockingJay
- Windows API Direct Syscalls
- Windows API Indirect Syscalls
- Hiding Imports via Dynamic Resolution
- XOR Encrypting API Function Calls
- Introduction to Cobalt Strike
- Cobalt Strike C2 Deep Dive (Profiles and BOFs)
- Defeating Sandbox Detection
- Identifying an EDR’s Active Protection
- DLL Proxying for Persistence
- API Unhooking
- AMSI Primer & AMSI Bypass
- ETW Primer & Process Injection: Caro-Kann
- Custom Reflective DLL Loaders
- App Domain Injection
- ClickOnce Payload Development
Prerequisites:
To ensure a productive and engaging learning experience in our “Offensive Development” course, we have established a set of prerequisites for all participants. These prerequisites are designed to make sure that each student is adequately prepared for the advanced content and can fully benefit from the course material.
- Programming Background: Participants must have a solid background in programming, specifically in C, C++, or C#. This foundational knowledge is crucial for understanding the complex code structures and techniques discussed in the course.
- Understanding of C2 Frameworks: A clear understanding of how Command and Control (C2) frameworks operate is essential. This knowledge is fundamental in comprehending the operational aspects of offensive cybersecurity tools.
- Basic Process Injection Techniques: Familiarity with basic process injection techniques is required. This includes an understanding of how these techniques are used to execute code in the context of another process.
- Shellcode Usage: Proficiency in using shellcode is a must. Participants should understand how shellcode is crafted and deployed in offensive operations.
- Experience in Payload Development: A background in developing payloads or creating initial footholds on target endpoints is crucial. This experience is necessary for comprehending the practical aspects of tool development and deployment in offensive cybersecurity.
- Desire to Learn: A strong desire to learn and delve deeper into the subject matter is vital. This course is challenging and requires students to be motivated and willing to go the extra mile in their learning journey.
- Aspiration to Bypass Security Measures: An enthusiasm for learning techniques to bypass Anti-Virus (AV) and Endpoint Detection and Response (EDR) systems is essential. This course focuses on overcoming modern security defenses, and a keen interest in this area is necessary for success.
Participants meeting these prerequisites will find themselves well-prepared to tackle the challenges and reap the full benefits of the “Offensive Development” course.
What You’ll Learn:
Understanding Modern Defenses: We begin by dissecting modern defense mechanisms, providing you with the latest insights and tools. You’ll gain hands-on experience with Terraform Labs in AWS environments, Portable Executable conversions, and various process injection strategies. Our evolving curriculum ensures the inclusion of the newest techniques and research in Windows API manipulation, shellcode storage, and dynamic resolution of hidden imports.
Advanced Offensive Techniques and Cobalt Strike: The second day is dedicated to advanced offensive techniques, with a special focus on the Cobalt Strike Command and Control (C2) Framework. You’ll delve into C2 profiles, defeating sandbox detection, identifying EDR’s active protections, and mastering DLL proxying. The course also includes an introduction to the Cobalt Strike C2 Framework, AMSI and ETW primer, and custom payload development strategies.
Who Should Enroll:
Penetration testers, red teamers, and blue teamers looking to advance their malware development skills.
Cybersecurity professionals aiming to understand and effectively deploy offensive security tools.
Security analysts and researchers interested in the development of offensive cybersecurity methodologies.
Course Takeaways:
- A deep understanding of modern cybersecurity defenses and how to navigate them.
- Skills in advanced offensive techniques and tool development.
- Knowledge of the latest updates and techniques in offensive cybersecurity.
- An introduction to the Cobalt Strike C2 Framework, highlighting its usage in offensive strategies.
Embark on this journey with White Knight Labs and transform into a skilled practitioner in offensive cybersecurity, equipped with the latest tools and techniques to excel in this ever-changing field.
RELEVANT
This Course is Hyper-Current
Changes are always made at the last minute to ensure that students receive the most up-to-date and relevant content possible. As a result, the syllabus is subject to change, and course content may be modified based on student skill level, course progression, and other factors.
Not Just Concepts
We get you into the trenches, putting you into real world scenerios that may frustrate you as we challenge your skills and knowledge.
Hands On Lab Environemnt
Eight virtual machines using Ubuntu, Windows 10, Kali, and Windows Server 2019
Not for Beginners
Students should have experience in cybersecurity fundamentals and an understanding of penetration testing and execution of red team operations
To the Limits
This course is designed to challenge you and you must be willing to face the difficulties we present and not give up
OFFENSIVE DEVELOPMENT
Basic Overview
Students will learn to understand modern defenses, process injection variants, Cobalt Strike and attacking AV/EDR products.
The course includes topics such as defeating string detection, unhooking EDR products, along with AMSI and ETW bypass.
Take Your Skills to the Next Level
Challenge Yourself
Discover new heights and overcome personal barriers with a White Knight Labs ground breaking training program, created to foster growth and unleash your capabilities.
Learn
Enhance your skillset through our expert-developed courses, focused on delivering the most pertinent and up-to-the-minute information in your field.
Achieve
Aim for the stars and experience the thrill of success with WhiteKnightLabs’ extensive training program, enabling you to tackle challenges head-on and excel in your chosen profession.
Register Now
for the Next Session
You will receive additional details by email once you complete the registration
Click the link
to secure your seat right now!
September 5th and 6th, 2024
Class Times will be
8:30AM EST – 5:00PM EST
Need additional information?
Contact us with Questions
If you have questions let us know. If you’re unable to use the form. please give us a call at 877-864-4204