Opsec Monitor & Alerts
Bring Your Own Browser
Simulated Users
Learning Platform
Virtual Lab
Modern day APT’s (Advanced Persistent Threat) are relentlessly developing new Opsec and tools that allow them to successfully compromise hardened targets for a variety of motivations. To avoid detection against organizations with mature security programs, you need to ensure you are using the latest Opsec and techniques. Students must prove their ability to identify impactful misconfigurations and execute advanced, organized attacks in a controlled and focused manner. How strong is your APT arsenal?
This self-paced online advanced pentest training lab requires students apply new advanced persistent threat Opsec and techniques against a hardened heterogeneous network. Students are immersed in a Active Directory corporate environment, up-to-date and patched operating systems, modern defenses, with active and passive host-based alerting malicious activities. Simulated corporate users performing routine logins and mounting share drives generate real-world network activity essential to completing the lab.
What will you learn?
- Evading endpoint protections
- Passing the Hash techniques
- Active Directory Enumeration and Escalation
- Advanced lateral movement in a secure environment
- Abusing Domain Trusts
- NTLM Relaying
- Kerberos Delegation Attacks
- Privilege Escalation
- Web Application Attacks
- Escape from restricted environments on Linux and Windows
- Breaking out of the beachhead
- List Achieve objectives via data mining and exfiltration
- Tool expertise with Impacket, Rubeus, BloodHound, Responder, NTLM Relayx, and others!
Features
Real time Opsec Monitoring and Alerting
Not only will you hone skills, expand your knowledge, and improve tool set awareness but now there’s another often overlooked aspect that’s critical to success. Simply gaining Domain Admin in the Evil APT lab isn’t the only objective. Other labs only measure student success by collecting flags or by the number of VM’s completed with admin or root privileges.
Can you complete Evil APT with the fewest detection or even zero alerts from the monitoring services? It may take multiple attempts with a variety of tools and techniques to perfect the ideal combination of speed and usability with the least alerting Opsec.
Archangel
We’ve combined a custom developed Windows host monitoring and real time alerting agent, Archangel, with the Mitre Att&ck framework to bring all your digital footprints into a single location. By improving your Opsec (Operational Security), you’ll avoid detection by security teams, incident response, and antivirus services. Real time alerting is there to remind you of Opsec concerns and provide tips and recommendations for alternative techniques.
SIEM Dashboard
As you complete the lab, hunt for yourself and other students to improve your Opsec. Use advanced analytics capabilities such as SQL declarative languages, graphing, structured streamed, and even machine learning over an ELK stack.
Simulated Corporate Network
Our lab simulates a real world network environment, with active corporate users performing routine tasks. Identify and leverage their activities to complete the objectives of the lab.
Ready to get started?
Intended Audience
This lab is designed for attendees who have experience performing pentests and want to take their skill set to the next level. You will
learn cutting-edge techniques using modern attacks and test yourself in an environment that is based on real-world networks. Enhance your Opsec awareness with alternative techniques and expand your tool set expertise.
Lab Prerequisite
- Working familiarity with Kali Linux and/or the Linux command line
- Target enumeration and vulnerability identification
- Basic scripting experience with Bash and/or Python
- Conducting remote, local privilege escalation, and client-side attacks
- Leveraging tunneling techniques to pivot between networks
- Active Directory foundational understanding
- Basic Active Directory attacks
- A solid understanding of TCP/IP and networking concepts
Students should also be well versed with the fundamentals of penetration testing. Students should be comfortable with general penetration testing
and red teaming concepts, operating in a Windows domain environment and Linux hosts. After reviewing source code, student should be to gain a
general understanding of how a tool works.
Students should have equivalent knowledge or skills in the following areas:
What Students Should Bring
Students will need to bring a laptop with their favorite web browser. No need to install additional applications to gain access to the virtual lab.
