Adversary Emulation: Mimicking a real-world cyber attack

Focused View

Uday Mittal

4:13:22

79 View

01. Introduction

1. Course Introduction.mp4

03:14

2. What is Adversary Emulation.html

3. Red Teaming vs Adversary Emulation.mp4

01:41

4. Who are we going to breach.mp4

03:31

5. Attack Methodology & Attack Path.mp4

03:07

6. Introduction to MITRE ATT&CK framework.html

7. Summary.mp4

00:55

8.1 Resources.zip

8. Resources.html

02. Setting up the attacker machine and tools

1. Overview.mp4

00:46

2. Setting up Kali Linux.mp4

04:56

3. Install Download Tools.mp4

08:42

4. Setup the web server to make tools accessible from the target network.mp4

03:17

5. Setup the note taking environment using Cherry Tree.mp4

02:17

6. Summary.mp4

00:26

03. Recon

1. Overview.mp4

00:38

2. Recon (OSINT).mp4

06:53

3. Recon (Dirbuster).mp4

03:42

4. Summary.mp4

01:13

04. Initial compromise

1. Overview.mp4

00:30

2. Gaining foothold.mp4

06:04

3. Summary.mp4

01:06

05. Escalate Privileges

1. Overview.mp4

00:23

2. Privilege Escalation Recon.mp4

02:42

3. Dirty Cow Exploit 101.mp4

01:03

4. Escalating Privileges.mp4

03:00

5. Summary.mp4

01:37

06. Persistence

1. Overview.mp4

00:39

2. Establishing persistence via PoshC2.mp4

06:27

3. The Three Command and Control Tiers.html

4. Summary.mp4

00:44

07. Internal Recon

1. Overview.mp4

00:24

2. Internal Recon (Host Discovery and Port Scanning).mp4

05:25

3. Summary.mp4

01:10

08. Lateral Movement

1. Overview.mp4

00:28

2. Generating custom username and password lists.mp4

08:57

3. Brute-forcing Outlook Web App.mp4

03:54

4. Phishing an employee (Social Engineering).mp4

07:51

5. Summary.mp4

01:43

09. Lateral Movement Privilege Escalation

1. Overview.mp4

00:35

2. Privilege Escalation Recon using PowerUp.mp4

02:37

3. Unquoted Service Path Vulnerability 101.mp4

01:03

4. Checking Permissions.mp4

04:12

5. Escalating Privileges.mp4

06:45

6. Establishing persistence via PoshC2.mp4

03:20

7. Summary.mp4

01:30

10. Lateral Movement Domain Enumeration

1. Overview.mp4

00:41

2. Collecting Active Directory domain information using SharpHound.mp4

03:01

3. Analyzing Active Directory domain information using BloodHound.mp4

10:13

4. Summary.mp4

01:35

11. Lateral Movement Domain Privilege Escalation

1. Overview.mp4

00:29

2. Dumping credentials via Mimikatz.mp4

04:42

3. Over-Pass-The-Hash Attack.mp4

07:00

4. Establishing persistence on Domain Controller via PoshC2.mp4

00:55

5. Summary.mp4

01:42

12. Domain Lateral Movement & Data Analysis

1. Overview.mp4

00:21

2. Dumping Credentials from Domain Controller.mp4

03:50

3. Accessing Database Administrators machine.mp4

07:19

4. Summary.mp4

01:51

13. Data Analysis & Data Exfiltration

1. Overview.mp4

00:22

2. Converting SSH Private Key.mp4

03:27

3. SSH Tunnels 101.mp4

02:16

4. Establishing a Dynamic SSH Tunnel.mp4

04:27

5. Loot.mp4

09:32

6. Summary.mp4

01:27

14. Attack Path Recap

1. Attack Path Recap.mp4

06:12

2. Attack Path mapping with MITRE ATT&CK.mp4

02:16

15. Deleting Footprints

1. Overview.mp4

00:22

2. Deleting footprints from the web server.mp4

06:44

3. Deleting footprints from user machine (Part1).mp4

01:36

4. Deleting footprints from user machine (Part2).mp4

01:58

5. Deleting footprints from Domain Controller.mp4

01:19

6. Deleting footprints from user machine (Part3).mp4

03:04

7. Summary.mp4

00:49

16. Observations & Recommendations

1. Overview.mp4

00:14

2. Observations.mp4

02:21

3. Recommendations.mp4

05:24

17. Engagement Report

1. Engagement Report.mp4

05:50

18. Course Resources & Feedback

1. Course Resources & Feedback.mp4

02:03

19. Conclusion

1. Conclusion.mp4

01:47

20. Lab Setup

1. Red Team Adversary Emulation Lab Access (Tax First Labz).mp4

04:53

2. Fetching AWS Account ID.mp4

00:42

3. Creating AWS IAM Account.mp4

03:52

4. Subscribing to Apache Guacamole AMI.mp4

01:19

5. Lab Management via AKSH.mp4

16:00

Description

Learn how to perform red team adversary emulation exercises end-to-end

What You'll Learn?

How to plan and manage adversary emulation exercise
Difference between red teaming and adversary emulation
MITRE ATT&CK Framework
Red team operations attack lifecycle
How to conduct adversary emulation exercise on a live organization
Open Source Intelligence (OSINT) techniques to gather information
Weaponizing exploits to gain foothold into the network
Password brute-forcing using custom generated lists
Phishing an employee
Escalating Privileges on Linux and Windows systems
Active Directory enumeration using BloodHound
Active Directory attacks
Establishing persistence via PoshC2 (command and control center software)
Creating an engagement report

Who is this for?

Students curious about conducting a real-world security engagement

Students preparing for penetration testing certifications

Beginners in Red Teaming

Cybersecurity Professionals

Information Security Managers

More details

Description
Red Team Adversary Emulation, focuses on approaching an organization's security from the view of a real-world adversary. In this course, we perform a live Adversary Emulation exercise and try to steal customer data of a FinTech startup. We are hired by a FinTech startup to conduct an adversary emulation exercise and steal their customer data (before an actual adversary). This exercise assumes zero knowledge about the target network.

During an adversary emulation exercise we mimic a real world cyber attack with a specific objective, such as stealing customer data, launching a ransomware attack etc. This course follows the Red Team Operations Attack Lifecycle to conduct this exercise. We go through each phase in a step-by-step manner and build our attack path as we move ahead. We employee a variety of techniques, such as
Active and passive information gathering
Gaining foothold into the network
Host Discovery
Brute-forcing
Phishing
Privilege Escalation (Linux and Windows)
Automated Active Directory domain enumeration
Persistence via command and control center
Active Directory attacks

to achieve our objective. Upon completion of the exercise, we will prepare and submit a report to the organization's management.
This course also covers installation and usage of tools such as, PoshC2, Mentalist, BloodHound, Mimikatz, Metasploit, PowerUp, icacls, PowerShell etc.
This is a beginner friendly course. If you have just started your career in offensive cybersecurity or are preparing for penetration testing exams then this course is for you. If you are already a penetration tester or a red teamer, with a few years of experience under your belt, then you would already know most of the above mentioned techniques. However, if you are interested in witnessing a live adversary emulation exercise, please feel free to follow along.
Who this course is for:
Students curious about conducting a real-world security engagement
Students preparing for penetration testing certifications
Beginners in Red Teaming
Cybersecurity Professionals
Information Security Managers

User Reviews

Rating

average 0

Total votes0

Focused display

Uday Mittal (eWPTx, OSCP | E, CRTP | E, CISSP, CCSP, CISA, CISM, CRISC) is the founder of Yaksas Security. He has over 11 years of experience in dealing with various issues related to cyber security. He is actively working towards educating people on cyber security risks and steps to mitigate them. His areas of interest include exploitation research, malware analysis, red teaming, VAPT etc.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.