Red/Purple teams who want to learn advanced techniques (leveraging kernel rootkits for post-exploitation, techniques to bypass EDRs & AVs, quick 0-day hunting techniques to aid with privilege escalation) or those wanting to move away from using third-party tools and develop their own in-house frameworks for C2 & implants, including developing your own modules for post-exploitation tasks (dumping memory, hunting for privilege escalation vectors, obtaining persistence, key logging, etc).
This also applies to those using commercial tooling (e.g. Cobalt Strike) and who want to develop their own modules to extend or modify its capabilities, typically for evasion purposes or to add functionality & techniques not included in the tools.
This course is suitable for both beginners and intermediates, with some particularly advanced concepts (blue-pill hypervisors, 0-day hunting for red teamers) introduced in an easy-to-understand manner.
At completion of the training, you will be competent in programming your own framework for red team exercises, including custom C2 & implant development leveraging secure communications & extensibility via modules.
You will also have experience developing custom post-exploitation modules to dump memory and perform common post-exploitation tasks while bypassing/evading EDRs and securely exfiltrating data over encrypted comms to prevent privacy or security risks during offensive operations.
You will also have experience with certain advanced techniques used by the particularly skilled APT groups (e.g. blue-pill hypervisors, finding & exploiting quick 0-days for privilege escalation).
This course covers custom tool development for offensive security campaigns at the user, kernel and hypervisor levels. Write your own custom code in Rust from scratch, covering both the high-level design of our code to complete guided walkthroughs of our custom code development process, including our own Rust-based COFF loaders, anti-EDR modules, C2 server and agents, kernel rootkits, hypervisor implants and more.
Christopher Vella has extensive experience with red teaming and offensive operations, having performed them for a large range of clients including multiple high-profile banks, sensitive environments including air-traffic control systems, and more.
Christopher also has advanced knowledge of windows internals, kernel development, custom hypervisor development, and vulnerability research, enabling advanced custom tool development and the skills to leverage custom kernel rootkits in offensive operations.