This class will be held in four half day, from 9am to 13pm EDT June 8th to 11th
Detection engineering is a methodology to research, develop and improve your detection capabilities. The Detection Engineering for Windows training brings you up-to-speed in 2 full day sessions. More information

Relying on publicly available and stock tooling to leverage weaknesses in enterprise Windows environments to execute effective red team operations is becoming increasingly difficult. However, complex environments, with custom applications and configurations, often contain significant exploit potential attackers could utilize. Red team operators capable of taking advantage of these weaknesses can simulate more advanced adversaries, and help organizations remove difficult to identify attack chains. This course teaches the methodology and tools to find, triage, and utilize exploitable vulnerabilities on Windows systems in time-sensitive engagements. You will dive into the vulnerability classes that SpecterOps routinely finds in mature environments and practice methods of identification, triage, and exploitation. More information

This course is different from other webapp pentesting courses. Here, we focus first on the fundamental concepts that every web application requires, and then look at how those concepts are used in modern web applications. This helps a tester stay flexible as new technologies evolve, giving a mental framework that is valid and useful for any web-based system. The instructor has been a full-time webapp tester for more than 10 years and the lessons in this class are based on what real webapps look like today. More information

The Intrusion Operations class provides students a unique opportunity to learn and implement real-world techniques used by advanced adversaries. An attacker can easily break into an organization by abusing misconfigurations, but the inverse also applies - defenders can easily detect red teams and malicious actors using commodity malware, default indicators, and more. You will learn how to overcome enterprise defenses and hardened infrastructure. You will leverage custom tooling and advanced configurations to break into a simulated corporate network and develop targeted malware profiles to remain undetected. You will leave this class with the skills and tools to develop custom tradecraft for long term persistence. More information

This hands-on training teaches the essential know-how of malware traffic analysis: the experience and knowledge of understanding malware behaviors on the network. The core of the training is not about the tools, but the experience transmitted and gained by students. Students should leave with the knowledge to recognize malicious actions of malware in the network. More information

While security awareness and collective experience regarding the Cloud has been steadily improving, one common difficulty is applying theoretical knowledge to real-life scenarios. This training’s goal is to help attendees bridge this gap by understanding how conventional technologies integrate with Cloud solutions. The training is scenario-based and focuses on applied exercises. More information

The purpose of the Red Team Training is to understand the underlying concept of red teaming. The training will cover payloads generation, lateral movement techniques, initial foothold and internal reconnaissance. The training is aiming to provide a deep understanding of all the previously described aspects of a red team. More information