Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code.

This course is designed to take you deep into defensive and offensive tooling – an apex attacker must know the own indicators of compromise (IOCs) they’re creating and the artifacts they’re leaving behind.

Students will have access to several EDR products and Cobalt Strike in this course.

More information

Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.

For each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.

I found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.

More information

WKL's ARTO course is meant to fill in the gaps for senior penetration testers that want to pivot into conducting red team operations against mature enterprise environments. Students will be given a Terraform script that spins up their own dedicated lab environment that they lifetime access to. Students will go through the process of purchasing domains to simulate deploying their red team attack infrastructure. WKL's instructors will go in-depth regarding the usage of CDNs in GCP, AWS, and Azure for redirectors. At the end of the course, students will have the opportunity to test their knowledge by taking the Advanced Red Team Operation Certification exam, a rigorous, hands-on 48 hours exam where students will need to gain Domain Admin control over the stigs-corp.local network and accomplish various objectives.

More information

The "Attacking and Securing CI/CD Pipelines" course is a dynamic, hands-on training program designed to equip participants with the skills to identify, exploit, and mitigate vulnerabilities within Continuous Integration and Continuous Deployment environments. As CI/CD pipelines form the backbone of modern software development, their security is paramount. This self-paced course blends theoretical insights with practical, real-world labs to create an immersive learning experience.

Participants will explore critical security concepts, including hijacking techniques, artifact poisoning, branch protection misconfiguration bypasses, and OIDC misconfigurations. The course also emphasizes countermeasures and best practices for securing pipelines across popular platforms like GitHub Actions, AWS CodeBuild, CircleCI and Azure DevOps. By the end of the program, learners will have the expertise to both attack and secure CI/CD environments effectively.

Designed for DevSecOps professionals, penetration testers, red team operators, and security engineers, the course provides a flexible and comprehensive approach to CI/CD security. Whether you're securing pipelines or simulating attacks, this course offers a robust foundation in CI/CD security.

More information

The training is divided into five sections: Initial Foothold, Gaining Access, Offensive Coding, Internal Reconnaissance, and Lateral Movement. Each section will be covered in depth, providing technical evidence of how each technique works. Red team exercises will be performed to assess responsiveness and detection capabilities. As a red teamer, it is important to understand what each tool and command you use is doing behind the scenes to provide proper guidance. The training will help you understand the tools and techniques used during a red team exercise, develop your own toolset, adapt existing tools when needed, identify new techniques or potential evasion tricks, and gain an overview of the popular methods used in red team exercises.

Expect to perform code reviews, network analysis, code behavior analysis, and write code to enhance your red team capabilities.

More information

Can prompt injections lead to complete infrastructure takeovers? Could AI applications be exploited to compromise backend services? Can data poisoning in AI copilots impact a company's stock? Can jailbreaks create false crisis alerts in security systems? This immersive, CTF-styled training in GenAI and LLM security dives into these pressing questions. Engage in realistic attack and defense scenarios focused on real-world threats, from prompt injection and remote code execution to backend compromise. Tackle hands-on challenges with actual AI applications to understand vulnerabilities and develop robust defenses. You’ll learn how to create a comprehensive security pipeline, mastering AI red and blue team strategies, building resilient defenses for LLMs, and handling incident response for AI-based threats. Additionally, implement a Responsible AI (RAI) program to enforce ethical AI standards across enterprise services, fortifying your organization’s AI security foundation.

More information

This comprehensive Offensive Azure Operation & Tactics Certification course provides a deep dive into Azure's infrastructure and security landscape. Participants will explore various modules covering essential components such as Azure infrastructure understanding, enumeration techniques, initial access strategies including phishing methods, abusing reader roles, misconfigurations, and exploiting Azure services. The course extends into post-exploitation techniques, pivoting between cloud and on-premises environments, compromising DevOps, Devices using Microsoft Intune, Entra ID Connect features, leveraging Azure services for persistence, conducting Azure configuration assessments, and utilizing automation tools for security checks. This hands-on course equips participants with practical insights and skills crucial for identifying and exploiting Azure components.

More information

This updated Black Hat edition training offers hands-on threat modeling exercises based on real-world projects, to equip participants with skills as Threat Modeling Practitioners. The course integrates exercises using MITRE ATT&CK, Agile and DevOps practices, and includes a challenge on threat modeling a Machine Learning-Powered Chatbot. Participants will engage in CTF-style challenges, battling for control over an offshore wind turbine park, in a threat modeling war game.

For beginner to intermediate learners, the training includes a two-hour introductory self-paced module. Exercises focus on practical use cases with detailed environments, questions, and templates. Students, in teams of 3-4, will do challenges: - Diagramming techniques for a travel booking service - Threat modeling cloud-based update services for IoT kiosks - Developing attack trees against a nuclear research facility - Using MITRE ATT&CK for SOC Risk-Based Alerting systems - Mitigating threats in payment services with microservices and S3 buckets - Applying the OWASP Threat Modeling Playbook in agile development - Securing CI/CD pipelines

Each exercise concludes with group discussions and documented solutions. Participants receive the Threat Modeling Playbook, a year of online learning platform access, and will get feedback and guidance on an after-training assignment.

More information