-
Greg Hatcher White Knight Labs
-
Jake Mayhew White Knight Labs
- Dates: May 10, 11 and 12 2025
- Difficulty: Nose bleed
- Session Format: On-Site
Description
This course provides a comprehensive approach to mastering advanced offensive techniques by dissecting and overcoming modern defense mechanisms. Participants will gain hands-on experience with Terraform lab deployments, process injection strategies, and dynamic resolution techniques. A special focus is placed on the Cobalt Strike Command and Control (C2) framework, including malleable C2 profiles, sandbox evasion, EDR detection, and DLL proxying for persistence. The curriculum emphasizes custom payload development, teaching participants how to build reflective DLL loaders, bypass AMSI and ETW protections, and crafting tailored offensive payloads. Students will also gain practical knowledge in using shellcode for offensive operations, building on prior experience in payload development and creating initial footholds on target endpoints.
Key Learning Objectives
Students will gain the following: -a comprehensive understanding of modern cybersecurity defenses and how to neuter them -advanced skills in offensive techniques, Cobalt Strike usage, and payload development -knowledge of the latest research and updates in offensive cybersecurity methodologies -hands-on experience with dynamically updated labs in AWS, Cobalt Strike, and custom payload development strategies
Who Should Attend?
We recommend this course for penetration testers, red teamers, and blue teamers that are seeking to advance their malware development skills.
Prerequisite Knowledge
A background in C/C++ and Windows programming is highly recommended.
Hardware Requirements
Students will need a laptop and an AWS admin account with programmatic access for deploying the Terraform script.
Bio
Greg Hatcher , White Knight Labs
Greg has a background in Army Special Forces and teaching Windows internals at the NSA. He also led a 3-man red team for CISA that specialized in attacking America’s critical infrastructure. He authored and teaches WKL’s flagship course, Offensive Development, at Wild West Hackin’ Fest and virtually on the Antisyphon platform. Greg is passionate about C programming for the Windows operating system and abusing Active Directory. Greg is an active member of the following organizations: Cloud Security Alliance, the Right Place, American Corporate Partners, West Michigan Technology Council. He regularly appears in the news discussing cyber warfare and the impact of Chinese APTs on America's critical infrastructure. Greg has the following certifications: GXPN, GCPN, CRTP, CISSP, GWAPT, and GSEC.
Jake Mayhew , White Knight Labs
Coming soon.