Red Team Expert
A comprehensive training program covering infrastructure and information system penetration testing.
248 Hours
Red Team
248 Hours
Red Team

ABOUT THE PROGRAM

Of all the roles involved in corporate cyber defense, red teams and penetration testers are arguably the most important. These teams are proactive rather than reactive; they preempt attacks rather than merely responding to them. Red teams and penetration testers challenge the security suite; push it to its limit; and pinpoint information, identification, counterterrorism, enforcement, containment, and repair any holes. Without their help, organizations are essentially sitting ducks, just waiting for the next disaster to happen. The technical knowledge required to successfully attack information systems is extensive and profound. To “break” something, you must first understand how it works. The deeper an attacker’s understanding of information systems, the more covert their activity and the greater their capacity to hurt organizations.  
To successfully complete this Red Team Expert program, students must demonstrate deep technical understanding and spend significant time trialing and experimenting with new approaches. They must tackle complex challenges and realistic simulated scenarios with no obvious solution or resolution method. Those who persevere when the challenge seems insurmountable have the best chance of graduating from this course.

The course covers the following topics:

DON'T TOUCH THIS TAB

It’s important to improve the accordion’s behaviour

Reconnaissance
  • The attack lifecycle
  • OSINT and passive information gathering
  • DNS enumeration
  • Whois and other public resources
  • Active scanning and host discovery
  • Port scanning and service/OS fingerprinting
  • Application vulnerability scanning (SMB, SNMP, LDAP, HTTP)
C2 Connections
  • Reverse shell connections
  • Bind shell connections
  • Encrypting control connections
  • Session management with Metasploit
  • Evading detection
Web Application Hacking
  • Penetration testing and web applications
  • Meet the Web stack
  • Profiling Web servers
  • Data store injections (SQLi, NoSQL)
  • Client-side injections (XSS, CSRF)
  • Detecting OS command injections
  • File inclusion vulnerabilities (LFI/RFI)
  • HTTP parameter pollution
  • Insecure Direct Object References
  • XML external entity injection (XXE)
  • Attacking deserializers
  • Server-side request forgery (SSRF)
  • Flaws in cryptographic implementations
  • Web app testing methodology
MS Domain and Active Directory Attacks
  • Dive into PowerShell and WMI
  • Active Directory enumeration
  • Uncovering hidden and hard-to-find attack paths
  • Abusing MS services
  • Domain privilege escalation
  • Domain persistence and backdooring
  • Cross-forest persistence and trust attacks
Reverse Engineering and Binary Exploitation
  • Introduction to ASM x86
  • The PE format and WinAPI
  • Working with debuggers
  • Practical Assembly
  • Introduction to IDA
  • Reversing unknown binary with IDA
Final Enterprise Hacking Challenge
  • Multi-machine, multi-segment domain challenge
  • Server exploitation vectors
  • Client exploitation vectors
  • Post-exploitation and Lateral Movement
  • Security evasion
  • Data exfiltration
Don't touch this tab
ABOUT CYBERPRO

About CYBERPRO was founded in cooperation with international information security and instruction authorities who bring to Israel world-leading cyber training technologies and a learning experience of the highest standard available today.

The partners include the IITC group which has been training graduates for the high tech industry for over 20 years, and was selected as the training center for the Cisco Company in Israel.

CYBERPRO’s advanced, sought-after training courses in the areas of infrastructures, information security and cyber are world famous. These training courses were developed by some of the best cyber experts in the world, for international security organizations that emphasize the high training capabilities, the professional learning methods and the unique training and practice technologies. Our connection with international groups allows our students to be exposed to unique employment opportunities in Israel and abroad.

The training and learning tracks are all based much hands-on practice and preparation for the industry and profession requirements, so they include technological labs and practice sessions using one of the most advanced simulators in the world.

COURSE INFO
    • Infrastructure and/or application penetration testers,
    • Red teams
    • Vulnerability researchers
    • Graduates of the Cyber Essentials program
    • Advanced knowledge of Windows operating systems and domain services
    • Advanced knowledge of Linux/Unix operating systems
    • Advanced knowledge of TCP/IP protocols
    • Basic programming skills
    • Familiarity with Internet technologies e.g. HTTP, HTML, CSS, JavaScript, SQL, PHP, node.js
    • Familiarity with Windows and/or Linux internals is advantageous
    • Experience programming with C and/or x86 ASM is advantageous
    • Collecting intel on the network using relevant sources
    • Web application penetration testing
    • Infrastructure penetration testing
    • Using reverse engineering and binary exploitation

INTERESTED? CONTACT US