The Python for Red Teams Course challenges students to implement their own custom attack frameworks for use during penetration testing and other activities. Students will no longer need to rely on a framework written and designed by someone else during assignments, they will use a tool that they created, free of known and compromising signatures. By leveraging what they have learned in the past with Python and new concepts introduced in the course, students will design and develop a framework that is both extensible and easy to use. During this 5 day course, students will be given a sample framework which will act as a template for their own platform. Each module in the course will allow students to build upon and customize their platform while learning to convert and import new tactics and techniques. The topics covered range from simple scanners to custom browser exploitation to privilege escalation, all built into a custom framework. On the final day of the course, students will be challenged to use this newly created attack platform in a live assessment, including designing and developing new features on-the-fly to handle new challenges within the assessment range. By the end of the course, students will walk away with a framework they can use on future assessments and continue to build upon.

The Python Programming Course is a concentrated, hands-on course that arms students with the skills and knowledge to leverage the Python programming language in everyday computer network operations. Students will start at the beginning with Python, no assumptions are made on prior skill level, and work towards becoming proficient in the language both in reading source code and designing and developing their own applications. The course uses real-world techniques within each of the modules, demonstrating how Python can be leveraged in each scenario to help improve success and efficiency. Topics range from creating your own password cracking tool to setting up client-server applications, all within 5 days. On the final day of the course, students will be challenged with a multi-level culmination exercise, helping to reinforce the skills gained during the week and acquire new skills as well. This culmination exercise will not only test the students understanding of the Python language, but will also help demonstrate the different areas within network operations that Python can be useful. Students will be required to think creatively to get through this challenge.

This is an intense, hands-on course designed to take students through the steps needed to develop their own exploits on both Windows and Unix-based operating systems. The course begins with an overview of Python, which is used to develop and deliver most of the exploits. After, students create custom shellcode in Assembly Language, learning how to properly groom the registers and stack for execution. Students create custom exploits against applications, learning to how to fuzz the applications’ inputs to find vulnerabilities and successfully execute arbitrary code on the system. Students learn about the protections used by systems and compilers to block successful exploitation, and how these protections can be subverted. On the last day students are challenged with a culmination exercise that takes them through all of the attacker steps from getting onto a remote machine via a web vulnerability to using a buffer overflow to gain root access. The course teaches these skills by walking the students through the development of all the necessary tools from scratch - it does not rely on Metasploit or any other exploit framework.