The Adversarial Threat Modeling and Emulation course is an intense, hands-on course that takes students through each stage of offensive operations methodologies using tradecraft, stealth and detection avoidance as the key principals. Students will gain proficiency with open-source penetration tools and learn techniques in vulnerability scanning, remote and client-side exploitation, and advanced post-exploitation techniques targeting both Windows and UNIX based operating systems. Students will utilize a wide range of advanced exploitation techniques to gain remote execution on multiple platforms ranging from Ubuntu to Windows 10. The course culminates with a comprehensive, challenging Capture-the-Flag competition. The exercise is a scenario-based challenge that engages the students in a friendly competition between two teams to capture multiple flags implanted throughout the network and solve various challenges and tasks. Techniques used will cover the gamut from scanning, network exploitation, and backdoor installation to artifact recovery and forensics.

Wireless Exploitation and Attack is an intense, hands-on course that takes students through the most common and current techniques for gaining access to a wireless network. Students will gain proficiency with open-source wireless attack tools and methodology. Subject matter includes everything from learning the foundations of 802.11 technology to the most advanced ways to circumvent wireless defense practices. Each student will learn the latest exploits and use the most effective tools to perform such techniques as secure man-in-the-middle attacks through wireless hotspot impersonations, exploiting weaknesses in Wi-Fi Protected Setup, and how to correctly secure networks using properly configured enterprise grade authentication.

The PowerShell for Red Teaming Course (PoRT) is based on the methodologies and processes used by professional government and corporate penetration testers, but with a strong emphasis on utilizing Windows PowerShell to leverage the .NET framework and Windows Management Instrumentation. PoRT focuses on scanning, host enumeration, remote and local exploitation, as well as tool building and scripting, with an emphasis on avoiding detection by users or security products. Students will be exposed to and learn penetration testing using advanced persistent threat techniques. PoRT covers a wide range of tactics, including clientside exploitation, process analysis, redirection and tunneling, as well as maintaining persistent presence on a target. The course is very hands on, with each section being reinforced with multiple labs, and concludes with a culmination exercise to test the skills the students have learned.

The Cyber Threat Emulation Course is focused on the methodologies and processes used by professional “Red” teams in government and corporate spaces. CTE was developed around the behaviors and techniques used by malicious network attackers, while maintaining focus on professional testing, ensuring the integrity and security of information assets. CTE focuses on information gathering, scanning and service enumeration, mapping, remote and local exploitation and reporting. Students will be exposed to and learn advanced penetration testing using advanced persistent threat techniques. CTE perfects the skills needed to effectively identify protection and mitigation strategies and optimize security controls appropriate for the organization.