What do I want you to take away from this course? Let’s split up the desired learning outcomes into conceptual outcomes and skill-based outcomes. Basically, what I want you to understand and what I want you to be able to perform after taking this course.
Conceptual Learning Outcomes
- Understand and explain ethical, legal, and responsibility considerations during red teaming.
- Understand and explain the differences between OPSEC, responsibility, ethics, and legality as they pertain to red teaming.
- Understand client data handling best practices.
- Explain the concept of “Break Glass Protocol.”
- Explain the risks of transmitting client data from target to teamserver during red team operations.
- Explain the risks of cloud assets when used for red team operations.
- Describe payload keying techniques and how to avoid inadvertent detonation.
- Describe practices that reduce the risk of malware emulation.
- Analyze an engagement scoping document and identify areas that require further clarification.
- Create a basic terminal logging script that ships terminal input/output to offline log storage.
- Provision and configure ELK, Fleet, and Sysmon for Linux to enable robust logging and auditing on red team infrastructure.
- Use YARA to create a repository of malware indicators for release in a “Break Glass Protocol” scenario.
- Create a basic red team command and control (C2) hybrid-cloud environment manually that focuses on operational safety.
- Configure ingress firewall rules and allow lists to lock down allowed inbound traffic to specific values.
- Develop emulation malware that uses payload keying techniques to ensure target accountability.
- Complete a simulated red team operation while considering responsibility at each step.