What do I want you to take away from this course? Let’s split up the desired learning outcomes into conceptual outcomes and skill-based outcomes. Basically, what I want you to understand and what I want you to be able to perform after taking this course.

Conceptual Learning Outcomes

• Understand and explain ethical, legal, and responsibility considerations during red teaming.
• Understand and explain the differences between OPSEC, responsibility, ethics, and legality as they pertain to red teaming.
• Understand client data handling best practices.
• Explain the concept of “Break Glass Protocol.”
• Explain the risks of transmitting client data from target to teamserver during red team operations.
• Explain the risks of cloud assets when used for red team operations.
• Describe payload keying techniques and how to avoid inadvertent detonation.
• Describe practices that reduce the risk of malware emulation.

Skill-based Outcomes

• Analyze an engagement scoping document and identify areas that require further clarification.
• Create a basic terminal logging script that ships terminal input/output to offline log storage.
• Provision and configure ELK, Fleet, and Sysmon for Linux to enable robust logging and auditing on red team infrastructure.
• Use YARA to create a repository of malware indicators for release in a “Break Glass Protocol” scenario.
• Create a basic red team command and control (C2) hybrid-cloud environment manually that focuses on operational safety.
• Configure ingress firewall rules and allow lists to lock down allowed inbound traffic to specific values.
• Develop emulation malware that uses payload keying techniques to ensure target accountability.
• Complete a simulated red team operation while considering responsibility at each step.