Red Team: de iniciante a ninja em 2 dias

Instructor: Ygor da Rocha Parreira & Filipe Balestra & Pacote Loko

Total seats: 20

Vacancies: 0

Minimum Required: 8

Duration: 16 horas

Date: 23 e 24 de outubro de 2017

Bring your own Laptop: Sim

Language: Português

Investment: R$ 1100,00


Treinamento Lotado (envie email se tiver interesse, estamos avaliando outras turmas)
R$ 1100,00

Red Team: de iniciante a ninja em 2 dias
 Ygor da Rocha Parreira & Filipe Balestra & Pacote Loko
For a long time, it has been said that a penetration test is a simulation of a real attack, and thus it could measure the extent of the impacts of potential attacks. However, usually the execution of a penetration test is known by IT and Security teams, and the pen-tester has no concerns about not being detected. It is quite the opposite actually; these tests usually start with a massive and noisy vulnerability scanning. In addition, usually these tests are very case-specific: only a network, or a specific web application, or a wireless network, or a phishing pentest, etc is contracted.

Unlike classical penetration tests, Red Teaming is the test currently available in the market that most closely resembles a real attack. Such tests should be performed without warning the IT and Security teams, and there is a real concern about being stealthy. In other words, you never start a Red Team engagement running a noisy port/vulnerability scanner against the entire customer's network IP range. This type of test presents virtually no limitations regarding the type of attacks included in its scope, so you can do physical security attacks to bypass RFID access controls or even conventional physical locks using lock picking techniques, you can send phishings or voice phishings, or even attack the organization's wireless network. The emphasis here is on the threat scenario being simulated, and not in that techniques being used. Examples of possible threat scenarios include hacktivism, cyber terrorists, spying, and cybercrime, each with its own motivations and attack profiles.

In this training you will learn ninja techniques to successfully perform a Red Team test. Ninja techniques in this context mean effective techniques to compromise networks and organizations. You will learn how to map organization profiles; prepare pretexts and create the required infrastructure to run a phishing attack; create payloads that bypass antivirus and endpoint security solutions; perform attacks for gaining physical access using social engineering, bypassing physical and digital security controls (RFID and others). In addition, you will gain skills on how to physically attack a local host recovering credentials and implanting stealthy backdoors, and how to escalate privileges in hybrid environments (Windows + Linux). The labs created reflect the extensive international experience of the instructors.

- Gaining internal access
* Phishing Like a Boss
Use of open source information to compromise systems
Client-side exploitation
Payloads that bypass antivirus and antispam
Physical media shipping
* Physical access
Lock picking in physical and digital locks
Drop box
Physical attacks to machines
* Anti-malware bypass
- Escalating privileges
* Effective tricks and techniques to escalate privileges in hybrid environments
- Black Hat techniques
* Effective methods to keep you invisible/undetectable (like Mr. Robot)

Who should take this course?
Penetration testers, security consultants, security analysts, forensic analysts, incident response analysts and under graduation students.

Student requirements:
It's not mandatory, but some level of knowledge/experience in the following topics is desired:
IP (routing, IP classes, broadcast traffic, translation from layer 2 <-> layer 3 (MAC) in Ethernet networks
TCP and UDP (differences and services)
DNS (Records CNAME, NS, TXT and A; zone transfer, domain registry, and etc)
HTTP (vhost, protocol, and etc)
principles of web development
SMTP (E-mail systems)
ICMP (types and use)

What Students Should Bring?
Laptop with:
At least 8GB of RAM
At least 30GB of free disk space
VMWare Player or Workstation pre-installed
At least a working USB port available

What students will be provided with?
Scripts and tools
Instructor 1: Ygor Parreira (dmr).

Ygor is a Senior Security Specialist at Threat Intelligence, and founded the Hackers 2 Hackers Conference (H2HC) in 2004, which is currently the longest running hacking conference in Latin America. H2HC was created with the main goal to allow Brazilian security specialists and researchers to meet and exchange information. Ygor is the H2HC Magazine Editor and Columnist responsible for the column “Fundamentals of Offensive Computing”.

Ygor has a deep technical knowledge-base that includes computer architectures and operating system internals, compilers, assemblers, linkers and loaders. He is experienced in Intel x86 and fluent in assembly for Intel, C programming, binary reverse engineering of PE and ELF file formats.

He has delivered a long list of presentations and training at hacking conferences around the world on security topics and independent security research. These include:
- Pentest & Exploitation Tricks
- Memory Corruption Vulnerabilities - The Evolution of Protections and Countermeasures In Linux Environments
- Hooking Handlers
- Reverse Engineering Payment Malware
- Computer Architecture For Security Researchers
- Architecture Hacking: Understanding the Fundamentals For Code Exploitation
- Vulnerabilities in Web Applications
- Web environments: how far does the protection of your web application firewall go?
- Reverse Engineering of Malicious Code
- Buffer Overflow Attacks

Ygor has extensive experience in penetration testing focusing on low-level attacks, network infrastructure, protocol attacks, classes of memory corruption and dangling pointers, source code review, web applications, wireless, RFID, PoS and credit card systems, ATMs, mobile (iOS and Android), phishing, client side exploitation, and red teaming including physical attacks, lock picking, and manipulating sensors and cameras.

Instrutor 2: Filipe Balestra.

Filipe has 20+ years of experience in computer security. He is director of security consultant working for big companies and governments. Additionally, he is organizer of H2HC and SaciCon conferences. He has found several vulnerabilities in commercial products broadly used, and have published articles in important magazines such as Hackin9 and Phrack.

Instrutor 3 (Invited): Pacote Loko (Crazy Packet)

Crazy Packet is a Brazilian underground packet, which was detected on the IRC channels during the last century. Since the beginning, it has always been low profile and very good in pwning systems. He has large experience doing several kinds of hacking, including Red Teaming. He gave an interview for H2HC Magazine, which can be found here: (Edition 10 - Portuguese only)