Attacking and Defending Azure Cloud: Advanced Edition [February 2025]
Take your Azure Red Team skills to the next level. Get trained in Azure pentesting, Red Teaming and Defense against an enterprise-like live Azure environment with focus on OPSEC and bypassing defenses. Earn the Certified Azure Red Team Expert (CARTE) certification.
Starts: 1st February 2025 Duration: 4 weeks
Recordings of live sessions included!
What will you learn ?
This advanced bootcamp is designed to help security professionals understand, analyze and practice threats and attacks in a modern, multi-forest Active Directory environment with fully patched Server 2019 machines.
In addition to learning the popular tactics, techniques and procedures (TTPs), you will also see how they change for attacks across forest trusts. You will also learn how to abuse or bypass modern Windows defenses like Advanced Threat Analytics, Local Administrator Password Solution (LAPS), Just Enough Administration (JEA), Resource-Based Constrained Delegation (RBCD), Windows Defender Application Control (WDAC), Application Whitelisting (AWL), Constrained Language Mode (CLM), virtualization and more.
Attacking & Defending Active Directory: Advanced Edition (CRTE)
- 4 Live Sessions
- 4 Hrs Per Session
- 4 Weeks Access
- 60 Flags To Be Collected
- 29 Lab Exercises
- 1 CRTE Attempt
- Recordings Of Live Sessions
Build Your Cybersecurity Credentials
Become a Certified Red Team Expert (CRTE)
A certificate holder has demonstrated the capability of enumerating and understanding an unknown Windows network and can identify misconfigurations, functionality abuse and trusts abuse. She can use, write and modify open source tools and can abuse other built-in tools to perform enumeration, local privileges escalation, impersonation, pivoting, whitelisting bypasses, and antivirus evasion as well as identify sensitive data with minimal chances of detection.
Bootcamp Completion Certificate
Attendees will also get a course completion certificate after completing Learning Objectives covered during the course.
Live Session Schedule
Weekly 4 hours sessions start at 09:00am ET and end at 01:00pm ET.
| Table Header | Table Header |
|---|---|
18 March 2025 |
Content |
Prerequisites
1. A good understanding of Active Directory security.
2. The ability to use command line tools.
Bootcamp Syllabus
Module 1
Introduction to OPSEC followed in the course and focus on stealth
Introduction to Active Directory, attack methodology and tradecraft
Domain Enumeration (Attacks and Defense)
Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints
Understand and practice what properties and information to look for when preparing attack paths to avoid detection
Enumerate trust relationships within and across forests to map cross trust attack paths
Learn and practice escalating to local administrator privileges in the domain by abusing OU Delegation, Restricted Groups, LAPS, Nested group membership and hunting for privileges using remote access protocols
Credential Replay Attacks
Module 2
Introduction to OPSEC followed in the course and focus on stealth
Introduction to Active Directory, attack methodology and tradecraft
Domain Enumeration (Attacks and Defense)
Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints
Understand and practice what properties and information to look for when preparing attack paths to avoid detection
Enumerate trust relationships within and across forests to map cross trust attack paths
Learn and practice escalating to local administrator privileges in the domain by abusing OU Delegation, Restricted Groups, LAPS, Nested group membership and hunting for privileges using remote access protocols
Credential Replay Attacks
Module 1
Introduction to OPSEC followed in the course and focus on stealth
Introduction to Active Directory, attack methodology and tradecraft
Domain Enumeration (Attacks and Defense)
Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints
Understand and practice what properties and information to look for when preparing attack paths to avoid detection
Enumerate trust relationships within and across forests to map cross trust attack paths
Learn and practice escalating to local administrator privileges in the domain by abusing OU Delegation, Restricted Groups, LAPS, Nested group membership and hunting for privileges using remote access protocols
Credential Replay Attacks
Module 2
Introduction to OPSEC followed in the course and focus on stealth
Introduction to Active Directory, attack methodology and tradecraft
Domain Enumeration (Attacks and Defense)
Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints
Understand and practice what properties and information to look for when preparing attack paths to avoid detection
Enumerate trust relationships within and across forests to map cross trust attack paths
Learn and practice escalating to local administrator privileges in the domain by abusing OU Delegation, Restricted Groups, LAPS, Nested group membership and hunting for privileges using remote access protocols
Credential Replay Attacks