Red Teaming Essentials course is designed to cover some of the most advanced ethical hacking concepts, tools and tactics to equip security professionals with the right blend of knowledge and exposure to safeguard their environment from malicious hackers.

This program will teach you the basics of Red Teaming, followed by advanced penetration testing concepts and will expose you to exploiting vulnerabilities. Furthermore, you'll be familiarized with post-exploitation techniques, password attacks, malware threats, social-engineering attacks, Denial of Service (DoS) attacks, Network and Layer-2 attacks and other key concepts including Steganography, Web Application Penetration Testing, DNS Hijacking, Wireless Attacks and House Cleaning.



Trainer Name: Murali M

Designation: Red Teaming SME at QOS Technology 

Certifications: CCSA, CCSE, CCSBA, CCSVA, CEH, CCSM, CHFI Certified InfoSec Engineer

Introduction to Red Team Essentials
Red Teaming Introduction
Red Teaming Building Blocks
Lab settings and Requirements
Lab settings in VirtualBox
Overview Of Top Red Teaming Tools
Attack use case
Introduction to VAPT
Red Team Testing Phases
Reconnaissance and Hands-On
Scanning and Hands-On
Vulnerability Scanning Setup
Performing a vulnerability scan
Vulnerability Analysis and penetration testing (vapt) Report
Exploiting Vulnerabilities
Exploiting Existing Vulnerabilities
Metasploit Framework (MSF) and its software architecture
Understanding a Real Scenario
Configuring & Running an Exploit
Understanding Meterpreter shell
What is Pass the Hash?
Pass the Hash Lab
What is Pivoting?
Pivoting Lab
Post Exploitation ( Maintaining Access )
Introduction to Post Exploitation
Privilege Escalation Introduction
Privilege Escalation on Linux systems
Privilege Escalation Labs
Privilege Escalation on Windows Systems
What is Persistence?
Persistence Module in Meterpreter
Different ways of maintaining Persistence
Meterpreter for Post-Exploitation
Post exploitation Gathering and Managing Modules
Maintain anonymity and confidentiality
Anonymity tools and services
Configuring proxy chains for anonymity
Password attacks
Introduction to Password Cracking
Offline password cracking using John the Ripper
Password Cracking using Ophcrack
Online SSH password cracking using Hydra
Cracking the password of a Web app
Brute force attack using Burp Suite
Passwords while sniffing the traffic
Unhiding hidden passwords
Cracking Wi-Fi Passwords
Cyber Malware threats
Malware threats:Introduction and types
Malware threats Ransomware lab
Malware threats open source labs
Malware threats - Malware analysis Tools
Social Engineering Attacks
Social Engineering Terminologies
Tools for Malware creation
Social Engineering Toolkit (SET) for phishing
Embedding malware in Firefox add-ons
Embedding malware in PDF files
Creating undetectable payloads for Phishing Attacks
Android mobile platform attack using phishing
Sending Fake Emails and other online services for Phishing
Steganography for hiding a malicious payload
WireShark for Offensive Security
WireShark usage and its advantages in offensive security
ARP Cache Poisoning using Ettercap detection
SSL decryption
Traffic analysis for confirming successful attack
Important Remedies and Protections
Overview of OSI Layer-wise attacks
Overview of OSI Layer-wise remedies
Security Tuning Fundamentals
Multi-layered threat prevention approach and protections
Web Application Penetration Testing
Approaching Web App Pen Testing Engagement and configuring Burp Suite
Command Injection Attacks
File Inclusion Attacks
File Upload Attacks
Exploiting Broken Authentications
Reflected, Stored & DOM-based XSS [Cross Site Scripting] attacks
XML Injection
Exploiting applications with vulnerable components