Be Cobalt Strike Sifu – Ravin Academy

About the course

The intrusion testing process allows us to identify vulnerabilities in our cyber infrastructure before it can be exploited by attackers. In other words, by running a successful intrusion testing process, we will be able to answer the question “How can attackers infiltrate my organization’s cyber infrastructure” and address identified vulnerabilities. But the process of penetration testing, or red team, involves sections with repetitive activities that many experts prefer to do with automated tools. In this way, the evaluation process will be done with higher speed and accuracy.

One of the most advanced and widely used systems in this field is called Cobalt Strike. As mentioned, the intrusion testing or red team process involves a series of repetitive and sometimes tedious processes such as collecting raw data, gaining initial access, maintaining and expanding access, and avoiding detection. Cobalt Strike acts like a versatile Swiss Army knife here. . This system has the ability to emulate many cyber attacks, so that security assessment professionals can easily execute various attacks and analyze the results. This has made Cobalt Strike a versatile (even in some cases essential) tool for red and blue team professionals.

دوره‌های امنیت تهاجمی

9,500,000 ﷼ثبت نام

This course will help you take advantage of the in-depth capabilities of Cobalt Strike in penetration testing processes or the Red Team and prepare yourself for evaluating the cyber security of corporate infrastructure (of any size). By taking this course, you will become familiar with the structure and operation of Cobalt Strike and the various steps of an advanced cyber attack such as phishing attacks, access expansion, access stabilization, bypassing antivirus and many other Post Exploitation techniques using Cobalt Strike. Learn practical.

Course duration

The duration of this workshop is 15 hours, which will be held online in three 5-hour sessions, from 10:00 to 15:00, on three Thursdays. The workshop will start on Thursday, October 22nd.

Who is this course recommended for?

  • Security Assessment Experts / Penetration Test / Red Team
  • People active in the Bug Bounty field
  • Specialists of water teams
  • Cyber ​​Security Advisors

What knowledge do I need to attend this course?

  • Familiarity with the concepts of different types of cyber attacks
  • Familiarity with the concepts and definitions of cyber security
  • Familiarity with commonly used TCP / IP protocols
  • Familiarity with the concepts of network and infrastructure

Course topics

Chapter 1: Introduction

1.1 What is Cobalt Strike?

1.2 The Team Server

1.3 Cobalt Strike Client

1.4 Distributed and Team Operations

1.5 User interface

1.6 Data management

Chapter 2: Listener and Infrastructure

2.1 Beacon Payload

2.2 Payload Staging

2.3 Favorite Beacon protocols

2.4 C2

2.5 Other listeners

Chapter 3: Persistence

3.1 Web persistence

3.2 Macro

3.3 Payload Generator

3.4 Windows Executable

3.5 Other hookers

Chapter 4: Phishing

4.1 Targets

4.2 Templates

4.3 Sending messages

Chapter 5: AV evading

5.1 AV evasion fundamentals

5.2 Payload Artifacts and Anti-virus Evasion

Chapter 6: Post Exploitation

6.1 Post Exploit with Beacon

6.2 Running commands

6.3 Session passing

6.4 Spoof Process Arguments

6.5 The Windows Registry

Chapter 7: Privilege Escalation

7.1 Elevate with an Exploit

7.2 Elevate with Known Credentials

7.3 Get SYSTEM

7.4 Mimikatz

7.5 Credential and Hash Harvesting

7.6 Port Scanning

7.7 Trust Relationships

7.8 Kerberos Tickets

Chapter 8: Pivoting

8.1 SOCKS Proxy

8.2 Proxy chains

8.3 Reverse Port Forward

Chapter 9: Some Other Interesting Techniqu