Red Team Training - BlackHat USA 2019

Intrusion Operations

Learn About Advanced Red Teaming And Malware Customization

Have you ever struggled conducting a red team assessment against an organization with mature security programs? Or, maybe, your blue team encountered scenarios where an environment seemed appropriately protected… until it wasn’t. If you know exactly what we are talking about, then our BlackHat red team training “Intrusion Operations” is just right for you. If you haven’t been in those situations yet, you may in the future. This is because modern-day attackers are relentlessly developing new tradecraft and methodologies. This allows them to successfully compromise even the most prepared targets. So, whether your goal is to perform red team assessments or blue team exercises, you need to ensure you are using the latest techniques to help avoid detection. That’s where we comes in!

Why can FortyNorth Security help?

We have years of hands-on experience. Not only performing assessments, but also developing tools and custom malware. Your BlackHat training instructor will be Chris Truncer, co-founder and Offensive Security Lead with FortyNorth Security, who has extensive record of developing both offensive and defensive open-source tools. You may have heard of the Veil Framework: a project aimed to bridge the gap between advanced red team and penetration testing toolsets. Chris is the founder and current developer of Veil and he will give all students the opportunity to join the Veil Framework Beta team (upon request). This will allow you to access the latest techniques and code prior to becoming public.

What, exactly, will you learn in our BlackHat training?

Starting from the attacker lifecycle, we will teach you methods and techniques that are based upon past-experience in real-world scenarios and that FortyNorth Security has used to compromise and maintain access, while avoiding detection by the target’s blue team. Upon completion of the class, you will have an arsenal of new techniques that can be utilized to yield highly successful assessments. You won’t just be gaining new and useful knowledge. You will also be immersed in a new environment and you will be asked to apply the newly-learned techniques, such as:

  • Capturing information about your target, before even gaining access
  • Writing custom malware to evade detection
  • Using the latest application whitelisting bypasses to survive and compromise protected systems
  • Developing strategies for persisting within the target environment
  • Hands-on phishing and malware development techniques used by red teams and attackers, which successfully achieve team goals and avoid detection (you will write small pieces or malware for phishing and weaponizing application whitelisting bypasses to compromise the lab environment)

What else do we provide that you will not find elsewhere?

  • You will receive the internally-developed, custom scripts and tools used by FortyNorth Security on red team assessments
  • We’ll cover techniques not widely discussed, such as stripping out network, host, and in-memory indicators that get you caught. We’ll show you how to customize malware and C2 to avoid being detected
  • Access to a private repository which contains custom developed code that we use on our red team assessments that help prevent us from getting caught and allow us to successfully break into our customer’s environment
  • You will be included (upon request) within the Veil Framework’s Beta team

How to sign up for FortyNorth’s BlackHat training

We are very excited to share with you our red teaming and malware development approach and cannot wait to meet you in person on August 3-6 at BlackHat USA 2019! You can purchase tickets and find more info on our BlackHat training here on BlackHat’s website. If you’d like to learn more about Veil and other tools, check out our blog. Finally, if you have any questions or feedback, we’d love to hear from you! Here is how to contact us: FortyNorth’s website, our Twitter, our LinkedIn, our Facebook.