Adversary Tactics and Techniques

R9B’s Adversary Tactics and Techniques course is an intense 5-week hands-on course that teaches students the methodology and technical details of how attackers recon, gain access to, pivot, and remain hidden within a target network, and any artifacts their actions may leave behind. Whether they’re on a path to become pen-testers, red team members, or cyber hunters, the Adversary Tactics and Techniques course prepares students to excel by establishing a firm foundation in operational cyber exploitation methodologies. Future pen-testers will know how to infiltrate networks, and cyber defense analysts and operators will be better equipped to identify the tell-tale signs of an intrusion in progress. The course takes students with a basic understanding of computers and computer networks to a level where they can execute fundamental exploitation operations in Windows and Linux environments.

The course begins by establishing a firm foundation on the Windows and Linux operating systems and how those system communicate on networks, and finishes with using offensive tools, tactics, and procedures on those operating systems, with an emphasis on protecting assets and acquired accesses. Students will learn the technical details of how fundamental exploit techniques are executed and why they work. Modules covering topics from packet analysis to pivoting and tunneling are done in a way that emphasizes a capability independent mindset.

The course is taught by leading professionals in the cyber security field. All instructors have either had previous experience conducting cyber operations within the Intelligence Community, or have been pen-testers or red team members within the military or government. This experience is leveraged to enhance training and best prepare students to execute their organization’s mission no matter what cyber terrain they operate in.

The course focuses on five major topics: Windows, Linux, Networking, Tactical Forensics, and Adversary Methodologies & Exploitation Techniques. Every course module is taught through the use of numerous hands-on exercises designed to reinforce the practical application and employment of the most fundamental techniques used by sophisticated cyber organizations. Students learn by following along with the instructor and completing complex exercises designed to force students to think outside of the box and act within a dynamic environment. As students learn the concepts, they are simultaneously challenged to develop and apply their critical thinking skills to produce innovative solutions to complex problems. Additionally, students are taught advanced techniques and procedures to hide their tracks and remain hidden. Students will develop and demonstrate their skills throughout the course by achieving cyber objectives in live virtual environments.

The final week of the course includes several days of extensive exercises that require students to gradually combine everything learned in the previous modules, culminating in a final scenario that simulates a full-scale cyber operation. Students leave the ATT course with a thorough understanding of the exploitation process and the technical knowledge to perform a full range of fundamental cyber operations on target networks.

R9B ATT first establishes a foundation on the Windows and Linux operating systems and how those systems communicate on networks. It concludes with the use of offensive tools, tactics, and procedures on those operating systems. Students learn how fundamental exploit techniques are executed and why they work. R9B presents modules covering topics from packet analysis to pivoting and tunneling, emphasizing a capability-independent mindset in this Cyber Adversary Tactics training course.

Adversary Tactics and Techniques is taught by leading professionals in cybersecurity. All instructors have previous experience conducting cyber operations within the United States Intelligence Community or were pen-testers or red team members within the U.S. military or government. This experience enhances training and prepares students to execute missions across diverse cyber terrain.

The course focuses on five major topics: Windows, Linux, networking, tactical forensics, and adversary methodologies & exploitation techniques. Every course module uses hands-on exercises to reinforce the practical application and employment of fundamental techniques used by sophisticated cyber organizations. Students follow along with the instructor and complete complex exercises forcing them to think outside of the box and to act within a dynamic environment. As students learn the concepts, they are challenged to develop and apply critical thinking skills to produce innovative solutions to complex problems. Additionally, instructors teach students advanced techniques and procedures to hide their tracks and maintain stealth. Students develop and demonstrate skills throughout the course by achieving cyber objectives in live virtual environments.

The final week of the course includes extensive exercises requiring students to combine lessons from previous modules. The course culminates in a scenario simulating a full-scale cyber operation. The ATT course provides a thorough understanding of the exploitation process and the technical knowledge to perform a wide range of fundamental cyber operations on target networks.

MODULES IN THIS COURSE

• Module 1 – Adversary Tactics & Techniques – Linux Fundamentals
• Module 2 – Adversary Tactics & Techniques – Networking & Network Devices
• Module 3 – Adversary Tactics & Techniques – Windows Fundamentals
• Module 4 – Adversary Tactics & Techniques – Tradecraft & Exploitation
• Module 5 – Adversary Tactics & Techniques – Forensics / Live Memory Analysis / Reverse Engineering / Culmination Exercise

TARGET AUDIENCE:

Cyber professionals with existing system administration, networking and/or cyber security backgrounds who are preparing to enter positions or advanced training in the fields of penetration testing, red teaming, cyber hunting, and cyber operations.

PREREQUISITES:

• Basic operating system fundamentals and understanding of related components such as memory, CPU, storage devices, I/O devices.
• Basic Linux command line knowledge such as filesystem navigation and creating and modifying files.
• Basic Windows command line knowledge such as filesystem navigation and creating and modifying files.
• Basic understanding of networking devices such as switches and routers and protocols within the OSI model.
• Basic scripting concepts such as knowledge of data types, condition statements, and logic and comparison operators.
• Cyber security fundamentals to include exploitation concepts and terminology.

COURSE MATERIALS:

• Lecture slides in PDF
• Exercise materials (files, VMs, etc.)

PRICE:

GOVERNMENT ONLY,

Nov
12
Tue
Adversary Tactics and Techniques (San Antonio, TX)
Nov 12 – Dec 13 all-day
Feb
3
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Feb 3 – Mar 6 all-day
Feb
18
Tue
Adversary Tactics and Techniques (San Antonio, TX)
Feb 18 – Mar 20 all-day
Mar
16
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Mar 16 – Apr 17 all-day
Mar
23
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Mar 23 – Apr 24 all-day
Apr
6
Mon
Adversary Tactics and Techniques (Annapolis Junction, MD)
Apr 6 – May 8 all-day
May
18
Mon
Adversary Tactics and Techniques (San Antonio, TX)
May 18 – Jun 19 all-day
Adversary Tactics and Techniques (San Antonio, TX)
May 18 – Jun 19 all-day
May
26
Tue
Adversary Tactics and Techniques (Annapolis Junction, MD)
May 26 – Jun 26 all-day
Jul
13
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Jul 13 – Aug 14 all-day
Jul
27
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Jul 27 – Aug 28 all-day
Aug
24
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Aug 24 – Sep 25 all-day
Aug
31
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Aug 31 – Oct 2 all-day
Sep
21
Mon
Adversary Tactics and Techniques (Annapolis Junction, MD)
Sep 21 – Oct 23 all-day
Oct
5
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Oct 5 – Nov 6 all-day
Nov
9
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Nov 9 – Dec 11 all-day
Nov
16
Mon
Adversary Tactics and Techniques (San Antonio, TX)
Nov 16 – Dec 18 all-day

Human-Led. Technology-Accelerated.

Email Call 719.368.3677 (M-F 8-5)