training

Tradecraft is a free course on red team operations. This course will provide the background and skills necessary to execute a targeted attack as an external actor with Cobalt Strike. To go beyond the material here, read the course notes.

1. Introduction


This segment introduces the Metasploit® Framework and Cobalt Strike with an orientation to how both tools are organized.

2. Basic Exploitation (Hacking circa 2003)


This lecture shows how to pick the right remote exploit, leverage brute forced credentials, and pivot through SSH.

3. Getting a Foothold


This lecture takes you through the client-side attack process. How to map the client-side attack surface, setup a listener, pick a memory corruption exploit, and (preferably) use features to get a foothold.

4. Social Engineering


This lecture shows you how to setup a watering hole attack, create a phishing site, and get people to visit your attack through spear phishing.

5. Post Exploitation with Beacon


This lecture dives into Cobalt Strike's Beacon. Learn how to manage Beacon's data channels, get an overview of its commands, and use Beacon to pivot into a network.

6. Post Exploitation with Meterpreter


This video digs into interactive post-exploitation with Meterpreter. You will learn how to use Meterpreter, pivot through the target's browser, escalate privileges, pivot, and use external tools through a pivot.

7. Lateral Movement


This installment covers lateral movement. You'll learn how to enumerate hosts and systems with built-in Windows commands, steal tokens, interrogate hosts to steal data, and use just Windows commands to compromise a fully-patched system by abusing trust relationships.

8. Offense in Depth


This segment revisits the process to get a foothold with a map of the defenses you'll encounter. You'll learn how to avoid or get past defenses that prevent message delivery, prevent code execution, and detect or stop command and control.

9. Operations


This last chapter covers operations. Learn how to collaborate during a red team engagement, manage multiple team servers from one client, and load scripts to augment Cobalt Strike.