- Course Introduction
- What is Red Teaming?
- What is OPSEC?
- Primum non nocere?
- Attack Lifecycle
- Engagement Planning
- Post-Engagement & Reporting
- Overview
- Red Team Ops Lab
- Cobalt Strike
- Starting the Team Server
- Listener Management
- Generating Payloads
- Interacting with Beacon
- Pivot Listeners
- Running as a Service
- 🌴 Initial Compromise
- Password Spraying
- Internal Phishing
- Initial Access Payloads
- Visual Basic for Applications (VBA) Macros
- Remote Template Injection
- HTML Smuggling
- Host Privilege Escalation
- Windows Services
- Unquoted Service Paths
- Weak Service Permissions
- Weak Service Binary Permissions
- UAC Bypasses
- Obtaining Credential Material
- Beacon + Mimikatz
- NTLM Hashes
- Kerberos Encryption Keys
- Security Account Manager
- Domain Cached Credentials
- Extracting Kerberos Tickets
- DCSync
- Password Cracking Tips & Tricks
- Wordlists
- Wordlist + Rules
- Masks
- Mask Length & Mask Files
- Combinator
- Hybrid
- kwprocessor
- User Impersonation
- Pass the Hash
- Pass the Ticket
- Overpass the Hash
- Token Impersonation
- Process Injection