SEC670: Red Team Ops – Windows Tool Development Preview

Wednesday, 29 Jun 2022 3:30PM EDT (29 Jun 2022 19:30 UTC)
Speakers: Jonathan Reiter, Jorge Orchilles

Join SEC670 course author Jonathan Reiter and SANS Principal Instructor Jorge Orchilles as they give a sneak peek at the latest SANS Red Team Ops course – Windows Tool Development. This is an advanced, 600-level course for the experienced Red Teamers. As Red Teaming evolves, you will realize that custom windows tool development is a requirement. Your generic and default payloads from most offensive tools will (and should) be caught by your security controls. Red Teams must build custom code to evade defenses and gain the objectives.

Windows tool development is more than just creating a console application that prints out “Hello, World!” We will not be creating any GUI applications either. Instead, we will focus on becoming familiar with Windows APIs that will leverage greater offensive capabilities for your tooling. In the world of offensive tools, it is hard to “see” the effectiveness of your tool. If you are really good at what you do, it will never be seen.

Login to Register

Related Content

Penetration Testing and Red Teaming

November 14, 2022

A Visual Summary of SANS Pen Test HackFest Summit 2022

On November 14-15, attendees joined us in Arlington, VA or tuned in Live Online for the SANS Pen Test HackFest Summit! We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through a...

Penetration Testing and Red Teaming, Cybersecurity and IT Essentials, Cyber Defense

Month of PowerShell: Fileless Malware with Get-Clipboard

Let's take a look at a sneaky attack to use PowerShell maliciously while evading detection (and some ways to detect it).

Penetration Testing and Red Teaming, Cyber Defense

Month of PowerShell: Cut a Column of Text

In this article we look at cutting a column of text from a file using PowerShell.