Education is the most powerful weapon used to change the world

Having trained thousands of students on the art of network and application exploitation for the past decade, it's safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.

Intro to Red Teaming

Intro to Red Teaming

Intended for existing penetration testers with a solid and technical understanding of penetration testing tools and techniques, this course teaches students how to hack like criminal network operatives. With a strong offensive focus drawing on the techniques employed in recent industry hacks, the student is taught about new vulnerabilities (current year – 3 years) and how to use them to their full potential.

Course Details

If you're just starting your hacking career, or want to understand the field better, this course is for you.

It is often said that penetration testers emulate other penetration testers rather than real bad guys, leaving organisations exposed to what they miss. This course aims to change that. By combining our research into the hacking underground with our red teaming experience, we've put together a course to teach you how to test your organisations like a real criminal would. Getting Domain Admin really isn't the goal.

Our red team experience in going after critical business systems, from cross-border financial systems to large SCADA systems and the paths and techniques to get there are distilled into this course and taught by our senior analysts throughout a series of practical exercises and war stories along the way.

This is a very hands on course, and some of the topics (most of which include practical exercises) include:

  • Exploitation via phishing.
  • Malware delivery vectors, loaders, FUD AV bypass including real malware samples.
  • Privilege and low noise persistence.
  • Stealth lateral movement and living off the land.
  • Ransomware.
  • Emulating real threats - stealing money and other stories.

Course Content

Attacking like a criminal network

The course objectives are to teach students how to hack like a criminal network; strong offensive focus drawing on the techniques employed in recent industry hacks. Strong with regards to new vulnerabilities and how to use them to their full potential.

Attack Emulation

Our Master course is about emulating such attackers in gaining access to all areas of the OSI layer, including 8 (the human). From initial footprinting of a target environment, to building up an attack pattern based on architecture choices, to targeting humans and gaining an initial foothold into the network using phishing campaigns and techniques used by APT actors.

Tactics, Techniques and Procedures Taught.

Gaining command execution on boxes is a key stage in the attack chain. This module discusses AV evasion techniques, privilege escalation for Linux, Windows and OS X. The art of pivoting through a network is taught, along with efficent ways of owning Microsoft domains. This also includes stealth Tactics, Techniques and Procedures (TTP's).

Students will be versed in the art of:

  • Multi-vector client-side attack vectors (host, network, application and mobile) and compromise.
  • Running and maintaining a successful botnet campaign (Betabot)
  • Payload construction & AV evasion
  • Privilege escalation and persistence.
  • Data harvesting and extrusion.
  • Post exploitation under Windows, OS X and Linux.
  • Lateral network movement.

SensePost Training Portal

We've developed a training portal for students to interact with the trainers, keep updated on content and also download all files, slides and tools delivered during the course. This portal is made available to all students, even when the course has finished. In addition, we've moved our training infrastructure into our own cloud, which means students get their own individual environments to test against, making use of VPN's and numerous targets. This gives a fully immersive experience of attacking real-world architecture and networks.

Who should take this course?

Penetration testers, network administrators, red/blue teams, security professionals, and IT security enthusiasts who have a need to acquaint themselves with real-world offensive tactics, techniques and tools.


If you wish to have training, please get in touch with our sales team to discuss further.