Offensive Tradecraft Development

Oct 4th and 5th, 2023
Grand Hyatt, Kochi, India


Offensive Tradecraft Development

This comprehensive training program aims to equip participants with the knowledge and skills to develop evasive malware for responsible red teaming. Through theoretical lectures, hands-on demonstrations, and practical exercises, participants will gain an in-depth understanding of the latest malware development techniques

In addition, participants will learn how to create malware that can evade detection and infiltrate targeted systems while adhering to ethical guidelines and legal boundaries.

By the end of this training program, participants will comprehensively understand the latest malware development techniques and how to apply them responsibly. In addition, they will be equipped with the necessary skills to develop customised malware suited for red team operations.

Course Content (ToC):

  • Day 1: - Offensive Tradecraft Development - Basics
    • PE file format and parsing
      • IAT
      • EAT
      • Imports
      • Exports
    • Encrypting and encoding payloads to bypass signature detection
    • Windows API essentials
      • NTAPI
      • Data types in Windows
      • Pinvoke
      • Dinvoke
      • Syswhispers and the concept of direct syscalls
    • Process Injection Techniques
      • Simple shellcode runner
      • Simple process injection
      • Process Injection via callbacks
      • Queue User APC Injection
      • Early Bird APC Queue Code Injection
      • Map-view injection
      • Thread Execution Hijacking
  • Day 2: - Offensive Tradecraft Development - Advanced
    • AV/Signature bypass
    • Reflective Injection
    • Shellcode Reflective DLL Injection (sRDI)
    • ETW and AMSI bypass (via patching and patchless)
    • PPID spoofing
    • Cmdline spoofing
    • EDR Evasion Techniques
      • IAT Unhooking
      • Detours
      • Indirect syscalls
      • NTDLL unhooking
      • Hells Gate
      • Heaven’s gate



  • Comfortable with writing code in C# and C
  • Basic understanding of the Windows environment

Participants Requirements:

  • A laptop with at least 16GB RAM having either VMware or VirtualBox
  • Linux and Windows VMs Installed


2 Days

Who should attend

  • Penetration Testers / Red Teams
  • Blue Teams
  • Malware Developers
  • Threat Hunting Team

What to expect:

You can expect to gain hands-on experience in malware development during this training. Experienced instructors will deliver the training with years of practical experience in red teaming and are well-versed in the latest trends and techniques.

The training will be divided into modules covering various topics related to malware development, and each module will consist of a theoretical lecture followed by hands-on demonstrations and practical exercises, allowing you to apply what you have learned in a simulated environment.

You can also expect to network and collaborate with other participants in the training and the instructors, who will be available to provide guidance and answer any questions.

By the end of the training, you will have a solid understanding of malware development and be equipped with the knowledge and skills needed to perform effective red teaming and penetration testing activities professionally.

What not to expect

  • 0 days or exploit development knowledge
  • Bypasses on commercial security products

What attendees will get

All course material, including commands, slides and source code snippets for malwareAdditionally, technical support will be extended during and after the training class


Arun Nair

Independent Security Researcher , India

Arun is a skilled Red Teamer with extensive malware development and evasion expertise. With a strong background in offensive security, Arun possesses a range of certifications, including the Offensive Security Certified Professional (OSCP), CodeMachine Malware Techniques, and Malware on Steroids. These certifications demonstrate Arun's deep understanding of advanced strategies and techniques involved in malware development. Arun has honed this knowledge through practical experience from working with renowned organizations such as Google and Mandiant. These engagements have provided Arun with invaluable insights into the tactics employed by real-world adversaries. With his comprehensive skill set and hands-on experience, Arun is well-equipped to tackle the most sophisticated cybersecurity and red teaming challenges.

Aravind Prakash

Red Team Operator , Resillion , India

Aravind is an experienced Red Teamer working in Resillion with a strong background in offensive security and a passion for malware development. With multiple certifications, including CRTP, CRTE and CRTO. Having conducted numerous engagements, Aravind has gained valuable insights into the tactics used by real-world adversaries. Their expertise allows them to simulate attacks and identify system and network vulnerabilities.

Soumyadeep Basu

Cloud Threat Detection Engineer , CRED , India

Soumyadeep is a cybersecurity professional with expertise in both offensive and defensive security. Having earned certifications such as OSCP, OSEP, eCPTX and AZ-500, Soumyadeep possesses extensive skills and knowledge in both offensive and defensive cybersecurity domains. Soumyadeep has a strong foundation in red teaming and has worked with red team consulting companies like Mandiant and Payatu. Soumyadeep is a Cloud Threat Detection Engineer at CRED, specializing in identifying and mitigating cloud-based security threats.


Information Security Research Association Kerala Police


UNICEF UNICRI Centre for Artificial Intelligence and Robotics International Centre for Missing & Exploited Children WeProtect Global Alliance CESP | Conseil Européen des Syndicats de Police Kerala IT Mission


Federal Bank Synthite RP GRPUP


Keyzotrick Intelligence Pvt. Ltd National Critical Information Infrastructure Protection Centre Bharat Petroleum Palo Alto Networks Cyble - Cybersecurity Threat Intelligence Platform & Solutions Seqrite


Cochin Shipyard ICICI Bank State Bank of India SBI Life Geojit SFS Homes Cochin International Airport Manage Engine Resecurity: Cybersecurity Solutions and Services Fortinet Technologies India Pvt Ltd &


GAIL (india) LIMITED Canara Bank Elite Foods CSB Bank Petronet LNG Luker India Trend Micro AVT Natural CYFIRMA Indian Oil Corporation Cochin Port Trust Kerala State Industrial Development Corporation ESAF Bank The Kerala Minerals and Metals Limited


PureID Cyble - Cybersecurity Threat Intelligence Platform & Solutions Resecurity: Cybersecurity Solutions and Services Prophaze Manage Engine Darwis Fortinet Technologies India Pvt Ltd & Alibi Global Private Limited eSec Forte Technologies Palo Alto Networks Seqrite Innspark Enterprise Security C-DAC: Centre for Development of Advanced Computing, India ECS Biztech State Bank of India Kratikal Tech Pvt. Ltd. CYFIRMA TerraEagle Netskope Geojit


EliteCISOs GTech - Group of Technology Companies - Technopark, Infopark, Cyberpark BSides Odisha


WTC Kochi


Information Security Media Group The 420



Jet Suit demo partner


c0c0n @16

c0c0n is a 15 years old platform that is aimed at providing opportunities to showcase, educate, understand and spread awareness on Information Security, data protection, and privacy...

Where & When?

Oct 04th to 07th 2023
Grand Hyatt, Kochi, India

Reach us @

(+91) 974-690-6654