Register Online

Contact Info

(+91)-974-690-6654
support@c0c0n.org

Social Links

WS-08

Home WorkshopsStealthOps: Red Team Operations 2025 Edition

StealthOps: Red Team Operations 2025 Edition

07-09 October, 2025

ABSTRACT

Apex Threat Actors having advanced capabilities like leveraging in-memory implants, writing custom codes to evade AVs & EDR, moving laterally with custom made Tools, evading host and network level security solutions for stealthiness etc are constantly consolidating their attack techniques (and Tactics) against Defensive Teams. To strengthen the enterprise grade security, the training is designed for penetration testers, Red Teams and Blue Team members to understand different tactics, techniques and attacks used by adversaries.

With the increase in Ransomware attacks, fortune companies, and business critical companies have overlooked security controls placement and configuration. This training helps enhance the visibility of Enterprise Based Security Controls. This training focuses on the tactics, techniques, procedures, and tools of Threat Groups - how stealthily they operate, and how they circumvent the security mechanisms employed in a patched & monitored environment.

PRE-REQUISITE

  •     Comfortable with command line environment
  •     Fair knowledge of Penetration Testing Methodology
  •     An Open Mind :)

PARTICIPANT'S REQUIREMENTS

  •     System with at least 16GB RAM having VMWare workstation Pro installed
  •     Attacker Linux Box [Parrot or kali] With Internet Connectivity
  •     Updated Web Browser
  •     AWS Cloud account [FREE tier only]

(Team will share Customized StealthOps VM 1 week before the training date)

WHO SHOULD ATTEND

  •     Penetration Testers / Red Teams
  •     System Administrators
  •     Malware Developers
  •     SOC analysts
  •     Threat Hunting Team
  •     Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities

WHAT ATTENDEES WILL GET:

  •     Candidates will get 10 Days Lab Access (24*7 accessible) with write-ups after training which comes with technical support.
  •     Premium training materials Materials
  •     Private access to Red Team Automation Framework + Credential Dumping Tool

WHAT NOT TO EXPECT

  •     0 Day
  •     Private security control flaw
  •     Students must cope up with the trainer taught exercise to save time

DURATION

Duration: 3 days

Trainer

Yash Bharadwaj

Co-Founder & CTO, CyberWarFare Labs

Day wise Training Plan

  • DAY 1 -
    • Module 1 : Red Team Resource Development
      • Red Team Infrastructure Development
        • C2
        • Redirector
        • Payload Server
      • Infrastructure Automation
        • AWS, Azure & GCP Cloud
        • Bonus access to Red Team Automation Framework
      • Initial Access Security Controls
      • Initial Access Defense Evasion Techniques
        • Smuggling
        • RTLO
      • Working Initial Access Vectors [Exercises]:
        • .NET <3 Serialization
        • MSIs
        • .LNK Tactics Techniques & Procedures (TTPs)
        • Backdooring ClickOnce Applications
  • DAY 2 -
    • Module 2 : Tradecraft Development for Offensive Operations
      • APT29 Initial Access Tradecraft [Patching Enterprise Application]
      • CSharp Essentials [Hands-on Labs]
      • Offensive C# Trade-Craft [Hands-on Labs]
      • Utilizing Windows API for Red Team Profit [Hands-on Lab]
    • Module 3 : Evasive Tradecraft Development
      • Hosts Based
        • AMSI, CLM, Script Block Logging, ASR Rules Bypasses [1 Labs Each]
        • Fileless UAC Bypass [1 Lab]
        • Application Whitelisting : Applocker, MDAC
        • Credential Access
          • Browser based:
            • Chrome & Firefox [1 Lab Each]
          • Windows based:
            • PS-Readline Module
            • Custom C# Dumper
            • Bonus Access to private credential dumper tool
  • DAY 3 -
    • Module 4 : Contd..
      • Hosts Based .. Contd..
        • ETW & EDR's Basics
        • AMSI + ETW Patching [Hands-on Lab]
        • General Evasion Areas [Exercises]
          • Native APIs
          • Unhooking by Patching
          • DLL Unhooking
          • Direct Syscalls
* Candidates will Get FULL 10 Days Lab Access with write-ups after training which comes with technical support.
*Selected winners will get access to Premium CWL Course Materials*

Course Learning Objective

  •     With increase in Ransomware attacks, it is widely known that fortune companies as well as business critical companies have overlooked security controls their placement and configuration. This training helps in enhancing the visibility of Enterprise Based Security Controls in organization.
  •     Training will brief on the tactics, techniques, procedures and tools of Threat Groups like how stealthily they operate? OR How they circumvent the security mechanisms employed in a patched & monitored environment.
  •     Candidates will get enhanced threat visibility capabilities in both Host & Network-level on Windows, Linux Environment.
  •     Candidates will get to know how NOT to configure enterprise security controls
Book your seat Now

Workshops

Windows Kernel Exploitation Foundation & Advanced Training
Read More
Multi-Cloud (AWS, Azure & GCP) Security [2025 Edition]
Read More
Offensive OSINT
Read More
Android Security Primer
Read More
Automotive Security: A Hands-On Approach
Read More
Mastering Telecom Security: A Hands-on Guide to RAN & Core Network Protection
Read More
Hands on in Signal intelligence, Electronic Warfare, and CEMA for Security Applications
Read More
StealthOps: Red Team Operations 2025 Edition
HackTheWeb: Pentesting Beyond Basics
Read More
Secure Code Audit Exclusive Edition
Read More
Hacking Android, iOS and IoT apps by Example
Read More
Attacking CI CD Environments
Read More
Breaking Smart Kiosks with Windows 11 OS Hardening
Read More
Offensive Tradecraft Development
Read More

COMMUNITY PARTNERS

INDUSTRY CONFERENCE ALLIES

Contact Us

© Copyright 2025 -c0c0n. All Right Reserved