Home

Review of Yaksas CSC - Red Team Adversary Emulation

These are my personal opinions based on my background and training experience.



Course Reviewed


Format:

This course is online.


Materials:

This course's materials included videos, video instructions to configure your Kali Linux attack VM, and there is a VM that you can download, located at https://adversaryemulation.com/ctf-taxfirstlabz-red-team-adversary-emulation-101, some resource files, and a lot of links to other web pages. Possibly a cloud-based lab environment in the future.


Class size:

The class is just for you.


Environment

You create your attack VM, and there is another VM you can download at the present time, but in the future there might be cloud-based lab environment for students to utilize.


Estimated cost:

At the time of this review, the course prices were listed as follows (Check the web site for actual prices!)

$100 (But there was a 30% discount and so the price was $70) and course access is lifetime.


About the Course:

I like this summary already listed on the site: "This is a beginner friendly course. If you have just started your career in offensive cybersecurity or are preparing for penetration testing exams (OSCP, eJPT, eCPT, eCPTx, CRTP etc.) then this course is for you. If you are already a penetration tester or a red teamer, you will enjoy following a live adversary emulation exercise from scope creation to reporting."


My motivation:

I received an email informing me about this training, and after doing some research, I decided to sign up and give it a go. It took a couple of days to get through the videos and read the material on the provided links.


My Review:

The course starts with an introduction video, then it has a page "What is Adversary Emulation" which has links to external sites that contain more information. I like this approach. It starts by providing you information and then backs up that information with external sources. This is followed by more videos regarding Red Teaming vs Adversary Emulation and Attack Methodology & Attack Path.

I downloaded the Resources.zip file and started looking through it. Good stuff there. The videos are easy to follow for the install of the tools and stuff. And going over CherryTree is a neat touch I haven't seen before. Self logging is critical because the logging script won't capture screenshots. And speaking of screenshots, this is covered in the Recon section.

The Recon section. Short and sweet. A few tools covered.

Initial compromise... Escalate... Presistence... These are pretty fast moving and straight to the point. PoshC2. I had heard of it, and may have looked at it once before, but it was good to get to see a demo of a C2 that I am not familiar with.

Internal Recon, followed by Lateral Movement. I had never heard of Mentalist so that was a neat tool to add to my toolbox.

Lateral Movement - Privilege Escalation. Lateral Movement - Domain Enumeration. I liked the quick overview of Bloodhound for those that haven't used it before, and there was some customizations that I had never explored before that could make things easier in the future.

Lateral Movement - Domain Privilege Escalation. In this section, you are given one solution and encouraged to explore a second solution that is listed on your own. If you are just starting on your journey of red teaming or penetation testing, do not skip these exercise and make sure you always explore other paths.

Domain Lateral Movement & Data Analysis. Data Analysis & Data Exfiltration. A look at converting those Putty PPK keys inside Kali Linux (so much easier than exporting to a Windows machine and converting them and then importing them back). Then the topic you love to hate... SSH Tunnels. Very short and to the point. This is followed by a mysql section which includes a quick demo of getting data out of a mysql database. Let me take a minute to say, as many times as I have used CyberChef, and all the options I have played with, I never noticed the hashing section. I gotta remember that for the future. You learn something new every day!

Attack Path Recap. This is just a recap of what has been done during the class up to this point. There is a slide show in this section that maps what is done to the MITRE ATT&CK methodology.

Deleting Footprints. This is a great section. When you are doing a CTF, with all your implants and stuff still on the box and all the changes that you have made, you can just revert the machine and it will be in a clean state. You don't get that luxury in the real world, unless your customer says that you should leave everything for them to clean up....then those detailed logs are going to really be needed. As far as deleting logs of your activity on the system... it would be interesting to see how penetration testing/red teaming differs around the world on details such as this.

Observations & Recommendations. Engagement Report. Course Resources & Feedback. Conclusion. A good wrap up to the course.




Misc:

If you are just getting started, this is a really good course to take. It is a rapid fire approach to a red team engagement. I really liked the note taking part of the video as I feel that taking notes* along the way is a critical skill to learn (and not just with CherryTree (or similar) but also taking notes in text format and screenshots). *Feel free to learn/use whatever you prefer. If your job requires one method over another, go with that, or better yet, learn a bunch of different log systems so that you can adapt to the situation you are in.



The Exam:

There is no exam, but if you complete the course and submit feedback, you will get a Certificate of Completion.



CoC


My two cents:

The videos are broken down in to good topics and they are each fairly short time wise. There is a lot of content in those videos, and the information is covered in a quick concise manner. I always ask myself if I learned something while taking the training, and even though this is a course focused more toward beginners, I learned more than a few things going through the videos. This was a really great course that dropped in my lap at just the right time, and makes me wish I would have had some training like this back before I started working toward the OSCP. I am excited to see what additional training is released from Yaksas CSC.






Copyright © 2021

Contact: redteamtrainingreviews @ redteamtrainingreviews.com