Workshops - RedOps

If you know nothing, you have to believe everything

Employees are a company's most valuable asset – which is why it is important to continuously invest in their training and development. I offer technically demanding workshops in the areas of Windows Internals, malware development, endpoint security evasion and reverse engineering, which are aimed at both red teamers and blue teamers. Like my blog, my workshops are characterized by a sound scientific basis, a clear structure and technical depth – and thus stand out from the crowd. While others just blindly copy and use tools without reflection, I give my participants the technical understanding they need to independently penetrate even highly complex topics.

Endpoint Security Insights: Shellcode Loaders & Evasion Fundamentals

Modern endpoint detection and response (EDR) systems are becoming increasingly sophisticated – but anyone who really understands their mechanisms can bypass them effectively. My workshop “Endpoint Security Insights: Shellcode Loaders & Evasion Fundamentals” teaches exactly this knowledge: in a structured, hands-on and in-depth debugging way. Learn how to develop evasive shellcode loaders step by step and how to bypass EDR detections through in-depth understanding instead of blind trial and error.

Learn how modern endpoint detection and response (EDR) systems work and how to bypass them in my workshop. Through practical exercises, in-depth debugging and a structured approach, we develop evasive shellcode loaders and analyze the mechanisms behind EDR detections.

📍 Location: Innsbruck, Austria

📅 Date: 23.09-26.09.2025

🎯 Format: 4-day in-person training (max. 9 participants)

👉 All information and registration: Click here

I look forward to your participation and to an exciting and instructive training session! If you have any general questions about course material, content, labs, organization, etc., if you are unsure whether the training is right for you, or if you just want to register for the workshop, feel free to contact me at workshop@redops.at. I'll be happy to help!

Why train with RedOps?

We invest a great deal of time in teaching and research, and anyone who knows our founder, Daniel Feichter, is aware of his attention to detail and passion for teaching. One of his great strengths is his ability to prepare and communicate complex knowledge in a way that even a layperson can understand and apply. Anyone who knows Daniel, reads his blog posts or listens to his conference presentations will know that his focus is on imparting knowledge in a sound and understandable way. His aim is not to work quantitatively, but to deliver high quality workshop content.

Responsibility and Integrity

Anyone who uses Offensive Security Services and deliberately exposes themselves to an ethical hacker attack should do so with a partner they can trust. We keep all information strictly confidential and have 100% integrity in everything we do.
Research Orientation

IT security is not a product, it is a continuous learning process. That's why we invest a lot of time in education and research. We have had the opportunity to present our findings on endpoint security at several IT security conferences.
Quality Instead of Quantity

With Red Team Services, we have turned our passion into our core competency. We do not sell products or licences, but live from our expertise in IT security. For us, quality comes before quantity.

Making sense of IT:Security

Red Teaming

A Red Team engagement gives us the opportunity to conduct a real cyber attack on your organisation. We identify the external attack surface, develop possible attack scenarios, conduct an extensive tactical intelligence gathering phase and attempt to gain initial access to the organisation's network. Through red teaming, we put your entire organisation to the test.

Assumed Breach

As with a red team engagement, we use an assumed breach scenario to simulate a real cyber attack on your organisation. The difference is that the external attack surface identification phase, the tactical information gathering phase and the initial access phase are omitted. The focus is always on the post exploitation phase of a cyber attack.