Workshops - RedOps

If you know nothing, you have to believe everything

Employees are a company's most valuable asset. That is why it is important to continually invest in their training and development. On the one hand, we offer technically challenging workshops in the areas of Windows internals, malware development, endpoint security evasion and reverse engineering, aimed at both red teamers and blue teamers in organisations. Like our blog, our workshops stand out from the competition because of their scientific foundation, structure and technical depth. Where others just blindly copy and use tools (e.g. Privilege::Debug), we provide our students with the necessary technical understanding to later understand even very complex topics (e.g. hardware breakpoints). We are leaders in Austria in the field of endpoint security evasion research and are constantly expanding our workshops to keep our training materials up to date. We also offer simple training courses for non-technical staff, e.g. on awareness.

DEF CON Workshop

One of our founder's specialities is Windows internals, malware development and endpoint security. If you want to get a first impression of his expertise and attention to detail, you are cordially invited to take a look at the following freely available workshop materials, which he invested several weeks of his time in and presented as part of a one-day workshop entitled "(In)direct Syscalls: A journey from high to low" in the Red Team Village at DEF CON 31 in Las Vegas. The materials for the DEF CON 31 workshop are free, and the entire workshop can be conducted independently in your own virtual lab using the workshop materials. Technical requirements for the workshop can be found here.

Endpoint Security Insights Training

We are pleased to present our new workshop/training entitled "Endpoint Security Insights: Shellcode Loaders and Evasion". The focus of this workshop is to learn more about the Windows internals necessary to better understand how EDRs work on Windows and what mechanisms they use on Windows. Using a structured approach, we will explain important concepts that are needed today to successfully bypass popular endpoint security products such as CrowdStrike, SentinelOne, Microsoft Defender ATP, etc. Based on what we have learned about topics such as different types of shellcode execution/process injection, obfuscation, encryption, unhooking, hardware breakpoints, etc., we will step-by-step create several passable shellcode loaders with a focus on local execution (self-injection), which can be used for initial access in a red team engagement or an assumed breach.

Bypassing Endpoint Protection Products (EPPs) and Endpoint Detection and Response Products (EDRs) has become increasingly difficult in recent years and is an important part of any Red Team engagement. Each EDR is different, with different strengths and weaknesses, and there is no one-size-fits-all solution for bypassing EDRs. But at least the basics of EDR evasion and shellcode loader development are important, even for beginners.

Our founder, Daniel Feichter, has gained a lot of experience with endpoint security evasion over the years with many different products and would like to share some of his knowledge in my course "Endpoint Security Insights: Shellcode loaders and evasion". First, we will look at the basics of Windows internals to better understand how EDRs work on Windows. Then we will take a closer look at the defence mechanisms of EDRs such as user mode hooking and ETW, and then look at possible techniques such as unhooking, direct or indirect syscalls, playing with metadata, entropy, etc. to circumvent these mechanisms or EDRs.

For more information, course details and to book tickets, please follow this link.

Why train with RedOps?

We invest a great deal of time in teaching and research, and anyone who knows our founder, Daniel Feichter, is aware of his attention to detail and passion for teaching. One of his great strengths is his ability to prepare and communicate complex knowledge in a way that even a layperson can understand and apply. Anyone who knows Daniel, reads his blog posts or listens to his conference presentations will know that his focus is on imparting knowledge in a sound and understandable way. His aim is not to work quantitatively, but to deliver high quality workshop content.

Responsibility and Integrity

Anyone who uses Offensive Security Services and deliberately exposes themselves to an ethical hacker attack should do so with a partner they can trust. We keep all information strictly confidential and have 100% integrity in everything we do.
Research Orientation

IT security is not a product, it is a continuous learning process. That's why we invest a lot of time in education and research. We have had the opportunity to present our findings on endpoint security at several IT security conferences.
Quality Instead of Quantity

With Red Team Services, we have turned our passion into our core competency. We do not sell products or licences, but live from our expertise in IT security. For us, quality comes before quantity.

Making sense of IT:Security

Red Teaming

A Red Team engagement gives us the opportunity to conduct a real cyber attack on your organisation. We identify the external attack surface, develop possible attack scenarios, conduct an extensive tactical intelligence gathering phase and attempt to gain initial access to the organisation's network. Through red teaming, we put your entire organisation to the test.

Assumed Breach

As with a red team engagement, we use an assumed breach scenario to simulate a real cyber attack on your organisation. The difference is that the external attack surface identification phase, the tactical information gathering phase and the initial access phase are omitted. The focus is always on the post exploitation phase of a cyber attack.