In-Depth Red teaming: APT & adversary Simulation
Pre-recorded Training, Available Now
This is a pre-recorded full hands-on training that focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization's overall detections and security posture
Are Companies Still Hiring Penetration Testers?
Well, let me be honest with you, the bad news is that the ethical hacking/penetration testing market is very saturated. So many people are learning this field and getting all known certificates in this market.

But the good news is, most of these candidates don't have the right skills these companies need and most importantly don't protect the organization against current attacks.

You see, the actual job of an ethical hacker is not to hack a company but to protect it. Therefore, you need to know first who might target this organization and what are their tactics, techniques and procedures (TTPs).

And Then we can simulate these attacks to see if this organization's defenses and processes are ready to protect and respond to such techniques? which is known as "Red Teaming"

Red Teaming will help you show that you are unique and able to protect this organization against the current threats it's facing.
Which Level are you?
In-Depth Red Teaming: APT & Adversary Simulation
In-Depth Red Teaming: APT & Adversary Simulation is a hands-on offensive training that focuses on helping organizations battle against ever-growing targeted attacks and ransomware attacks by simulating their adversaries and put your defenses and your blue team at test to improve the organization security posture.

This training focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization's overall detections and security posture

We help cybersecurity professionals protect their organizations from the biggest threats they are facing and become the go-to experts in their team

The number of cyberattacks is undoubtedly on the rise, targeting government, military, public and private sectors. 

These cyber-attacks focus on targeting individuals or organizations with an effort to extract valuable information, gaining money through a ransom, or damaging their reputation. 43% of cyber attacks these organizations are facing are Advanced Malware, APT Attacks, or zero-day attacks.

With adversaries getting sophisticated, the best way to test enterprise security operations & defenses against them is through simulating their attacks, leveraging the same tactics, techniques, and procedures (TTPs).

This intensive live training will take you on a journey into the attacker mindset, we will be covering how to simulate real APT Attacks, ransomware attacks and bypasses the organization's defenses and detection systems. We craft our spear-phishing attacks, malicious documents, and our undetectable cyber weapons to bypass their defenses and test the blue team detections with real-world scenarios.

In this training, we won't be relying on commercial products instead we will be relying on open-source projects and our in-house developed tools and weapons.


This training is for Security Professionals who want to expand their skills in red teaming, understand how real-world attacks look like and better protect their organizations against APT Attacks, Targeted Ransomware attacks and Fileless attacks

  • Cyber Security Professionals
  • ​Penetration Testers
  • Purple Teamers & Threat Hunters
  • Incident Handlers
  • ​SOC Analysts
The strategies, skills, and tools required to simulate real targeted attacks and harden your organization's defenses and security teams
Initial access

MODULE 01: APT Attacks & Red Team Infrastructure on AWS

  • What is an APT Attack?
  • ​What are the Attack Stages? And what’s MITTRE ATTACK?
  • APT attack lifecycle
  • ​Examples of real-world APT attacks
  • Deep dive into the attackers' tactics, techniques, and procedures (TTPs) Using Threat Intelligence 
  • ​Understand the attackers' malware arsenal
  • ​Setting Up Your Infrastructure in the cloud
  • ​Setting up your account in AWS & Terraform
  • ​Build your network and Caldera VM in the cloud
  • ​Create Redirectors to obfuscate your C&C IP

MODULE 02: Phishing & Social Engineering Mastery

  • Create a Phishing Platform using GoPhish & EmailGun
  • Create Your Phishing Pages using EvilGinx 2
  • Build Your Phishing plan using OSINT
  • Build your phishing emails templates
  • Bypass 2-Factor Authentication using EvilGinx 2

MODULE 03: Initial Access: Get your foot into the organization network

  • Spearphishing with malicious document
  • ​Malicious Documents Obfuscation: VBA Stomping
  • ​​Write your first spear-phishing attack with a malicious document (Hands-on)
  • Spearphishing with link
  • Spearphishing using social media
  • Advanced Execution Techniques: LNK Files
  • ​Advanced Execution Techniques: COM Objects
  • ​​Write your first spear-phishing attack with COM Objects (Hands-on)
Malware Writing in-depth

MODULE 04: Write Your First HTTP Malware

  • Build a Vulnerable organization in AWS
  • Connect to Caldera C2 using HTTP 
  • ​Implement Base64 encoding in your malware
  • Implement JSON parsing in your malware
  • ​Send victim machine information to your C&C
  • ​Receive and execute commands from Caldera
  • Automate command execution across multiple victims
  • ​Test your malware in your vulnerable AWS Lab

MODULE 05: Implement a Plugin Framework in your Malware With Keylogger Plugin

  • Add a framework for plugins with additional features
  • Add a keylogger plugin with window title detection
  • Bypass keylogger detection 
  • Steal clipboard data (for password managers)
  • Add commands for Caldera to download the keylogger logs
Advanced malware writing techniques

MODULE 06: ​Maintaining Persistence In-Depth (Advanced Techniques)

  • Maintain Persistence in the victim machine 
  • ​Advanced Persistence methods
  • Disguise the malware inside a legitimate process (Malware as a DLL) 
  • Persistence through DLL Injection

MODULE 07: ​Rooting: Privilege Escalation Techniques

  • UAC bypass techniques 
  • ​Advanced UAC bypass techniques: Abusing Application Shimming
  • Abuse services for privilege escalation
  • Escalate to SYSTEM account.
defense evasion & Malware obfuscation

MODULE 08: Malware Obfuscation: Bypass File Signature Scanning

  • Strings Encryption
  • ​Advanced Encryption Techniques
  • ​Dynamic API Loading
  • ​Hidden In Plain Sight: Malware Steganography

MODULE 09: Network Obfuscation: Bypass IDS, IPS, NDR and Machine learning based tools

  • Network Data Encryption
  • Hidden In Plain Sight 01: HTML Smuggling
  • ​Hidden In Plain Sight 02: Steganography
  • ​HTTPS Communication
  • ​Using legitimate websites for communications
  • DNS Flux and DNS over HTTPS
  • Other Protocols & Channels (ICMP, DNS)

MODULE 10: Bypass EDRs & Behavioral-Based Detection 

  • Process Injection & DLL Injection
  • ​Sysmon & ​EDR Bypass Techniques
  • ​Unhook EDR APIs
  • ​Invisible Process Injection Without Alerting EDRs
  • AppLocker And Application Whitelisting bypass Techniques
  • ​​Signed your malware with a trusted Certificate
Lateral movement and company domination

MODULE 11: Impersonating Users: Credential Theft & Token Impersonalization 

  • Credential Theft using lsass memory dump
  • Bypass lsass protection
  • Token Impersonation & Logon Types Overview 
  • Token Impersonation implementation in your malware
  • ​Steal Remote Desktop Sessions 
  • ​Lateral movement using caldera and your agent

MODULE 12: Hack the Domain Controller Through Lateral Movements

  • Using WMIC & Powershell to gather users and network information
  • ​​Understand domain account permissions and access level
  • ​NTLM Attacks: Pass The Hash
  • ​Kerberos Attacks: Pass The Ticket
  • Kerberos Attacks: Overpass The Hash
  • Silver & Golden Tickets
  • Lateral movement using Scheduled tasks
  • ​Lateral movement using Remote COM Objects
  • ​Lateral movement using WMIC & Powershell Remoting
Fileless attacks in-depth

BONUS MODULE: Write Your Own Complete Fileless Attack

  • Intro to Fileless attacks 
  • Fileless attacks process and lifecycle
  • Avoid file writing using Powershell with Reflective DLL Loader
  • Maintaining persistence using Powershell Downloaders
  • Maintaining persistence using COM Objects
  • ​Process Injection Techniques & Implementation
  • ​Process Injection: Avoid Detection
  • Write a full Fileless malware (Hands-on)
Your Trainers
Amr Thabet
Amr Thabet is a malware researcher and incident handler with over 10 years of experience, he worked in some of Fortune 500 companies including Symantec, Tenable, and others and he is the founder of MalTrak. He is the author of "Mastering Malware Analysis" published by Packt Publishing.

He is a speaker and an instructor at top security conferences all around the world, including DEFCON, Hack In Paris, and VB Conference. He was also featured in Christian Science Monitor for his work on Stuxnet.

He had worked on the analysis of some of the top nation-state-sponsored attacks including the NSA malware families, North Korea, and many other highly advanced attacks.

Prior to that, I struggled to get into the field as I was a mechanical engineer graduate. I faced lots of demotivating voices telling me that I wouldn't be able to make it. And because of that, after my successes, I decided to be the inspiring voice to all cybersecurity enthusiasts that want to land their first job in cybersecurity.

His mission is to help security professionals all around the world to build their expertise in malware analysis, threat hunting, red teaming. and most importantly, protect their organization's infrastructure from targeted attacks, ransomware attacks, and APT attacks.
Amr Thabet
Muhammed Talaat
Muhammed Talaat
Muhammed Talaat is a Malware Researcher & Cybersecurity Consultant in CyShield. He has an extensive experience in malware analysis, red teaming and customized malware development for different systems.

He has done multiple researches on bypassing some of the top cybersecurity defenses including Endpoint Detection Response products (EDR) and other products

He had worked for private sectors in the field of defensive strategies and malware research

He specializes in Reverse Engineering low-level systems (Firmware , ECUs , Kernel projects ..etc) and he has a solid knowledge in Automotive Security (Car Hacking) field. 
The strategies, skills, and tools required to analyze malicious software are essential to detect, investigate and defend against such attacks.

The strategies, skills, and tools required to simulate real targeted attacks and harden your organization's defenses and security teams

See What Our Students Said About The LIVE Version of This Training
  • Good IT administration background in Windows mainly (Linux is preferred) 
  • Good cybersecurity background
  • Good programming skills in C++ 
  • Laptop with minimum 8GB RAM and 60GB free hard disk space
  • ​VMware Workstation or VMware Fusion (even trial versions can be used). You can use VirtualBox or other virtualization software. However, the training will be delivered based on VMware Workstation.
  • ​Delegates must have full administrator access for the Windows operating system installed inside the VMware Workstation/Fusion.
  • ​Delegates have Microsoft Visual Studio or GNU C++ Compiler installed on their machine and their preferred Code Editor (Visual Studio or VS Code are preferred)
Note: VMware player is not suitable for this training.
WHAT materials are provided?
  • Training Prerequisite & Lab Setup Guide: a step by step guide to prepare your isolated virtualized environment for executing and analyzing malware
  • ​Malware Analysis Lab VM (Windows 7 VM) with all required tools pre-installed. It will be provided in .ova format
  • ​The labs/exercises samples and memory images.
  • ​A printed copy of mastering Malware Analysis Book
  • ​A printed copy of Malware Analysis & Reverse Engineering Workbook which includes all the exercises taught in the training with step by step solutions to them.
HOW LONG IS THE TRAINING AND WHAT's the schedule like?
The training is a total of 4 days (6 hours of workshop/day). Each day will have a schedule that looks like the following:

11:00am : Workshops Starts
2:00pm : Lunch
4:30pm : Afternoon Tea-Break (15 mins)
6:00pm : Workshops Ends (Depends on the trainers)

Mission  |  Books  |  Training  |  About Us  |  Contact

18 Garnish Square, D15, Dublin, Ireland
©2020  MalTrak - All Rights Reserved.