RED TEAM

SPECIALIST
we współpracy z

Intro
Course

Extended
Course
Red Team Specialist
HackerU has been Israel's premier IT and Cyber Security Institute for over 25 years, graduating
thousands of students per year.

Thanks to our world-class curriculum and career services program, a high percentage of our graduates
land strategic positions in the high-tech market, and we are incredibly proud of the thousands of
industry experts whose careers started here. They are a testament to our commitment to our students’
futures.

Demand for Cyber Security professionals has surged in recent years. Governments, corporations, and multinational
organizations are seeking and recruiting experienced Ethical Hackers to help identify vulnerabilities and secure their
systems.

Students enrolled in the Red Team Specialist program explore the hacker's state of mind through in-depth study of
the cutting-edge technologies and frameworks required to protect organizations from future threats.

The Red Team Specialist program is suited for absolute beginners seeking a career in the Offensive Cyber Security field.

we współpracy z
Objectives
Our primary goal is to train and prepare the next generation of offensive Cyber Security professionals.
Using our unique hands-on approach, we simulate live Cyber Attacks in the classroom, educating our
students to detect and prevent potential breaches. Our students are taught by top experts in the field
and learn the most up-to-date and advanced techniques and practices, giving them the skills they need
to succeed. Upongraduation, our students are able to conduct a variety of Penetration Tests, helping to
secure the databases of government authorities, military forces, and corporations andorganizations of
all sizes.

Benefits Prerequisites
• Cyber labs simulating real-time attacks • IT/Programming background (optional)
• Industry-oriented curriculum designed and • Will to learn
delivered by industry experts
• Professional evaluation and admissions
• Trial period with minimal financial risk exam

Course Outline Course Methods

• Sorting stage: A 60-hour online • Instructional Methods
introduction to the fundamentals of Cyber Class lectures and labs; in-class or live
Security. The Stage provides the online instruction.
fundamental skill set Cyber Security
• Evaluation and Skills Assessment
students need to tackle advanced material
The instructor will evaluate each student
and concepts. At the end of the Sorting
according to attendance, performance
Stage, students take a written exam
in labs, on quizzes and exams, class
that assesses their understanding of the
participation, and completion of
material. Following the exam, each student
homework assignments.
has a 1-on-1 evaluation meeting where
they discuss their progress in the course
and decide together if the student should
proceed to the full program. Students who
do not continue on to the full program will
be refunded the cost of the Introductory
Course tuition.** The stage is followed by
an assessment test; students who
successfully pass the test will be
• The Full Program: 440 Total Course Hours
+ 125 Final Projects (Academic Hours)

Certifications Exam Information

• HackerU Certified Cybersecurity OSCP Offensive Security Certified
Specialist Professional (OSCP)
• OSCP*

* Certification exams are not conducted by HackerU and require additional ** Terms & Conditions apply.
costs not included in tuition. Students are responsible for booking exam dates
with exam administrators.
01 ONLINE RED TEAM PREPERATION (SORTING)

Introduction to Cyber Networking Models & Segmentation

• Cyber Security terms & attacks • OSI/TCP IP Modles
• IP & Subnetting
Computer Hardware & OS
• Computer hardware objects Linux Fundamentals
• Operation systems • Basic Linux commands and usage

Virtualization Fundamentals Cyber Attack Cycle

• VVirtualization Fundmentals • Cyber Attack Cycle steps
• Installation of VM • Brute Force attack in Linux
• Windows 10 & Kali Linux Installation
• VM Advanced Settings Exam + Cywar Challenges (Exam --> 1.5 hours)
• Sorting Exam & Introductory Cywar Challenges
Introduction to Networking
• Network fundamentals
• Component in corporate network

02 LINUX FUNDAMENTALS

Introduction to Linux Configuring Services

• Linux Fundamentals & Basic Commands (File System • Configuring Apache2
navigation, file creation) • FTP
• Samba
Users, Groups & Permissions • Telnet
• Permission in Linux
• Users types Final Project - Linux Fundamentals

Network Configuration & Package Management

• Network Troubleshooting and configuartion
• Installing packages

03 WINDOWS SERVER 2016

Creating an Organization • Creating Objects

• Workgroup vs Domain Environments • Creating Groups

• GUI vs Core • Installation of Additional Clients (Win10)

• Server Roles & Features • Adding & Connecting Clients to the Domain

Active Directory Management GPO Management

• Server Roles & Features • Group Permissions

• Creating a Forest • Access Control

• Group Policy Objects

Working with Services (DHCP & DNS)

• Configuring DNS & DHCP Final Project - Windows Server
• Managing Active Directories
04 BYPASSING THE PERIMETER

WireShark • cupp
• Traffic Analysis using WireShark • Crunch
• Protocols Intercept
• Data Extraction MetaSploit &Known CVEs
• Creating Payloads
MITM • Command & Control
• Man In the Middle Attack • Bind Shell/Reverse Shell
• Arpspoof • Metasploitable Training
• dnspoof
Wi-Fi Attacks
OSINT & Social Engineering • Wi-Fi Cracking
• Social Engineering • Airmon-ng
• Phishing • aireplay-ng
• Site Cloning • aircrack
• SEToolkit • wifite

Network Scanning Web Anonymity

• Detetcing online hosts • Darknet
• Hping3 • TOR
• Nmap • Onion Layers
• Banner Brabber • Proxychains

Password Cracking Final Project - Bypassing the Perimeter

• Brute Force
• Dictionary Attack

05 SIEM & SOC

SIEM & SOC Introduction • IDs/IPS

• SOC Roles • NAC
• SOC Structure • Pfsense
• SOC Workflow
• Enterprises Architectures Log Generation & Collection
• TMS • Logs Structure
• Event Viewer
End-Point Protection • Syslog
• Anti-Virus
• End-Point Solutions SIEM Solutions
• EDR • SIEM
• DLP • Splunk
• ESET
• ESMC IOC & Malwares
• ESMC Group & Tasks • IOC
• Malware
Network Protection & Prevention • Magic Numbers
• Firewall
• WAF
Windows Live & Offline Analysis • SigCheck
• Live Forensics • Virus Total
• Process Investigation • HxD
• DNS Cache • Magic Bytes
• Digital Forensics & Incident Response
Basic Dynamic Analysis
Memory Analysis • Dependency Walker
• Memory Dump • Regshot
• Memory Investigation • Sysmon
• Volatility • Autoruns

Basic Static Analysis Final Project - SIEM & SOC

• Strings

06 CROSS PLATFORM ELEVATION OF PRIVILEGES

Windows Local Privilege Escalation • Persistence & Hidden Users

• Windows Permissions • Covering the Tracks
• Windows Privilege Escalation
• Ease of access manipulation Common Exploits & Buffer Overflow
• Users Creation • Dirtycow
• Eternalblue
Windows Post Exploitation & Credentials Dumping • Bluekeep
• Credenitals Dumping
• Mimikatz Unquoted Services & DLL Hijacking
• Windows OS Vulneble protocols & files • Unquoted Service
• Covering tracks • DLL Hijacking
• DLL Injection
Linux Local PE & Post Exploitation • Procmon
• Grub Bypassing • msfvenom
• Sudo privilege
• File system mounting Final Project - Cross Platform Elevation of Privileges

Linux Automated Tasks & Permission Misconfiguration

• Post Exploitation Techniques
• Credential Extraction

07 ADVANCED INFRASTRUCTURE

Enumerating an Organization SMB Relay & Responder

• RSAT • LLMNR Manipulation
• Bloodhound • Responder
• Sharphound • SMB Relay
• Neo4j • Inveigh

Lateral Movement PowerShell as a Weapon

• WMI • Powershell Basics
• WinRM • Powershell Policies
• PsExec • Scripts creation
• Pass the Hash • Exploitation via PowerShell
Obfuscation Techniques Reverse Shells & Tunneling
• Manual Obfuscation • Bind Shell & Reverse Shell
• Invoke-Obfuscation • ICMP Tunneling
• Obfuscation Frameworks • SSH Tunneling
• DNS Tunneling
Office Exploitation • Dnscat2
• VBA
• Macro Kerberoasting & Pass the Ticket & Module Review
• Formula Injection • Pass the ticket
• SFX • Golden Ticket
• Invoke-Kerberoasting
Exploiting Services within an organization
• Mail Relay Final Project - Advanced Infrastructure
• Heartbleed
• Redis
• SSH Keys Manipulation

08 PYTHON FOR HACKING

Introduction to Python Web Communication

• PyCharm • Urllib3
• Variables • Requests
• Types Casting • BeautifuSoup
• Conditions
• Mathematical Operators Sockets Fundamentals
• Client-Side Socket
Data Types & Loops • Server-Side Socket
• Data Structure • Data Exchange
• For Loop • Echo Communication
• While Loop
• Tuple Protocols Communication
• Dictionary • Banner Grabber
• List • Protocol Investigation
• FTP Breakdown
Functions & Code Handling
• Function Creation Scapy & Network Scanning
• Dateime • Scapy Fundamentals
• Psuedo Random • Sending & Receiving Packets
• Port Scanner
File System & Error Handling • ARP Scanner
• Try & Except • ARP Spoofer
• Exception Types
• File Permissions Final Project - Python for Hacking
• OS Module
• Log Parsing
09 WEB FUNDAMENTALS

Introduction to HTML • XAMPP Web Server

• Internet Technologies • Using PHP in XAMPP
• HTML Fundamentals
• Structuring Web Pages Advanced JavaScript
• Functions
CSS Fundamentals • Array & Loops
• CSS Design • Debugging
• The Box Model • JavaScript Obfuscation
• CSS for Hackers
Introduction to Server-Side
JavaScript Fundamentals • XAMPP Installation
• Arithmetical Operations • PHP Implementation
• Document Object Model • PHP Data Types
• JavaScript for Hackers • PHP Programming

Building Web Pages Final Project - Web Fundamentls

• Web Application Structure
• Use Input & Forms

10 WEB APPLICATION PENETRATION TESTING

Web Technologies XSS

• Apache Server • DOM XSS
• Requests Methods & Headers • Reflected XSS
• Website Status Code • Persistence/Stored XSS
• Website Security & Detection Tools • Security Measures Evasion

PHP Vulnreabilities & OWASP Top 10 Database Management

• PHP Configuration • Relational Database
• Secure Coding • MySQL
• OWASP TOP 10 • SQL Syntax
• Web PT Prerequisites
SQL Injection
Burp & ZAP • Attacking Vectors
• Burp Suite Setup • SQL Injectgion Execution
• Burp Suite Components • Boolean Based
• ZAP • Bypass Authentication
Advanced SQL Injection LFI/RFI to RCE & WordPress Hacking
• Blind SQLi • Local File Inclusion
• SQLmap • Remote File Inclusion
• Bypassing Security Measures • File Upload Bypass
• Website Enumeration • WordPress Hacking
• WPScan
NoSQL Injection
• MongoDB PT Flow & Reporting and Vulnerabilities Scanning
• NoSQL Injection • Penetration Testing Types
• Penetration Testing Toolkit
CSRF & Broken Authentication • Penetration Testing Report
• Authorization • Vulnerability Scanners
• Broken Authentication • Website Scanners
• CSRF
Final Project - Web Application Penetration Testing
XXE & SSRF
• SSRF Execution
• XML External Entities
• Exploitation with XML Entities

11 MOBILE SECURITY

Introduction to Android SSL Pinning

• Android Files System • SSL Verification
• Dalvik vs ART • SSL Pinning ByPass
• Apk Structure • FRIDA Scripts
• Dex2Jar
• JD-GUI Android Malwares & Run Time Debugging
• Msfvenom
Android Programming • Meterpreter
• Android Activities • Android Payload Execution
• Android Studio Programming • APK Debugging
• Java Functions
Static & Dynamic Investigation Frameworks
Android Reversing • MobSF
• APK Reversing • Drozer
• Smali Code
• ApkTool iOS Security
• Jadex • iOS Fundamentals
• APK Sign • iOS Jailbreak
• iCloud Bypassing
Android Traffic Analysis
• Traffic Interception Final Project - Mobile
• Burp Suite
• Frida

12 OSCP PREPERATION 13 CARRIER SERVICES

Carrier Services
 Program Summary

Course Hours

Online Red Team Preperation (Sorting)

Linux Fundamentals

Windows Server 2016

Bypassing the Perimeter

SIEM & SOC

Cross Platform Elevation of Privileges

Advanced Infrastructure

Python for Hacking

Web Fundamentals

Web Application Penetration Testing

Mobile Security

OSCP Preperation

Carrier Services

Total Course Hours + Final Projects(Academic) 625

we współpracy z

[email protected] ul. Stefana Banacha 2, + 22 4936350

02-097 Warszawa