Join us for our next LIVE course: July 8-12

For more information: www.roguelabs.io/courseofferings

MEET.

Rogue Ops - Red Team 1

Ready to gain real world RED TEAM skills & experience?

Immerse yourself into ROPS-RT1 where students execute a REAL-WORLD inspired Red Team assessment, all while learning MODERN Red Team tradecraft, tools, and techniques from course instructors.

This course concludes with a rigorous proctored HANDS-ON CERTIFICATION test which is executed in an all new realistic environment.

Students join IN-PERSON, LIVE ONLINE, or SELF-LED

MODERN RED TEAM TOOLS & TRADECRAFT

Rubeus, BOFs, loaders, DLL Proxy Attacks, sneaky persistence, advanced tunneling methods, Pass-The-Ticket, Kerberoast, password cracking credential stores and more!

ROPS-RT1 was developed with a focus on utilizing the latest Red Team tools and tradecraft to prepare students for a demanding career in Red Team operations.

Full course outline below

TOP TIER TRAINING ENVIRONMENTS

Rogue Arena is the cornerstone of all Rogue Labs training. Be ready for:

  • Private isolated virtual environments per student

  • 24/7 access available via web browser

  • Multiple lab environments per course for FRESH repeated practice opportunities

  • Robust course curriculum built RIGHT INTO the platform featuring course slides, videos, and labs

  • No pop ups, countdowns, or timers, or other stressful messages. Students have 24/7 access to the platform for the duration of their subscription

    Want to learn more about Rogue Arena? CLICK HERE

HIGH QUALITY VIDEO TRAINING

Boring hard to follow videos are the WORST!

You’re committing hours of your precious time to learn an extremely technical and difficult field. Training content should be presented in the best way possible, to maximize student comprehension.

Rogue Labs is committed to produce the highest quality training content possible. This not only ensures better student engagement, but results in better certification performance.

Want to take ROPS-RT1 in person? Along with expert in-person instruction expect to have full access to all video instruction and several in-person bonus items as well. Perfect for review and practice before the rigorous certification attempt.

INSTRUCTOR SUPPORT

We believe quality training is NOT a solo sport.

Whether you enroll in an in-person offering, or self-led online, you will have 3 FORMS of accountability and support:

  1. Expert Instruction Staff

  2. Rogue Labs Alumni

  3. Other Students

Rogue Labs instruction staff also holds weekly office hours allowing students to join and ask additional questions or request additional assistance.

Meet Nick Downer

Nick has 10+ years of experience executing countless Red Team assessments across DOD and commercial environments.

He’s found himself in various training roles including co-authoring the RTFMv2 and most recently creating the RTFM Video Library.

He’s taught and equipped over 400 students in his time and through various teaching roles. He leveraged this experience (along with feedback from other senior Red Team operators in the industry) to create ROPS-RT1 with the mission of training and certifying the best Red Team operators possible.

THE CERTIFICATION

Students completing ROPS-RT1 may sign up for the proctored CERTIFICATION attempt. This is only for those that have perfected the Red Team tools and tradecraft taught throughout the course, and are ready to PROVE their newly developed skills and expertise.

The certification will force students to execute a Red Team assessment in an all new virtual environment. Those that complete the certification and pass the Tradecraft review will be ROPS-RT1 CERTIFIED

ROPS-RT1 OUTLINE

    • What is “Red Teaming” & Benefits & Ethics

    • Red Team vs Pentest

    • Red Team Tradecraft & Importance

    • Emulating Threat Actor TTPs

    • Red Team Methodology

    • ROPS-RT1 Scenario Overview

    • C2 Frameworks & Industry Favorites

    • C2 Transport Protocols & Blending In

    • Red Team Redirectors & Proxypass

    • Introduction and Tour of Cobalt Strike

    • Lab 1 - Infrastructure Setup

    • Red Team Assessment Planning

    • Network Recon (NMap, Shodan, DMZ Enum)

    • Lab 2 - NMAP

    • OSINT Research (Google Dorks, Identifying Useful Targeting Information)

    • Lab 3 - OSINT

    • Phishing & Current Constraints

      • Phishing in the era of Robust Perimeter Detection

      • Generating Target List

    • Cobalt Strike Implant Payload Review (.dll, exe, service, shellcode)

    • Lab 4 - Phishing Package Generation (XLL)

    • User/Machine Situational Awareness

    • Lab 5 - Situational Awareness

    • BOF vs Assembly vs Shell

    • LOLBINS & Scripted Tool Tradecraft Concerns

    • TrustedSec BOF & Inline Execute

    • Lab 6 - BOF Situational Awareness++

  • Persistence

    • Overview & Importance

    • SYSTEM vs User

    • Installing User Persistence (Schtasks)

    • The Downside of Automated Persistence Tools

    • Utilizing “Loaders” (Shhhloader) to Bypass System Protections

    • Uploading & Blending Files Into Systems

    • Lab 7 - User Persistence

    • Poisoning User Startup Tasks

    • Lab 8 - User Persistence++

    Local Escalation

    • Datamining User Directories

    • Lab 9 - Datamining User Directories

    • Local Privilege Escalation Techniques (SharpUp)

    • Lab 10 - Local Privilege Escalation (DLL Hijack)

    • Active Directory Overview & BOF Net

    • Lab 11 - Enumeration With BOF Net

    • Fileserver Enumeration

    • Lab 12 - Datamining Fileservers

    • CS Token Manipulation (PTH, make, steal)

    • Lab 13 - Token Generation

    Lateral Movement

    • Lateral Movement (Service Manipulation)

    • SMB C2 Protocol

    • Lab 14 - Lateral Movement

    Domain Escalation

    • Lab 15 - Domain Controller Compromise

    • Hash Collection (dcsync, hashdump, vss)

    • Lab 16 - Hash Collection

    Domain Fortification

    • Domain Enumeration using ldapsearch

    • Active Directory Users/Groups/Computers/Admins

    • Lab 17 - Fortify & ldapsearch

    • SYSTEM Persistence Overview

    • Backup Redirectors

    • Enumerating & Building A DLL Proxy Attack

    • Lab 18 - DLL Proxy Attack

    • Red Team Logging

    • Lab 19 - Red Team Logging

    • Trust Enumeration & Exploitation

    • Lab 20 - Domain Trust Exploitation

    • Lab 21 - Electro R&D

    • Active Directory Mis-Configurations

    • Lab 22 - Kerberoasting

    • Kerberos Tickets

    • Lab 23 - Pass-The-Ticket (PTT) / Rubeus

    • Cracking Keepass + SSH Keys

    • Portfwd Tunneling

    • Linux Situational Awareness

    • Lab 24 - Linux Compromise

    • SSH Tunnel Pivots

    • Local Authentication

    • Lab 25 - Investigation

    • Lab 26 - Cleanup + Assessment Completion

THE SCENARIO

Electro J&N has assigned you the responsibility of conducting a Red Team assessment against their corporate infrastructure. In light of their highly sensitive R&D projects, they have recently separated their R&D network into its own Windows Forest. They are eager to find out whether any potential breaches of their corporate network could impact the security of their fortified R&D forest.

WHAT YOU GET

  • 24/7 access to a realistic & private virtual training environment hosted in the one and only ROGUE ARENA.

  • Physical course/slide materials shipped to your door or available in class.

  • Access to high quality/engaging video instruction guiding students through course concepts and labs.

  • At least one test voucher for the respective hands-on certification test.

  • Bonus “stretch goals” for each lab. Complete them all and earn the respective “stretch goal” mastery badge in Rogue Arena & some loot!

the buzz

Featured

I embarked on the ROPS-RT1 class with high expectations, and I can confidently say that those expectations were not only met but exceeded beyond measure. This course is nothing short of phenomenal, offering a comprehensive journey into the intricate world of offensive security. One of the most commendable aspects of this class is its emphasis on practical skills. Rather than focusing solely on theoretical concepts, students are given opportunities to hone their abilities through a series of challenging exercises and simulations via Rogue Area. This not only reinforces learning but also instills confidence in one's abilities as a red team practitioner.

Rogue Labs instructor, Nick Downer, went above and beyond to ensure that students receive personalized attention and support throughout the entire duration of the course. Nick's ability to convey the information to both new and seasoned operators, was phenomenal!

In conclusion, if you're looking to elevate your skills in offensive security and embark on a thrilling journey into the world of red teaming, look no further than ROPS-RT1. It's not just a course; it's a transformative experience that will empower you to unleash the warrior within and conquer even the most formidable cybersecurity challenges. I am truly thankful for the opportunity to take this course and to have been taught by one of the finest in the field!

Nicholas O

The ROPS-RT1 course was amazing. The content consisted of real-world TTPs, with a heavy emphasis OPSEC. The course was fast paced with lots of hands-on experience with Cobalt Strike and BOFs. Additional stretch labs were provided throughout for those who finished the regular labs. Our team will be implementing his workflow and TTPs into our upcoming assessments immediately.

Lee B

This course kicked my butt, and I loved every second of it. Nick is a great teacher, really knows his stuff, and was quick to help whenever I had questions. Given the opportunity, I would absolutely take another course from Rogue Labs.

James G

The class was well structured and demonstrated various ttps that threat actors leverage for public facing attacks. In this class I learned about various obfuscation techniques and how to leverage both cobalt strike and sliver c2 frameworks in a realistic training environment called rogue arena.

Joshua J

ROPS RT1 is an excellent course that puts theoretical red team techniques into practice. It is a fast paced and challenging course that puts the student to the test against real-world network environments using modern tactics and techniques. I highly recommend it to all who are looking to enter the red team and penetration testing space!!

Jordan G

This course has given me the confidence and tradecraft needed to continue planning and leading exceptional missions for our clients. My operators and I benefited immensely from this course - Nick's focus on latest tradecraft along with his exceptional teaching style and extensive hands-on practical experience in Rogue Arena has leveled us up!

John Z

The Rogue Ops: Red Team 1 course is one of the best red team trainings on the market, distinguished by its incorporation of up-to-date techniques, next generation lab environment, and a well-paced curriculum. The information is presented clearly, employing solid teaching methods. This approach not only enhances understanding but also allows participants to apply new knowledge practically, making it an invaluable experience for anyone looking to advance their skills in red teaming.

Steven E

I found that this course provides extensive training in professional red team techniques and tradecraft. Emphasis on the word, "professional". I came away from ROPS-RT1 with a more intuitive understanding of the foundational aspects of the tools, commands, and methodology that make a red team valuable - it doesn't just teach the how, but the why for everything from multi-tunneling and Kerberoasting to activity logging and cleanup. It was a good use of my time and a solid value for the money.

Dwayne D.

The Rogue Labs Guarantee

We are so confident you’ll enjoy your training experience that we offer a 100% no questions asked money back guarantee.

Grab the course, jump in, and check it out. If you decide its not for you within the first 48 hours of purchase, no hard feelings. Just send an email to “returns@roguelabs.io” with your order number and we’ll refund your money immediately.

We only want your support if you love the course, and we are just THAT confident you will.

The FAQs

  • We understand life can throw all sorts of things at our schedule.

    One time during your subscription you may send us an email to support@roguelabs.io and we’ll pause your Rogue Arena environment and subscription.

    This pause will remain in effect for a maximum of 6 months but will allow you to resume training whenever it fits your schedule.

  • Rogue Labs certifications do not currently expire, but that could change in the future.

  • When a student successfully completes a Rogue Labs certification, they are sent a “certification kit” to commemorate their hard-earned achievement.

    As the Rogue Labs certification program grows, we hope to partner with external entities looking to hire quality Red Team operators and offer those potential career opportunities to Rogue Labs certified alumni.

  • Before starting ROPS-RT1 students should ensure they are familiar with:

    • Command line applications (passing arguments to executables)

    • Navigating file systems via command line

      • Issuing cd, pwd, ls, dir, etc

    • Basic Networking (TCP/UDP, Network Protocols such as HTTP/HTTPS/SSH, etc)

    • Basic Operating Systems (processes, network connections, etc)

  • Of course! ROPS-RT1 is just the beginning.

    Rogue Labs instructors are currently outlining ROPS-RT2, an intro course, and a C2 Framework course which will walk students through several different C2 Frameworks such as Mythic, Havoc, Sliver, and Merlin.

Interested?

Click the button below to learn about our next LIVE course date

Click the button below to join our mailing list and be the first to know when ROPS-RT1 self-led goes online