« All Events

Offensive C Programming for Windows w/ Henri Hambartsumyan, Arnau Ortega, Jos van der Peet, Olaf Hartong

Event Series Event Series (See All)

October 18 @ 8:30 am 5:00 pm MDT

Course Length: 16 Hours
Format: In-Person Only

Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation.

Pricing:

  • In-Person: $1,095
    Includes In-Person Conference Ticket
Antisyphon Training
Register for Live Training!

Clicking this button will take you to Cvent to complete your registration.

Course Description

Being able to develop, modify and build customs tools is crucial to achieve your objectives in offensive security projects. This course teaches you to develop your own offensive building blocks such as: 

  • Local and remote process injection 
  • (Un)hooking API calls 
  • DLL hijacking and proxying 
  • Dumping credentials 
  • Building custom BOFs 

We will also cover many other important low-level techniques, which are essential for bypassing detection by for instance an AV/EDR and hence making your red teaming exercise a success. 

Key Takeaways

After finishing the course, students will be able feel comfortable to build their own offensive tools in C, targeting Windows. Students will be able to implement the following techniques from scratch: 

  • Loading and executing shellcode. 
  • Dumping LSASS. 
  • Basic techniques for building EDR bypasses. 
  • Hook and unhook functions. 
  • Implement DLL hijacking and proxying. 
  • Using Windows APIs for misc. offensive purposes. 

Who should attend this training and what are the key take aways:

We assume students already have solid knowledge of the topics. The focus of the course will be to implement specific attack techniques in C, not to discuss these techniques in depth. 

The course is meant for red teamers / offensive security professionals with a decent programming background who want to develop low level development skills to implement tradecraft. After finishing the course, students will be able feel comfortable to build their own offensive tools in C, targeting Windows. Students will be able to implement the following techniques from scratch:

  • Loading and executing shellcode.
  • Dumping LSASS.
  • Basic techniques for building EDR bypasses.
  • Hook and unhook functions.
  • Implement DLL hijacking and proxying.
  • Using Windows APIs for misc. offensive purposes. 

Approximately 60%-80% of the course will be spent hands-on, developing and debugging C code. The remaining 20-40% will be instructor led theory to lay the basics for “Windows Systems Programming”.