Our team of experts have created a brand new Red Team Pathway, launched to teach you how to simulate a potential adversary attack in complex environments. Going beyond penetration testing, you’ll dive into conducting successful red team engagements and challenging the defence capability of your clients!
Where can this training take you?
With TryHackMe’s red team training, you’ll gain invaluable knowledge needed to pursue new career opportunities in offensive security.
This training goes above and beyond penetration testing; you’ll learn how to conduct successful red team engagements and challenge defence capability by imitating a cyber criminal's actions - emulating malicious attacks, retaining access, and avoiding detection throughout red team assessments. Therefore, this pathway is suited to high-level job positions in the industry. It’s a great opportunity to challenge yourself and push yourself further.
Already in a red team role? This training can help you brush up on some of the key topics that are vital to your work. Cyber security consistently evolves, so regularly upskilly allows you to stay on top of threats and evolutions and fulfil job responsibilities to the best standards. In turn, this can open up career progression opportunities, give you job satisfaction, and job security.
Scroll on to discover TryHackMe’s new pathway and the red teaming job opportunities you can achieve from these exciting new labs!
Red Team Fundamentals
Learn how to apply threat intelligence to red team engagements, utilise operations security processes, and set up your own command and control server. By the end of the Red Team Fundamentals module, you’ll be able to successfully plan a red team engagement and understand the methodologies used to emulate a real threat actor.
Delve straight into the tactics, techniques and procedures attributed to offensive security to assist in adversary emulation. You’ll discover the basics of threat intelligence and how it can be applied to red team engagements.
The Initial Access module analyses red team techniques for gaining access to a target system and network from a red teamer’s perspective in a simulated target network. Study a multitude of frequently used passive reconnaissance tools, the techniques used to weaponise files, attack passwords and logins, and practice sending phishing campaigns to exploit a system!
Explore the all-important red teaming weaponisation techniques used when exploiting the target machine with an in-depth introduction to the fundamental techniques used in performing password attacks. Expand your knowledge of phishing attacks and how to set up a phishing infrastructure (you’ll also be able to trick your target into opening your email in a realistic phishing simulation!)
The Post Compromise module dives into the steps attackers take after gaining an initial foothold on a network. Gain hands-on experience with the technologies and security products used in corporate environments, covering host and network-based security solutions.
Experiment with various IDS/IPS evasion techniques, and learn the fundamental techniques of Windows privilege escalation, and common persistence on Windows machines, with an introduction to data exfiltration and tunnelling over various protocols.
Get ready to establish your first persistence point and elevate privileges locally in an attack strategy!
Expand your knowledge of the red teaming techniques and concepts behind host-based security solutions in the Host Evasions module, giving you hands-on experience to bypass the most common security products in Windows operating systems.
Learn the fundamentals of how Windows operates at its core, leveraging windows internals components to evade common detection solutions, exploring tool-agnostic software obfuscation practices to hide malicious functions, learning how to break signatures, and evading common detection measures.
Network Security Evasion
Evade different security solutions used in the industry to bypass intrusion detection systems, intrusion prevention systems, firewalls, and sandboxes, in addition to logging and monitoring systems.
Our Network Security Evasion module features in-depth training in protocol and payload manipulation, port hopping and port tunnelling. You'll also learn about the active defence mechanisms blue teamers deploy to identify adversaries in their environment.
Compromising Active Directory
Approximately 90% of the Global Fortune 1000 companies use Active Directory (AD). Since AD is used for Identity and Access Management of the entire estate, it can likely become a target for attackers!
This module will teach you the basics of Active Directory security, delving into core security issues stemming from misconfigurations. Learn to breach and enumerate AD, covering the red teaming tools and techniques that can be used to acquire that first set of AD credentials.
Dive into the standard AD exploitation and persistence techniques used post-compromise in a red team exercise. Apply current authentication models employed in modern environments to a red team approach!
Kickstart your learning journey to gain the expertise, skills and red teaming certification to achieve a career in offensive security.