Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore adversary emulation techniques in this 55-minute conference talk from Ekoparty Security Conference. Learn how the MITRE ATT&CK Evaluations team improves cybersecurity by studying advanced threat actors, developing scenarios, and executing operations against major EDR vendors. Discover the process of merging cyber threat intelligence (CTI) and red team development capabilities, using a Latin American APT as an example. Follow along as speakers demonstrate evaluating technical reports, building scenarios, creating CTI diagrams, and addressing data gaps. Gain insights into the collaboration between CTI and red teams, including malware development, tool creation, and infrastructure setup. Understand the implementation of techniques like process injection, persistence, hands-on-keyboard discovery, and lateral movement. Learn how to launch attacks, analyze defender responses, and uncover attack patterns. Access publicly released code, research, and emulation plans to enhance your own defensive strategies using the "become the villain" methodology.
Syllabus
Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations -K. Esprit/ C. Self
Taught by
Ekoparty Security Conference
Related Courses
Build Undetectable Malware Using C Language: Ethical HackingUdemy Máster en Hacking con Python - Vuélvase un Hacker Ético
Udemy Practical Techniques for AV Bypass
YouTube Cyberespionage - Targeted Attacks Abusing Third-Party Cloud Services
RSA Conference via YouTube PIC Your Malware
BruCON Security Conference via YouTube