Introducing the first ever...
RTFM Video Library
----
- HIGH QUALITY RTFM instruction led by a seasoned Red Team operator
- 68 VIDEOS demonstrating popular sections of the RTFM
- 100 ASSESSMENT questions focusing on Red Team techniques and tradecraft
- Participation in the "RTFM CHALLENGE" *
*Every Video Library holder who completes 100% of the assessment questions correctly, will be rewarded with an exclusive numbered "RTFM Challenge" coin!
TAKE THE RTFM CHALLENGE
ACE all the assessment questions and the uniquely numbered RTFM Challenge coin is yours. You deserve it.
*Due to shipping constraints, RTFM Challenge coin delivery only valid for United States based shipping addresses.
Meet Phyllis.Snyder of CyberInc
Phyllis Snyder was going about her day, checking her email when she unknowingly opened a malicious attachment.
"POW!"
Sit back, follow along in the RTFM, take notes, and watch as Nick Downer leads you through situational awareness, persistence, lateral movement, domain fortification, and eventually gaining access to the precious CYBERINC SOURCE CODE VAULT.
All straight out of the RTFM utilizing the popular SLIVER C2 FRAMEWORK.
*Note: This realistic Red Team scenario demonstrated (CyberInc and everything contained within) are fictitious, are not related to real entities, and is for learning purposes only.
Check out the USER PERSISTENCE teaser.
Scenario: User Persistence
The OUTLINE
- 0: Welcome
- 0.1 Welcome! (1 min)
- 0.2 How to use the RTFM Video Library (1.5 mins)
- 0.3 Red Team Scenario Overview (3 mins)
- 1: Infrastructure Setup
- 1.1 SSH (7 mins)
- 1.2 Setup SSH Keys (9.5 mins)
- 1.3 SSH Forwarding/Tunneling (15 mins)
- 1.4 TCPDump & TCPReplay (11 mins)
- 1.5 Screen (5.5 mins)
- 1.6 IPTables - (8.5 mins)
- 1.7 Service Manipulation - (5.5 mins)
- 1.2 Scenario: Infrastructure Setup - (21.5 mins)
- 2: Initial Access
- 2.1 Windows OS Details (2 min)
- 2.2 Windows Administrative Binaries (5.5 min)
- 2.3 Environmental Variables (4 min)
- 2.4 Windows Key Files & Locations (7 min)
- 2.5 Registry Run Keys (6 min)
- 3: Situational Awareness
- 3.1 Operating System Information (9 min)
- 3.2 Process & Service Enumeration (4 min)
- 3.3 Windows Account Enumeration (2.5 min)
- 3.4 Network Info & Configuration (10.5 min)
- 3.5 Registry Commands & Important Keys (10 min)
- Windows Active Directory Overview (10 min)
- 3.6 Scenario: Situational Awareness (7.5 min)
- 4: User Level Persistence
- 4.0 User Level Persistence Overview (4 min)
- 4.1 Scheduled Task User Persistence (13 min)
- 4.2 Run Key User Persistence (7 min)
- 4.3 Startup Directories (6.5 min)
- 4.4 Poisoning Existing Scripts (8.5 min)
- 4.5 Scenario: User Level Persistence (16 min)
- 5: Escalation
- 5.0 Windows Privilege Escalation Checklist (3 min)
- 5.1 File Info & Searching (8 min)
- 5.2 Tree Filesystem to Searchable File (7.5 min)
- 5.3 Using Volume Shadow Service (VSS) (5.5 min)
- 5.4 Scenario: Escalation via Datamining (22 min)
- 6: Lateral Movement
- 6.1 Remote System Enumeration (6 min)
- 6.2 sc.exe remote execution (7 min)
- 6.3 MMC COM Object (2 min)
- 6.4 Remote schtasks Execution (5 min)
- 6.5 Scenario: Remote Execution on Domain Controller (9 min)
- 7: Active Directory Enumeration
- 7.1 Domain Enumeration with Net.exe (6.5 min)
- 7.2 Domain Enumeration with DSQuery (16.5 min)
- 8: Domain Fortification
- 8.1 Mimikatz Credential Manipulation (7.5 min)
- 8.2 Scenario: Fortifying Domain Access (10 min)
- 8.3 Schtasks on Boot (3.5 min)
- 8.4 Service Creation (9 min)
- 8.5 Windows 10 .dll Hijack (9 min)
- 8.6 Remote Desktop Protocol (RDP) Configuration (5 min)
- 8.7 Misc [Re]Configuration (5.5 min)
- 8.8 Scenario: Installing System Persistence (3.5 min)
- 9: Hunting for User Workstations
- 9.1 Finding User System in a Windows Domain (5.5 min)
- 9.2 Scenario: Hunting for User Workstations (7 min)
- 10: Active Directory Forest Compromise
- 10.1 Scenario: Active Directory Forest Compromise Part 1 (40 min)
- 10.2 Scenario: Active Directory Forest Compromise Part 2 (11.5 min)
- 11: Secret Enclave Compromise
- 11.1 Linux OS Details - File System Structure (8 min)
- 11.2 Linux OS Details - Important File/Directory Descriptions (8 min)
- 11.3 Linux OS Details - /etc/shadow & /etc/passed Hash and File formats (3 min)
- 11.4 Linux System Enumeration - Operating System Information (3.5 min)
- 11.5 Linux System Enumeration - Situational Awareness & Process Manipulation (6 min)
- 11.6 Linux System Enumeration - User Account Enumeration & Configuration (4.5 min)
- 11.7 Linux System Enumeration - Network Configuration (5.5 min)
- 11.8: Linux Post Exploitation - Bash History Manipulation (3.5 min)
- 11.9 Linux File Manipulation (8 min)
- 11.10 Linux File Manipulation - File Compression & Chunking & Hashing (4.5 min)
- 11.11 Linux Persistence - Linux Service (3 min)
- 11.12 Linux Persistence - Crontab (2 min)
- 11.13 Linux Persistence - Poisoning Existing Scripts (1 min)
- 12: Pivoting through Tunnels
- 12.1 Scenario: Linux Escalation, Pulling the Thread (5.5 min)
- 12.2 Scenario: Accessing the Vault (6 min)
SEE what others are saying
Zak
The content was excellent, all from the RTFM book, and every topic was covered in depth. The part I loved about it was the end-of-module scenarios; they were well thought out and showed some complex tunnelling through the C2. I've not used much of Sliver, but I'll be giving it a road test soon.
I recommend that anyone interested in Red Teaming buy it and review the content. It gets 10/10 from me. I thoroughly enjoyed the videos; the pace was good, the content was well explained, and the presenter was engaging.
Joshua
The RTFM video series is hands down one of the better trainings that I have participated in. Overall, the content is complex enough to challenge even the most senior Red Teamers but the content is presented in such a way that it is easy to digest and understand.
The presenter Nick Downer does a great job covering how to use sliver within a "Red Team Engagement" and covers various topics from enumeration, initial access, privilege escalation, and lateral movement to name a few. I would recommend this training to anyone that wants to better their understanding of these topics.
Todd
This was an excellent video course covering the content from the Red Team Field Manual! Beyond covering the various topics and commands included in the RTFM, this course expanded on the content and provided additional information around some of the commands, considerations when conducting a Red Team engagement, and several quality of life hints. I would highly recommend this course for any individual interested in learning about Offensive Security, be it to benefit their operational methods in engagements, or for a defender to better understand the tradecraft of their adversaries!
After 1 year from the launch of RTFM v2, we wanted to up the game with the release of the RTFM Video Library. We hope it adds another dynamic to your tool kit!
Ben Clark
Author of RTFM