Red Team Ops II

RTO II is a continuation (not a replacement) of Red Team Ops and aims to build on its foundation. The primary focus of this course is to provide more advanced OPSEC tactics and defence bypass strategies.

Students will:

Learn how to build secure and resilient on-premise C2 infrastructure, using public cloud redirectors and HTTPS.

Go deeper into C++ and C# programming with Windows APIs, leading into writing custom tooling for a variety of offensive actions including process injection, PPID spoofing, and command line spoofing.

Learn how to clean up memory indicators of Cobalt Strike's Beacon, and leverage in-memory obfuscation to bypass some memory scanning techniques.

Employ strategies for enumerating, identifying, and exploiting weaknesses in Attack Surface Reduction and Windows Defender Application Control technologies.

Bypass AV and EDR agents by circumventing ETW, userland hooking, and kernel callbacks




If any links die or problem unrar, send request to