MEET.

Rogue Ops - Red Team 1

Ready to gain real world RED TEAM skills & experience?

Immerse yourself into ROPS-RT1 where students execute a REAL-WORLD inspired Red Team assessment, all while learning MODERN Red Team tradecraft, tools, and techniques from course instructors.

This course concludes with a rigorous proctored HANDS-ON CERTIFICATION test which is executed in an all new realistic environment.

Students join IN-PERSON, LIVE ONLINE, or SELF-LED

MODERN RED TEAM TOOLS & TRADECRAFT

Rubeus, BOFs, loaders, DLL Proxy Attacks, sneaky persistence, advanced tunneling methods, Pass-The-Ticket, Kerberoast, password cracking credential stores and more!

ROPS-RT1 was developed with a focus on utilizing the latest Red Team tools and tradecraft to prepare students for a demanding career in Red Team operations.

Full course outline here

TOP TIER TRAINING ENVIRONMENTS

Rogue Arena is the cornerstone of all Rogue Labs training. Be ready for:

  • Private isolated virtual environments for every student

  • 24/7 access available via web browser

  • Multiple lab environments per course for FRESH repeated practice opportunities

  • Robust course curriculum built RIGHT INTO the platform featuring course slides, videos, and labs

  • No pop ups, countdowns, or timers, or other stressful messages. Students have 24/7 access to the platform for the duration of their subscription

    Want to learn more about Rogue Arena? CLICK HERE

HIGH QUALITY VIDEO TRAINING

Boring, hard to follow videos are the WORST!

You’re committing hours of your precious time to learn an extremely technical and difficult field. Training content should be presented in the best way possible, to maximize student comprehension.

Rogue Labs produces the highest quality training content possible. This not only ensures better student engagement, but results in better certification performance.

INSTRUCTOR SUPPORT

We believe quality training is NOT a solo sport.

Whether you enroll in an in-person offering or self-led online, you will have 3 FORMS of accountability and support:

  1. Expert Instruction Staff

  2. Rogue Labs Alumni

  3. Other Students

Rogue Labs instruction staff also holds weekly office hours allowing students to join and ask additional questions or request additional assistance.

THE CERTIFICATION

Students completing ROPS-RT1 may sign up for the proctored CERTIFICATION attempt. This is only for those that have perfected the Red Team tools and tradecraft taught throughout the course, and are ready to PROVE their newly developed skills and expertise.

The certification will force students to execute a Red Team assessment in an all new virtual environment. Those that complete the certification and pass the Tradecraft review will be ROPS-RT1 CERTIFIED.

Meet Nick Downer

Nick has 10+ years of experience executing countless Red Team assessments across DOD and commercial environments.

He’s found himself in various training roles including co-authoring the RTFMv2 and most recently creating the RTFM Video Library.

He’s taught and equipped over 400 students in his time and through various teaching roles. He leveraged this experience (along with feedback from other senior Red Team operators in the industry) to create ROPS-RT1 with the mission of training and certifying the best Red Team operators possible.

ROPS-RT1 OUTLINE

    • What is “Red Teaming” & Benefits & Ethics

    • Red Team vs Pentest

    • Red Team Tradecraft & Importance

    • Emulating Threat Actor TTPs

    • Red Team Methodology

    • ROPS-RT1 Scenario Overview

    • C2 Frameworks & Industry Favorites

    • C2 Transport Protocols & Blending In

    • Red Team Redirectors & Proxypass

    • Introduction and Tour of Cobalt Strike

    • Lab 1 - Infrastructure Setup

    • Red Team Assessment Planning

    • Network Recon (NMap, Shodan, DMZ Enum)

    • Lab 2 - NMAP

    • OSINT Research (Google Dorks, Identifying Useful Targeting Information)

    • Lab 3 - OSINT

    • Phishing & Current Constraints

      • Phishing in the era of Robust Perimeter Detection

      • Generating Target List

    • Cobalt Strike Implant Payload Review (.dll, exe, service, shellcode)

    • Lab 4 - Phishing Package Generation (XLL)

    • User/Machine Situational Awareness

    • Lab 5 - Situational Awareness

    • BOF vs Assembly vs Shell

    • LOLBINS & Scripted Tool Tradecraft Concerns

    • TrustedSec BOF & Inline Execute

    • Lab 6 - BOF Situational Awareness++

  • Persistence

    • Overview & Importance

    • SYSTEM vs User

    • Installing User Persistence (Schtasks)

    • The Downside of Automated Persistence Tools

    • Utilizing “Loaders” (Shhhloader) to Bypass System Protections

    • Uploading & Blending Files Into Systems

    • Lab 7 - User Persistence

    • Poisoning User Startup Tasks

    • Lab 8 - User Persistence++

    Local Escalation

    • Datamining User Directories

    • Lab 9 - Datamining User Directories

    • Local Privilege Escalation Techniques (SharpUp)

    • Lab 10 - Local Privilege Escalation (DLL Hijack)

    • Active Directory Overview & BOF Net

    • Lab 11 - Enumeration With BOF Net

    • Fileserver Enumeration

    • Lab 12 - Datamining Fileservers

    • CS Token Manipulation (PTH, make, steal)

    • Lab 13 - Token Generation

    Lateral Movement

    • Lateral Movement (Service Manipulation)

    • SMB C2 Protocol

    • Lab 14 - Lateral Movement

    Domain Escalation

    • Lab 15 - Domain Controller Compromise

    • Hash Collection (dcsync, hashdump, vss)

    • Lab 16 - Hash Collection

    Domain Fortification

    • Domain Enumeration using ldapsearch

    • Active Directory Users/Groups/Computers/Admins

    • Lab 17 - Fortify & ldapsearch

    • SYSTEM Persistence Overview

    • Backup Redirectors

    • Enumerating & Building A DLL Proxy Attack

    • Lab 18 - DLL Proxy Attack

    • Red Team Logging

    • Lab 19 - Red Team Logging

    • Trust Enumeration & Exploitation

    • Lab 20 - Domain Trust Exploitation

    • Lab 21 - Electro R&D

    • Active Directory Mis-Configurations

    • Lab 22 - Kerberoasting

    • CS Quality of Life

    • Lab 23 - CS Quality of Life

    • Kerberos Tickets

    • Lab 24 - Pass-The-Ticket (PTT) / Rubeus

    • Cracking Keepass + SSH Keys

    • Portfwd Tunneling

    • Linux Situational Awareness

    • Lab 25 - Linux Compromise

    • SSH Tunnel Pivots

    • Local Authentication

    • Lab 26 - Investigation

    • Lab 27 - Cleanup

THE SCENARIO

Electro J&N has assigned you the responsibility of conducting a Red Team assessment against their corporate infrastructure. In light of their highly sensitive R&D projects, they have recently separated their R&D network into its own Windows Forest. They are eager to find out whether any potential breaches of their corporate network could impact the security of their fortified R&D forest.

WHAT YOU GET

  • 24/7 access to a realistic & private virtual training environment hosted in the one and only ROGUE ARENA.

  • Physical course/slide materials shipped to your door or available in class.

  • Access to LIVE or high quality/engaging video instruction, guiding you through course concepts and labs.

  • At least one test voucher for the respective hands-on certification test.

  • Bonus stretch goals for each lab. Complete them all and earn the ROPS-RT1 Overachiever challenge coin and Credly badge!

the buzz

Featured

If you are interested in pivoting into the RedTeam space, trying to learn the newest TTPs that can be immediately applied in operations, a pentester that just doesn't have the necessary experience with commercial C2s to level-up, or if you are tasked with approving training budgets for your org...you will be hard-pressed to find anything that can remotely hold a candle to ROPS-RT1 and the Rogue Arena.

From the very first day, when the training materials and high quality swag arrived at my door, I instantly knew that I was in for something a bit different than the usual, tired training/certification course format. It instantly felt more akin to an extended in-person training, at one of the bigger conferences, or a college seminar...but without the associated absurd sticker prices. The extremely high-quality training material is presented in every conceivable format, catering to any and every learning style and is coupled with hands-on keys practical applications of key concepts that are driven home in the labs and well thought-out, intentional overarching engagement scenario. I will definitely be putting my team through this training over others on the market, and any candidate holding the associated certification will be shooting right to the top of the resume pile.

I can whole-heartedly say that ROPS-RT1/Rogue Arena sits at the top of my personal training experiences and will continue to recommend enrolling in it to anyone who will listen....or read.

Nick and his team, have put something truly special together here and I believe the saturated infosec training space just got a brand new contender for #1. Do your team, your clients, and yourself a favor and don't sleep on this one.

Ken N (On-Demand Beta Tester)

Rogue Lab's ROPS-1 course is a great Red Team course that, unlike other RT courses, not only discusses OPSec considerations but also requires you to use good tradecraft throughout the course and on the certification exam. ROPS-1 is a fantastic hands-on course for new/intermediate Red Teamers and other security professionals to get a better understanding of Red Team operations! 

Jake K

ROPS-RT1 is a brilliantly led course with a great instructor. The scenario allows students to build on the techniques they learn as they go without ever needing to reset the environment, ensuring they get the maximum value out of their time, and it also tells a fun story. The techniques are taught in a way that makes them easy to understand, so operators of all levels can learn new things. I cannot recommend this course enough!

Aaron S

This class was great. It took the theory behind red-teaming that I had heard before and allowed me to put my hands on the keyboard and master all of the techniques.

Hank J.

The ROPS-RT1 course is a great learning course that teaches, explains, and demonstrates the material. Questions are answered immediately enabling students to understand the material before moving on to the next subject. Also, issues with your hands-on input during labs are quickly resolved with either desk side assistance or with the instructor remoting into your environment which enables students to understand errors and get back on track and continue on with the labs. The pace is continuous, but no student is left behind because the labs are demonstrated live in class for understanding.

Caroline L

Nick's ROPS-RT1 course was in-depth on all of the knowledge and tradecraft a red team operator would need to be successful during assessments. The structure flowed in a sensible way, allowing students to build up their skillsets and challenge themselves from beginning to the end. For those looking to take this course - this is one of the most stimulating trainings I've attended and it brings an immediate value add to any organization.

Louis

I embarked on the ROPS-RT1 class with high expectations, and I can confidently say that those expectations were not only met but exceeded beyond measure. This course is nothing short of phenomenal, offering a comprehensive journey into the intricate world of offensive security. One of the most commendable aspects of this class is its emphasis on practical skills. Rather than focusing solely on theoretical concepts, students are given opportunities to hone their abilities through a series of challenging exercises and simulations via Rogue Area. This not only reinforces learning but also instills confidence in one's abilities as a red team practitioner.

Rogue Labs instructor, Nick Downer, went above and beyond to ensure that students receive personalized attention and support throughout the entire duration of the course. Nick's ability to convey the information to both new and seasoned operators, was phenomenal!

In conclusion, if you're looking to elevate your skills in offensive security and embark on a thrilling journey into the world of red teaming, look no further than ROPS-RT1. It's not just a course; it's a transformative experience that will empower you to unleash the warrior within and conquer even the most formidable cybersecurity challenges. I am truly thankful for the opportunity to take this course and to have been taught by one of the finest in the field!

Nicholas O

The ROPS-RT1 course was amazing. The content consisted of real-world TTPs, with a heavy emphasis OPSEC. The course was fast paced with lots of hands-on experience with Cobalt Strike and BOFs. Additional stretch labs were provided throughout for those who finished the regular labs. Our team will be implementing his workflow and TTPs into our upcoming assessments immediately.

Lee B

This course kicked my butt, and I loved every second of it. Nick is a great teacher, really knows his stuff, and was quick to help whenever I had questions. Given the opportunity, I would absolutely take another course from Rogue Labs.

James G

The Rogue Labs Guarantee

We are so confident you’ll enjoy your training experience that we offer a 100% no questions asked money back guarantee.

Grab the course, jump in, and check it out. If you decide its not for you within the first 48 hours of purchase, no hard feelings. Just send an email to “returns@roguelabs.io” with your order number and we’ll refund your money immediately.

We only want your support if you love the course, and we are just THAT confident you will.

The FAQs

  • We understand life can throw all sorts of things at our schedule.

    One time during your subscription you may send us an email to support@roguelabs.io and we’ll pause your Rogue Arena environment and subscription.

    This pause will remain in effect for a maximum of 6 months but will allow you to resume training whenever it fits your schedule.

  • Rogue Labs certifications do not currently expire, but that could change in the future.

  • When a student successfully completes a Rogue Labs certification, they are sent a “certification kit” to commemorate their hard-earned achievement.

    As the Rogue Labs certification program grows, we hope to partner with external entities looking to hire quality Red Team operators and offer those potential career opportunities to Rogue Labs certified alumni.

  • Before starting ROPS-RT1 students should ensure they are familiar with:

    • Command line applications (passing arguments to executables)

    • Navigating file systems via command line

      • Issuing cd, pwd, ls, dir, etc

    • Basic Networking (TCP/UDP, Network Protocols such as HTTP/HTTPS/SSH, etc)

    • Basic Operating Systems (processes, network connections, etc)

  • Of course! ROPS-RT1 is just the beginning.

    Rogue Labs instructors are currently outlining ROPS-RT2, an intro course, and a C2 Framework course which will walk students through several different C2 Frameworks such as Mythic, Havoc, Sliver, and Merlin.

Interested?