
Course introduction. In this lecture the instructor introduces himself and goes over the course outline.
This lecture is a simple primer to help you configure and cover the fundamentals of Terraform.
This lecture is a simple primer to help you configure and cover the fundamentals of the Serverless Framework.
This lecture is a simple primer to help you configure AWS credentials and keys if you choose to follow along with the course material directly.
In this lecture we break down specific OSI model components and review a full stack app's network architecture. We also build out a mini "enterprise tier" network topology.
In this lecture we go over the concepts of client/server communications, and bridge those concepts to the fundamentals of C2 communications.
This lecture covers the concept of reverse VPN tunneling and walks through a hands on implementation for configuring this concept.
This lecture walks through the fundamental concepts of system administration in the context of DevOps. We explore tools like Terraform and Saltstack and explain the ideas of Infrastructure as Code and Desired State.
This lecture is a brief overview of what "Red Teaming" is and the purpose and value it provides.
This lecture ties together the Red Team and Infrastructure Operations concepts together.
This is just a quick transitional lecture to overview the Scenarios that will be demonstrated throughout the course.
This lecture is a hands on walk through of setting up a simple C2 server with Terraform and Metasploit to conduct a classic exploitation scenario.
This lecture is a hands on walk through of performing some simple post-exploitation activities with Metasploit as our C2.
This lecture is a hands on walk through for configuring an OpenVPN based drop box scenario. Our drop box will make use of reverse VPN tunneling to give us remote access to an internal target network allowing use to compromise the systems within.
This lecture we continue into the post-exploitation phase of the drop box scenario. This is a hands on walk through involving the configuration and use of the Empire C2 framework.
This lecture covers the PwnDrop tool for hosting C2 implants as a lead into the next lecture where we will use it to serve Merlin C2 framework agents.
Using the PwnDrop tool to host a Merlin C2 agent to establish a post-exploitation presence on a compromised Windows host.
The Offensive Security Engineering course focuses on the hands on skills it takes to run the infrastructure operations behind a "Red Team". This course will cover C2 frameworks such as Empire, Merlin, and even the Metasploit framework's C2 capabilities. In addition this course will cover multiple scenarios that will require students to configure custom drop boxes, reverse VPN tunnels, phishing campaigns, and more.
This course is great for those who are already in IT or Security and are looking to expand their horizons to learn how the back end of an offensive security operation works. Whether you're a software developer, system administrator, or a newfound penetration tester, this course is for you!