Offensive Development and Tradecraft

Learn advanced skills of Red Team Operators and Offensive Developers.

What you will learn:

Develop skills to create your own Implants and Loaders
Bypass Yara Rules and Machine Learning Detections.
Master the Art of Crafting Position Independent Code.
Loading Reflective DLL from Position Independent Code.
Harness Indirect Syscalls, Reflective DLL Injection, and Module Stomping.
Advanced techniques like Stack Spoofing and much more
View the full syllabus here which provides details of sections to be released.

Technologies used in the course:

Programming in C using mingw compiler.
X64Dbg, IDA Pro and Windbg.
Python and CMake.

Learning Resources:

Detailed video walkthroughs of code and debugging sessions, and complementary text.
Multiple Showcase and Capstone Projects.
Notion Template for Learning and Discord access.
Self-Hosted Lab with Elastic EDR for testing Evasion and Opsec.
Regular updates.

Hardware Requirements:

CPU: 64-bit Intel i5/i7, or AMD equivalent. 2.0+ GHz or better processor.
CRITICAL: Apple Silicon devices cannot perform the necessary virtualization and therefore cannot be used for this course.
16GB of RAM or more is required.
200GB of free storage space or more is required.

Course Curriculum

Section 00 – Introduction

Introduction
Changelog
Learning Resources
Archive Passwords

Section 01 – Creating the Lab

Download ISO and VM
Install Windows VM
Install Kali Linux
Install Tools on Windows VM
Installing Tools on Kali VM
Setting up Shares
Elastic EDR Setup on Kali VM
Havoc Installation on Kali VM
VM Download Link

Section 02 – Getting started with PE Files

Introduction
Compile First Exe file
Compile First Dll File
Write Code on Kali Linux VM
Finding Main Code from X64Dbg and IDA Pro
Debug GetHostName In X64Dbg
Debug Welcome Dll in X64Dbg
Code Review Apps in IDA Pro
LoadDll Code Review and Debugging

Section 03 – Basics of C Programming

Section 04 – Windows Internals Primer – To be Released.

Section 05 – Assembly Language

Section 06 – X64Dbg – Training

Section 07 – Basics of IDA Pro

Section 08 – Basics of Windbg – To be released.

Section 09 – Payload Storage

Section 10 – Capstone project: Payload Storage

Section 11 – ODT Showcase: Yara Bypass – EDR Evasion via Shellcode Manipulation

Section 12 – Hiding Imports

Intro
How is Import Address Table Generated
A – Removing the C Runtime Initialization Code
B – Debugging the exe after removing the C Runtime Init code
Api Hashing Intro
Generating Hashes Via Python
Custom GetProcessAddress Via ApiHashing
Compiler Optimisation problems during IAT Removal
Custom GetModuleHandle

Section 13 – Detection Engineering and Basics of Evasion

Introduction
Hash Based Detections
Yara Rules
Indicators of Attack
Introduction to Machine Learning Based Detections
Introduction to ML Bypass
Updating Loader with Havoc SC
Moving Havoc SC to alternate location
Debugging the updated loader
Final Changes to complete ML Bypass

Section 14 – Payload Encryption and Obfuscation

Section 15 – Api Hooking

Section 16 – Bypass Api Hooking – To be Released.

Section 17 – Injection

DllInjection
LocalModuleStomping – 1
LocalModuleStomping – 2
MapViewInjection
RemoteModuleStomping – Part 1
RemoteModuleStomping – Part 2
Threadless Inject – Part 1
Threadless Inject – Part 2

Section 18 – Direct and Indirect Syscalls

Section 19 – Reflective Dll Injection

Tasklist Dll Code
Reflective Dll Injection – Intro
Reflective Dll Injection Repo
Reflective Dll Loader Code Review
ReflectiveLoaderCodeReview
Convert Any dll Code to Reflective Dll
Covert Tasklistdll to Reflective Dll
Build Reflective Loader

Section 20 – Position Independent Code

Section 21 – ODT Showcase: ML Bypass – Building Evasive Module Stomper which loads PIC containing Reflective DLL.

Course Info

$529.99

Ask Academy Comparison

Compare Ask Academy with other training providers

Ask Academy

Logical Sections - Easy to follow
Continuous Updates
Working Code Projects
Video-based Training
Text-Based Training (Work in Progress)
Self-Paced Learning
Fair Pricing Model
EDR Installed in Lab
Evasion Techniques
Advanced Techniques covered in no other courses
Ask Academy VMs

Competitors

Photo Gallery

About the Author

Hi! I am Ahmed! I am currently working as Research Lead in Fortune 500 Company, where I reverse engineer malware and perform security research to understand attacker behavior. I have worked in Microsoft and CrowdStrike in Security Research, Security Engineering and Managed Detection and Response team. I have been working in Cyber Security industry for more than 15 years. I am passionate about making Cyber Security accessible to everyone. Through my course/s, my YouTube channel and social media I share what I am working on, support people in this wonderful field. I have spent a significant portion of my career on the front line. During this time, I have had the opportunity to work on major cybersecurity incidents, including WannaCry, NotPetya, Solar Winds, Proxy Shell, and others. Additionally, I have successfully protected numerous clients from major ransomware attacks. I am always happy to share my knowledge through social media, my YouTube channel and I have lately started working on accessible Cyber Security Courses. I understand that most of the courses out there are expensive, which is why this academy is solely focused on creating comprehensive courses which are affordable for our students.

Technologies used in the course

The programming Language used in the course is C. The main compiler we are using is Mingw, we use Visual Studio 2022 in Basics of C and 2 other sections. We are also using X64Dbg, IDA Pro and Windbg for research and debugging. We are using Elastic EDR for Detection and Evasion.

Video/Text Based Content

We provide Video and Text Based learning material, both of which complement each other. We also provide prepared Virtual Machine so the student can just download and use them in their own lab.

Note Taking

We provide access to Notion template to help with learning, keeping track of work completed and additional notes. We also provide access to Discord server for questions and general engagement with other students.

FAQ

What kind of learning resources are available ?

The course material contains details explanations in Videos and Text based format. We will also provide access to Discord and for the first time we are going to provide access to special Notion Template to help with tracking progress, keeping notes etc.

Why take this course ?

This course is ideal for cybersecurity professionals seeking to advance their skills in offensive development, including penetration testers, red teamers, blue teamers, security analysts, and researchers. Whether you’re a penetration tester, red teamer, blue teamer, or security analyst, mastering offensive cybersecurity techniques opens doors to new career opportunities. Employers value professionals who can think strategically and understand both offensive and defensive tactics.

Who this course is for ?

Is the Course updated regularly?

Yes the course will be updated every month with new and advanced materials.

Does this course expire ?

No, the course does not expire. You will have life time access.