Free Training Course: Microsoft Office Offensive Tradecraft for Red Teamers
We invite you to join us in a complimentary online training on offensive tradecraft
Monday, 22 January 2024
8:00 a.m. CT | 3:00 p.m. CET
Registration is closed due to extremely high demand.
If you did register in time, please note that your registration is not confirmed just yet. We will contact you once we’ve been able to process all requests – likely early 2024.
Get hands-on experience with this free training course from Outflank’s security researchers. Learn the latest Microsoft Office Offensive Tradecraft and how to embed these innovative techniques for MS Office abuse in your red teaming operations that go way beyond good old malicious macros.
In this 2 hour training, previously only available to attendees of x33fcon, Outflank team members Stan Hegt and Pieter Ceelen will share various practical examples of research presented at BlackHat, Troopers, and Brucon, as well as new and unpublished techniques.
We will discuss Microsoft Office security controls and recent developments such as Mark-of-the-Web in detail and will demonstrate how offensive techniques can be applied during red teaming operations. Participants will get hands-on experience with Microsoft Office techniques to gain initial access, for lateral movement, and long-term persistence. Having access to OST, our commercial offensive security toolset, is not required to participate in this course.
During the training we cover the following topics:
Intro to MS Office Security
- Trust settings and decision flows, Mark-Of-The-Web, file types and formats, digital signatures in MS Office, macros and other “active content”
- Macro based techniques, add-ins, ActiveX, payloads without code execution
- Trusted locations abuse, sideloading techniques: signed files and loldocs, lateral movement via MS Office data
- MS Outlook backdoors, Office startup backdoors, abusing trust settings for persistence
Online Training and Lab Environment
Interested in joining this free training? Fill in the registration form.
Please note that space is limited! Priority will be given to attendees who register with their corporate email address and work in an offensive security role.
Advanced Offensive Tradecraft Under Your Fingertips?
This free training showcases many Office related techniques that you can do yourself with publicly available tools. To significantly speed up the time to deployment of these techniques, as well as keep you up to date with new tricks, the Outflank team licenses their offensive tools and tradecraft to other red teams via Outflank Security Tooling, an easy-to-use toolset for red teamers. Users of OST are regularly offered similar sessions on a variety of relevant red teaming topics. You can read more about Outflank Security Tooling, see some of the tools in action, or schedule an expert lead demo.