© 2019 Stage 2 Security LLC

Explore Available Courses!

Courses available in-house as well as special locations such as Black Hat!

Astute AWS/Azure/GCP Cloud Red Team - It's Raining Shells!

    BlackHat USA - Four Days - August 1st thru 4th - Las Vegas

Early bird pricing at Black Hat 2020 

Ends May 22, 

Register now!

Stay frosty within AWS, Azure, & GCP environments with this fast-paced and hands-on course which teaches each participant the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access within cloud platforms.

In this course you will:

  • Exploit serverless (e.g. Lambda, Azure Functions) applications for initial access into targets.

  • Pivot between data and control planes to expand access (e.g. secrets, snapshots)

  • Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected.

  • Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems.

  • Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of metadata protection

Compete throughout the course in our hands-on Capture the Flag (CTF) tournament!

Next scheduled course: Black Hat 2020 (August 1-4 in Las Vegas)

See more...

Astute Red Teaming with Voodoo

    On-Site - One Day

Contact us for more information!

Stay frosty by using Voodoo to gain & expand access within modern macOS, Linux, & Windows environments. This fast-paced and hands-on course teaches participants the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access throughout various information systems.

In this course you will:

  • Get interactive access to Windows, Linux, & macOS targets via Voodoo's multi-user interface

  • Pivot through Configuration Management (CM) systems for lateral movement

  • Learn OPSEC best practices for red teaming without being detected

    • Avoid detection via osquery and bypass various EDR solutions

  • Gain initial access to servers via web vulnerabilities to get interactive via Voodoo

  • Establish a SOCKS proxy connection encapsulated over HTTPS to access internal networks

  • Escalate Privileges w/ Voodoo and Pivot from endpoint to endpoint deep into target networks

Astute Infrastructure Red Teaming - Commandeering the Fleet

    BlackHat USA - Two Days - August 3th thru 4th - Las Vegas

Early bird pricing at Black Hat 2020 

Ends May 22, 

Register now!

Stay frosty by (ab)Using Configuration Management (CM) systems (e.g. WSUS, jamf, Puppet, Chef, SaltStack, Ansible, etc...) to expand access within modern macOS, Linux, & Windows environments. This fast-paced and hands-on course teaches participants the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access throughout various CM systems.

In this course you will:

  • Gain access to client-side endpoints (e.g. macOS) & create a TLS tunnel (via SOCKS)

  • Expand access onto Linux servers via piggybacking off SSH connections

  • Learn how to avoid osquery detection and bypass other EDR solutions

  • Exploit & Pivot through various Configuration Management (CM) systems (e.g. WSUS)

Compete throughout the course in our hands-on Capture the Flag (CTF) tournament!

Next scheduled course: Black Hat 2020 (August 3-4 in Las Vegas)

See more...