Certified Windows Internals Red Team Operator
[CWI-RTO]

• Start your journey in Microsoft Windows Internals
Unveil common Win32/NT APIs used by the malwares
• Understand malwares abusing internals from user-mode perspective
Perform various challenges/exercises to learn Windows Internals
Learn different kernel data structures (EPROCES, ETHREAD, KPCR etc.) through Windbg

ENROLL NOW

Develop

Stealth Malware Development Skills

Premium Study Material

with PDF + HD Videos

Debugging VM

Get Custom VM for debugging & internals

User-land Attack Techniques

Get your hands dirty with latest attack techniques

CWI-RTO Introduction

CyberWarFare Labs Certified Windows Internals Red Team Operator (CWI-RTO) is a hands-on self-paced course, designed specifically for beginners to intermediate audience having interest in Malware Development & Reverse Engineering, and working in Offensive Information Security. This course comes with study materials including Custom Debug VM and Manuals (PDF), students learn and practice user-land attack techniques with adversarial mindset.

The main aim of this course is to help candidates develop apex threat actor mindset while performing offensive operations in an endpoint and remain stealthy. Learn, Utilize, develop & weaponize internals is the flow of the class.

COURSE SYLLABUS

CWI-RTO Course Highlights

Learn about Interrupts and Exception
Object and handles
Process and thread internals
System Calls
Portable Executable Basics
Object Security (Token, SID, etc)
Develop Malwares & Simulate Adversaries
Simulate Red Team Cycle in Endpoint

CWI-RTO Lab Highlights

Abuse Exceptions to hijack code execution
Perform Direct System Calls
Process & Thread Internals for Process Injection
Perform Manual Token Manipulation
Code in c/c++
Deep Analysis of CVEs

Prerequisites:

Able to read and understand C/C++/asm

Basic knowledge on tools like WinDbg, IDA

Familiarity with Command line environment

Certification Procedure:

To earn CyberWarFare Labs Certified Windows Internals Red Team Operator, candidate must fulfill below criteria :

Skills Reflected by Certificate Holder:

  • Understand basic of Windows Architecture
  • Learners can explore and identify different kernel data structures through Windbg and other disassemblers (IDA, Ghidra etc).
  • Explore and Understand Apex Threat Actors TTPs
  • Will be able to write tools and malware effectively for security assessment
  • Will be able to effectively analyze and simulate the malware techniques
ENROLL NOW!