Learning Solutions

Learning Library

Courses & Certifications

Industry-leading certifications and training for continuous learning

Job Roles

Rigorous training content and labs for the most critical and in-demand job roles

Industry Frameworks

MITRE ATT&CK- and D3FEND-aligned learning paths

Explore Learning Library

Cyber Ranges

Enterprise Cyber Range & Versus

Set up tournaments and test red and blue team skills in a live-fire cyber range

Offensive Cyber Range

Train on the latest attack vectors to address vulnerabilities

Defensive Cyber Range

Prepare for the next attack with simulated real-world training environments

Watch a demo
Why OffSec

Organizations

Teams & Enterprises

Continuous learning & hands-on skills development for cybersecurity teams

Public Sector

Unique training for government agencies and educational institutions

Use Cases

Meet critical cyber workforce needs with OffSec's learning platform

Contact sales

Individuals

Attain a Certification

Prove critical knowledge & skills with an industry-standard certification

Get Hands-on Practice

Challenge yourself in real-world lab environments

Increase Career Prospects

Ready yourself for the next step in your cybersecurity career

Register now
Plans & Pricing

Organizations

Subscription Pricing

Provide continuous Learning Library access to build cyber workforce resilience

Cyber Ranges

Hands-on training in live-fire, simulation environments

Pentesting Services

Let OffSec conduct a comprehensive vulnerability assessment

Contact sales

Individuals

Pricing

Flexible options based on your learning goals

Learn One
Learn One

12-month access to a single course, related labs, and two exam attempts

Course & Certification Bundle
Course & Certification Bundle

90-day access to a single course, related labs, and one exam attempt

Learn Fundamentals
Learn Fundamentals

12-month access to introductory- and essential-level content

Proving Grounds Labs

OffSec-curated private labs to practice and perfect your pentesting skills

Register now
Partners
Global Partner Program
Partner Portal Login
Find a Partner

Become a Partner

Add OffSec to your list of training providers

Partner with us
Kali & Community
Join Our Community
Kali Linux
Community Projects
OffSec Discord
OffSec Live

Connect with us

OffSec office hours every Friday on Twitch

OffSec Twitch
Resources
2024 Global Infosec Award Winner

OffSec Wins Seven Global InfoSec Awards during RSA Conference 2024

Read blog

Sharpen your Red Team skills: Outsmart detection

OffSec Learning Path: Red Teaming

Go beyond penetration testing: learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal. Learners will:

  • Embrace the adversary mindset and master Red Teaming concepts to emulate shrewd threats throughout the attack lifecycle

  • Obscure malicious activity by manipulating Windows Event Tracing

  • Develop robust Red Team tooling for evading detection

Get Started
Hero image for Sharpen your Red Team skills: Outsmart detection

Enhance your Red Team operations

This Learning Path equips you with the knowledge to conduct sophisticated Red Team engagements. Understand the core differences between penetration testing and Red Team operations, then learn stealthy attack techniques like impairing Event Tracing for Windows (ETW), tampering with event logs, and executing process injection to effectively simulate real-world adversaries and assess your organization's detection capabilities and defense gaps.

Who is this Learning Path for?

  • Red Team operators seeking to refine their evasion skills
  • Penetration testers aiming to transition into Red Team roles
  • Security professionals looking to simulate real-world adversary techniques

Learning objectives

  • Understand core Red Teaming concepts and methodologies
  • Learn the inner workings of Event Tracing for Windows (ETW) in user and kernel modes
  • Learn advanced Windows event log tampering techniques and automate the process
  • Develop proficiency in stealthy process injection methods to evade detection

Key modules in the Red Teaming Learning Path

Introduction to Red Teaming

  • Introduction to Red Teaming concepts and comparison to Pentesting and Vulnerability assessments

Impairing Event Tracing for Windows (ETW) in User Mode

  • Bypassing ETW logging via user mode techniques, while leaving minimal detection footprints

Impairing Event Tracing for Windows (ETW) in Kernel Mode

  • Bypassing ETW logging via kernel mode techniques, while leaving minimal detection footprints

Windows Event Log Tampering Techniques

  • Discussing and implementing techniques to disrupt the EventLog service or to edit Windows Log files by building tools in C#

Automating Event Log Tampering

  • Bundling the techniques introduced in the Module "Windows Event Log Tampering Techniques" into a standalone tool that can be used in real red team assessments to hide the tracks of an operator

Process Injection For Red Teamers

  • Performing process injection while evading advanced detection systems such as EDRs
View full syllabus

Red Teaming overview

6

modules

50

hours of content (approx.)

77

labs

Red Teaming

Earning an OffSec Learning Badge

Showcase your growing Red Team proficiency! Upon completing 80% of the Red Teaming Learning Path, you'll receive an exclusive OffSec badge signifying:

  • Red Team expertise: Proven knowledge of stealthy Red Team tactics
  • Industry recognition: Adds a powerful OffSec credential to your skillset
  • Hands-on skill: Demonstrated ability to execute real-world evasion techniques

 Why train your team with OffSec?

Advanced evasion skills

Emulate real-world threats for robust defense testing

Real-world focus

Practical training for obscuring Red Team activity

Ahead of the curve

Learn the latest techniques to bypass security mechanisms

Start learning with OffSec

All
access

Learn <br/>Unlimited Learn <br/>Unlimited

Learn
Unlimited

$5799/year*

Unlimited OffSec Learning Library access plus unlimited exam attempts for one year.

Large teams

Learn <br/>Enterprise Learn <br/>Enterprise

Learn
Enterprise

Get a quote

Flexible terms and volume discounts available.

learn-unlimited

Learn Unlimited provides individuals and organizations with unlimited access to the OffSec Learning Library. This includes all courses, content and learning paths. Learners also receive unlimited exam attempts and time in any of our hands-on lab environments.

Contact us Learn more
What’s included

1 year of access to unlimited courses & content

Unlimited exam attempts during your subscription

365 days of lab access

1 year of unlimited access to all fundamental content and OffSec curated Learning Paths

PEN-103 + unlimited KLCP exam attempts

PEN-210 + unlimited OSWP exam attempts

Proving Grounds Practice labs

3 downloads of course material

FAQ

Syllabus

  1. Introduction to Red Teaming
  2. Impairing Event Tracing for Windows (ETW) in User Mode
  3. Impairing Event Tracing for Windows (ETW) in Kernel Mode
  4. Windows Event Log Tampering Techniques
  5. Automating Event Log Tampering
  6. Process Injection For Red Teamers

What prerequisites are necessary for this Learning Path?

What skills will I develop?

Does this path cover the latest Red Team techniques?

How is OffSec's Red Team training different?

Start your journey today

Individual

Individual

Ideal for

One learner

Register now

Team

Team

Ideal for

Fewer than 10 learners

Buy now

Have questions? Contact sales

Organization

Organization

Ideal for

10 or more learners

Contact sales
Graduation cap icon colored in with a gradient fading from purple to teal

New to cybersecurity want to get educated on fundamental content before signing up?

Check out CyberVersity - our free resource library covering essential cybersecurity topics.

Learn more