This is an on-demand full hands-on training that focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization's overall detections and security posture

Top Takeaways From This Training

This is a hands-on offensive training that focuses on helping organizations battle against ever-growing targeted attacks and ransomware attacks by simulating their adversaries and put your defenses and your blue team at test to improve the organization security posture.

  • Simulate a real APT Attack given its TTPs and build their own malware to test their defenses (or clients' defenses) against completely new malware.

  • Build their own Red Team infrastructure and secure it from being detected or blocked by the company's security team.

  • Learn not just the techniques but how each technique works internally and how you can develop your own version of it.

Course curriculum

    1. Intro To The Training

    2. Training Prerequisites

    1. Intro To APT Attacks

    2. Red Team Assessment Plan

    3. Build Your Red Team Infrastructure on AWS

    4. Installing Terraform

    5. Build Our Red Team Infrastructure on Terraform

    6. Labs & Slides

    1. Step 01: Build Your Phishing Story

    2. Step 02: Register Your Smartly Chosen Domains

    3. Step 03: Craft Your First Phishing Campaign

    4. Step 04: Bypass 2FA With Evilginx2

    5. Labs & Slides

    1. Spearphishing With Malicious Files

    2. Spearphishing With Malicious Documents (Hands-on)

    3. Advanced VBA Macros Techniques (Hands-on)

    4. Simple Attack Payloads - Download and Execute

    5. Different Techniques of Initial Access

    6. Advanced Macros - COM Objects

    7. Advanced Macros - XSL Stylesheets

    8. Labs & Slides

    1. C++ Programming Refresher - Memory & Variables

    2. C++ Programming Refresher - Conditional Jumps

    3. C++ Programming Refresher - Windows APIs

    4. Malware Development - Send a Request to C&C

    5. Malware Development - Encode Our Messages with Base64

    6. Malware Development - Send and Receive Messages

    7. Labs & Slides

    1. Malware Development - Execute C&C Commands

    2. Develop Your First Complete Malware

    3. Malware Plugin Framework - Load New Plugins Dynamically

    4. Malware Plugin Framework - Keylogger Plugin

    5. Labs & Slides

About this course

  • $1,280.00
  • 70 lessons
  • 1 hour of video content

Testimonials & Endorsements

Hany Shalaby, CISO – Information Security Manager

"The training was highly helpful by highlighting many of the techniques that can be used to bypass the organization's security defenses. You put huge appreciated effort with all the attendees to ensure that all the modules are clear and understood.”

Pravesh Janartha, Sr. Offensive Security Engineer at Momentive AI

"Definitely one of the most up to date training with relevant topics. Thank you Amr Thabet for this great learning session. I would definitely recommend this training for anyone who is looking to level up their skills in Red Teaming."

Omar Amin

"One of the best Outstanding Training I have ever taken. You have done a great effort with us especially in the Malware Development section and EDR / AV Evasion. Most of the training programs out there don't have Malware Development from scratch. That's what has made this training a special one. Thanks again for your effort with us! Really appreciated"


Founder of MalTrak Amr Thabet

Amr Thabet is a malware researcher and incident handler with over 10 years of experience, he worked in some of Fortune 500 companies including Symantec, Tenable, and others and he is the founder of MalTrak. He is the author of "Mastering Malware Analysis" published by Packt Publishing. He is a speaker and an instructor at top security conferences all around the world, including DEFCON, Hack In Paris, and VB Conference. He was also featured in Christian Science Monitor for his work on Stuxnet. He had worked on the analysis of some of the top nation-state-sponsored attacks including the NSA malware families, North Korea, and many other highly advanced attacks. Prior to that, I struggled to get into the field as I was a mechanical engineer graduate. I faced lots of demotivating voices telling me that I wouldn't be able to make it. And because of that, after my successes, I decided to be the inspiring voice to all cybersecurity enthusiasts that want to land their first job in cybersecurity. His mission is to help security professionals all around the world to build their expertise in malware analysis, threat hunting, red teaming. and most importantly, protect their organization's infrastructure from targeted attacks, ransomware attacks, and APT attacks.

Pricing options

Get enrolled today with the pricing option you prefer. Both will get the full access to the training right away