REVIEW: RED TEAM Operator: Privilege Escalation in Windows Course by SEKTOR7 Institute

This is my review of the RED TEAM Operator: Privilege Escalation in Windows course offered by SEKTOR7 InstituteAs an affiliate, I make money with qualifying purchases.

RED TEAM Operator: Privilege Escalation in Windows is a brief introduction to the subject. As with other offerings by SEKTOR7, this course expects that you know the basics of writing software on Windows, particularly in C. I feel that without some basic development abilities, this course would be difficult to follow along with. You don’t need to be a master. Being able to write simple console applications, compile them with Visual Studio, and look up documentation on MSDN would be a good start.

This course is not a comprehensive guide to privilege escalation, however I felt it was a pretty good introduction to the subject. I feel that this course covered enough to get started with research on this subject. I ended up learning some new things and ~70 bookmarks to review later.

This material was interesting to me as a defender. I have definitely seen several of these techniques applied in real life intrusions. Seeing these attacks carried out from the other side will help me contextualize security events that I encounter in the future.

Some of the topics this course covers:

  • Basic post-exploitation reconnaissance
  • Finding credentials and other interesting files (passwords.txt, unattend.xml, …)
  • Windows Credential Manager
  • Abusing mis-configured services, scheduled tasks, and file system permissions
  • DLL Hijacking
  • User Account Control (UAC)
win32 credential manager UAC handles windows privesc service registry tokens environment named pipes msiexec processes scheduled tasks
Red Team Operator Privilege Escalation Word Cloud

What’s Included?

  • ~3.5 hours of on-demand video
  • Zip file containing example code
  • Virtual machine with pre-installed tools
  • 3 assignments


Here are all of the bookmarks I made while reviewing this course in no particular order.,1016

One thought on “REVIEW: RED TEAM Operator: Privilege Escalation in Windows Course by SEKTOR7 Institute

  1. Pingback: REVIEW: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software – DMFR SECURITY

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s