RED TEAM ALCHEMY

Offensive Machine Learning

Take a deep look at using ML for offensive security. Design, build, and deploy models into real world tooling. Attack models and evade detection. Create the universal operator.

The Course


Machine learning (ML) has so far been unchecked on its way to cyber-security domination. However, regardless of its success so far, adversaries will ultimately decide if ML is a viable solution to help detect and prevent modern attacks. Currently, the majority of research is done by defensive vendors and academic researchers in lab environments, far removed from the high pace of real-world operations. It’s time for offensive security professionals to join the discussion. Offensive teams might not have as many papers published, but they have data, network access, and the right mindset to challenge ML systems in real-world environments.

ML is changing the way organizations do business, and it is important offensive teams develop the skills necessary to assess and secure ML systems. In addition to protecting their clients, teams with ML skills will create next generation of offensive tools, and give themselves an edge in ever tightening networks. If you’re a red teamer or penetration test and want to prepare for when ML comes for your shells, build the hottest tools since HAL 9000, or steal models for fun and profit. This course is for you. Otherwise, if you’re a data scientist or machine learning engineer looking for insights into how an industry leading red team is using ML, and/or want to come to the dark side, this course is for you.

Learn


Explore

fundamental machine learning and red teaming concepts

Create

ML enabled tools, modules, and malware

Design

build, and automate the deployment of models

Generate

synthetic social-engineering personas and attacks

Explore

Markov Chains, Reinforcement Learning, and simulators

Codify

offensive knowledge, and teach models with historical operations data

Steal

and evade deployed ML models


Takeaways

  • Understanding of machine learning as it relates to offensive security and the defensive landscape.
  • How to integrate machine learning into offensive operations.
  • Adversarial techniques for model theft, bypass, and ex-filtration.

Requirements


Students should have at least:
  • An intermediate level of systems administration experience using Windows or Linux
  • Experience with programming (however small or long ago)
  • An interest in data science
  • An interest in offensive security

Students would benefit from experience/familiarity with:
  • APT kill chains
  • Windows internals concepts
  • Machine Learning concepts
  • Penetration testing techniques or frameworks
  • Python, C++, Win32 api, .NET, VBA
  • Keras/TF2