Offensive Machine Learning

Take a deep look at using ML for offensive security. Design, build, and deploy models into real world tooling. Attack models and evade detection. Create the universal operator.

The Course

Machine learning (ML) has so far been unchecked on its way to cyber-security domination. However, regardless of its success so far, adversaries will ultimately decide if ML is a viable solution to help detect and prevent modern attacks. Currently, the majority of research is done by defensive vendors and academic researchers in lab environments, far removed from the high pace of real-world operations. It’s time for offensive security professionals to join the discussion. Offensive teams might not have as many papers published, but they have data, network access, and the right mindset to challenge ML systems in real-world environments.

ML is changing the way organizations do business, and it is important offensive teams develop the skills necessary to assess and secure ML systems. In addition to protecting their clients, teams with ML skills will create next generation of offensive tools, and give themselves an edge in ever tightening networks. If you’re a red teamer or penetration test and want to prepare for when ML comes for your shells, build the hottest tools since HAL 9000, or steal models for fun and profit. This course is for you. Otherwise, if you’re a data scientist or machine learning engineer looking for insights into how an industry leading red team is using ML, and/or want to come to the dark side, this course is for you.



fundamental machine learning and red teaming concepts


ML enabled tools, modules, and malware


build, and automate the deployment of models


synthetic social-engineering personas and attacks


Markov Chains, Reinforcement Learning, and simulators


offensive knowledge, and teach models with historical operations data


and evade deployed ML models


  • Understanding of machine learning as it relates to offensive security and the defensive landscape.
  • How to integrate machine learning into offensive operations.
  • Adversarial techniques for model theft, bypass, and ex-filtration.


Students should have at least:
  • An intermediate level of systems administration experience using Windows or Linux
  • Experience with programming (however small or long ago)
  • An interest in data science
  • An interest in offensive security

Students would benefit from experience/familiarity with:
  • APT kill chains
  • Windows internals concepts
  • Machine Learning concepts
  • Penetration testing techniques or frameworks
  • Python, C++, Win32 api, .NET, VBA
  • Keras/TF2