$ cd ../workshops
MODULE_03Saturday, 22 Aug 2026 | 0930-1730 (08 hours)

Live C2 Ops with NirnayakX

Step into the shoes of an adversary — live attack chains & AV/EDR bypasses

$ cat curriculum.md

Workshop Overview

Modern cyber adversaries execute carefully orchestrated multi-stage attack campaigns that combine social engineering, stealth communication, in-memory payload execution, modular post-exploitation, privilege escalation, and AI-assisted operations. This workshop walks through the complete lifecycle of modern offensive security operations through real-world live attack demonstrations using the offensive cyber platform NirnayakX.

Session 1: Foundations of Offensive Security & Initial Compromise

Module 1: Modern Offensive Security & MITRE ATT&CK Evolution of modern cyber attacks; the Cyber Kill Chain and adversary lifecycle; the MITRE ATT&CK Framework; mapping attacker behavior to tactics and techniques; real-world adversary tradecraft.

Module 2: Initial Access & Foothold Establishment Initial access vectors including phishing, malicious archives, and executable delivery; payload delivery mechanisms; user execution; establishing the initial foothold; bootstrap implants and persistent communication; beacon initialization.

Module 3: Operationalizing the Attack Chain using NirnayakX Generating initial payloads; deploying Scout Implants; managing active sessions; information collection; artifact upload workflows; AI-assisted operational summaries.

Session 2: Stealth Command & Control Infrastructure

Module 4: Modern Payload Execution & Loader Architectures Staged and stageless payload architectures; modern loader design; in-memory payload execution; process injection; reflective loading; fileless execution.

Module 5: Stealth Command & Control Infrastructure Resilient C2 infrastructure design; proxy-based communication; SOCKS5 tunneling; redirector architectures; Cloudflare Tunnel; NGINX reverse proxy; traffic routing; infrastructure OpSec; concealing backend C2 servers.

Session 3: Modular Post-Exploitation & Offensive Execution

Module 6: Modern Post-Exploitation Frameworks Post-exploitation methodologies; modular offensive architectures; Beacon Object Files (BOFs); system enumeration; privilege escalation; offensive automation; memory-resident module execution.

Module 7: Ransomware Operations & Impact Generation Complete ransomware attack chain; initial compromise and payload deployment; active beacon establishment; BOF-based privilege escalation; custom ransomware execution; controlled file encryption; mapping workflows to MITRE ATT&CK.

Module 8: Operationalizing Post-Exploitation using NirnayakX Executing Beacon Object Files; privilege escalation modules; custom ransomware BOFs; managing offensive tasks; advanced post-exploitation workflows.

Session 4: AI-Assisted Offensive Operations & Data Analytics

Module 9: AI-Assisted Offensive Operations AI-assisted offensive security; Local LLMs; Retrieval-Augmented Generation (RAG); automated operational reporting; intelligent artifact correlation; AI-assisted attack analysis.

Module 10: AI-Driven Data Analytics Operational data collection; uploader modules; artifact extraction; automated AI-assisted analysis; RAG-based intelligence generation; operational reporting.