$ cat curriculum.md
Workshop Overview
Modern cyber adversaries execute carefully orchestrated multi-stage attack campaigns that combine social engineering, stealth communication, in-memory payload execution, modular post-exploitation, privilege escalation, and AI-assisted operations. This workshop walks through the complete lifecycle of modern offensive security operations through real-world live attack demonstrations using the offensive cyber platform NirnayakX.
Session 1: Foundations of Offensive Security & Initial Compromise
Module 1: Modern Offensive Security & MITRE ATT&CK Evolution of modern cyber attacks; the Cyber Kill Chain and adversary lifecycle; the MITRE ATT&CK Framework; mapping attacker behavior to tactics and techniques; real-world adversary tradecraft.
Module 2: Initial Access & Foothold Establishment Initial access vectors including phishing, malicious archives, and executable delivery; payload delivery mechanisms; user execution; establishing the initial foothold; bootstrap implants and persistent communication; beacon initialization.
Module 3: Operationalizing the Attack Chain using NirnayakX Generating initial payloads; deploying Scout Implants; managing active sessions; information collection; artifact upload workflows; AI-assisted operational summaries.
Session 2: Stealth Command & Control Infrastructure
Module 4: Modern Payload Execution & Loader Architectures Staged and stageless payload architectures; modern loader design; in-memory payload execution; process injection; reflective loading; fileless execution.
Module 5: Stealth Command & Control Infrastructure Resilient C2 infrastructure design; proxy-based communication; SOCKS5 tunneling; redirector architectures; Cloudflare Tunnel; NGINX reverse proxy; traffic routing; infrastructure OpSec; concealing backend C2 servers.
Session 3: Modular Post-Exploitation & Offensive Execution
Module 6: Modern Post-Exploitation Frameworks Post-exploitation methodologies; modular offensive architectures; Beacon Object Files (BOFs); system enumeration; privilege escalation; offensive automation; memory-resident module execution.
Module 7: Ransomware Operations & Impact Generation Complete ransomware attack chain; initial compromise and payload deployment; active beacon establishment; BOF-based privilege escalation; custom ransomware execution; controlled file encryption; mapping workflows to MITRE ATT&CK.
Module 8: Operationalizing Post-Exploitation using NirnayakX Executing Beacon Object Files; privilege escalation modules; custom ransomware BOFs; managing offensive tasks; advanced post-exploitation workflows.
Session 4: AI-Assisted Offensive Operations & Data Analytics
Module 9: AI-Assisted Offensive Operations AI-assisted offensive security; Local LLMs; Retrieval-Augmented Generation (RAG); automated operational reporting; intelligent artifact correlation; AI-assisted attack analysis.
Module 10: AI-Driven Data Analytics Operational data collection; uploader modules; artifact extraction; automated AI-assisted analysis; RAG-based intelligence generation; operational reporting.