Build an Army of Autonomous Offensive Agents with Vibe Coding (W79)
$319.00 $162.69
Courses Included
Only 1 left in stock
Subscribe
COURSE IS SELF-PACED, AVAILABLE ON DEMAND
DURATION: 18 hours
CPE POINTS: On completion, you get a certificate granting you 18 CPE points.
The course starts on the 2nd of October.
Can you Vibe Code your way through building an Army of Automatic Pentesting AI Agents? How much can Automatic GenAI Agents really do? Can AI do some part or most of your job while you sleep? Will AI take over your job, or some parts in the near future? What do you need to do to stay ahead?
Use LLMs to become a 10X Pentester while having fun in the process.
A continuation of our previous course, focused exclusively on the exciting aspect of Automatic GenAI Agents. Take this course to Stay ahead.
Who is this course for?
- Junior-Mid Pentesters looking to build their own arsenal of tools and automation.
- Experienced Pentesters exploring areas outside their core competencies.
- Professionals Interested in Automation.
Why take it NOW?
Agentic AI give us levels of freedom not possible before. AI that can Pentest while you sleep-in later, take a margarita or go for a walk. Capabilities keep getting better and tokens getting cheaper. Stay on top of the latest models, jailbreaks, prompts and techniques.
Why this course?
Agents are coming. Take control of building your own agents, or agents will control you.
Gain a deep understanding on how to build Agentic Workflows, Integration, Tools through this hands on course. Automating and speedparts of your Pentest Engagements.
Course benefits:
What will you learn about?
- Methodology for LLM JailBreaks.
- Advanced Prompting Techniques.
- Build Agents using leading frameworks such as CrewAI, Autogen and MCP.
- Best Tooling for different types of Pentesting.
- Ethics Considerations.
What tools will you use?
-
OpenAI APIs
-
Other LLM APIs
-
Python
-
Kali Linux
-
Multiple OpenSource Offensive Security Tooling.
What skills will you gain?
- Build Automatic AI Agents.
- Better Understanding of Tooling for Reconnaissance, Phishing, Web, AD, Cloud Security Pentesting.
- Ethics Considerations
Course general information:
Course format:
- Self-paced
- Pre-recorded
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
- All videos captioned
What will you need?
-
OpenAI API Key
-
Kali Linux VM
-
VSCode
What should you know before you join?
-
Familiarity with Python Programming Language.
-
Familiarity with the Pentest Process.
YOUR INSTRUCTOR: ROBERT THOMAS
Robert Thomas is a Cyber Security Professional working for one of the largest financial Institutions in Europe. A long time Systems Engineer, Network Engineer and Software Developer with 15 years of Experience. Worked Previously for CISCO, Telecom ISPs, Cloud Providers, High Frequency Trading Firms, and Financial Banks. Robert has a broad range of Knowledge and Expertise. An avid ChatGPT, and LLM user to generate new tools on the Offensive and Defensive side using LLMs.
COURSE SYLLABUS
Module 0
Before the course
A Preview of what Agents can do.
Module 1
Introduction: GenAI Agents The Foundation.
GenAI Agents behave very different from traditional predictable code automation. For the new writer it might require some re framing to get used to.
We look into the foundational concepts to build successful GenAI Agents Systems. How to strike the right level of Unpredictability, Tool Integration, Memory and Creativity.
Covered topics
- High Level Design of an AI Agent.
- CallFlow Structure of an AI Agent.
- Review of Major Agentic AI Frameworks (CrewAI, Autogen).
- Feature review of CrewAI.
- Ethics Considerations.
Exercises
MISSING
Module 2
Agent01 – Ghost Recon (Reconnaissance)
Our first Agent for this course. Ghost Recon is an agent that focus on Reconnaissance and Discovery phases. It takes an external view on a target and produces a list of entry points to the organization, sites, subdomains, key personnel, email address, exposed endpoints. Generates a Threat Model and performs as much Attack Surface Reconnaissance on a Target for additional entry points. Serves as an Inspiration for other variations focusing on Internal or Bug Bounty reconnaissance.
Covered topics
- Building AI Agents.
- Tool Integration such as: Web Scraping, Search, OSINT, Github, LinkedIn, DNS, Email Enumeration, Google Dorks.
Exercises
Rebels - Poisoned Intern.
You Build A recon agent that gets access to an Intern Credential and wreaks havoc performing an internal reconnaissance using simple to guess, and previously compromised credentials.
Module 3
Agent02 – The Phisher (Social Engineering).
We build an Agent for your Phishing needs. Phishing is still one of the main ways into organizations. LLMs are very good at creating context specific content. We expect LLMs to alter greatly the way Phishing is conducted in the next few years. This agents takes on traditional Phishing Tooling and Infrastructure and adds on top of it to create automatically new campaigns based on custom content created for specific targets. The uses for this agent on Pentest and RedTeam Engagements are many.
Covered topics
- Building AI Agents.
- Process on Social Engineering (Phishing).
- Tool Integration such as: The Phish, Reporting, Email Infrastructure.
Exercises
Rebels - The Forger.
You build an Agent to Explore the possibilities to forge documents, such as receipt, bills of landing with the help of LLMs.
Invoices or other that can be used as part of engagements.
Module 4
Agent03 – The Web Punisher (Web Pentesting).
We Build An Automatic Web Discovery, Vulnerability and Fuzzer Agent that attempts to find holes on vulnerable websites through a combination of Smart and Punishment. Fuzzing and DAST tools are not new, but what happens if we combine them with Planning, Threat Modeling, Source Code Evaluation capabilities? This agent attempts to mimic as much as possible a Web Pentest if you had unlimited scale, time and energy drinks. The non-linear operation of GenAI Agents are great at discovery flaws on websites.
Covered topics
- Building AI Agents.
- Process on Web Pentest
- Tool Integration such as: Web Version Detection, Vulnerability Scanning, Enumeration, ZAP, Owasp Top 10.
Exercises
Rebels - The Scrapper.
You build a simple Agent to automate and Identify simple, “Sensitive Data Exposure” for a bug bounty program.
Module 5
Agent04 – The Breacher (AD Pentesting).
We build An Automatic Agent to take on Active Directory. Most Pentest Engagement break at the Active Directory Level, we take new tool to the old topic of Pentesting Active Directory. Can we automate the process of Breaching an AD through a series of Tools and Agents? Can we move on to more interesting things?
Covered topics
- Building AI Agents.
- Process on Active Directory Pentest.
- Tool Integration such as: Bloodhound, ldapserarch, adrecon, nmap, kerbrute, crackmapexec
Exercises
Rebels – The knockout.
Build an AI agent that tries peoples previously exposed passwords, and some likely variation. Someone must be reusing right?
Module 6
Agent05 – Toxic Cloud (Cloud Pentesting).
We Build an Automatic Agent to take on AWS Cloud Miss configurations. The cloud can be safe when is configured correctly, however most environment suffer from miss configurations. Can our agent navigate through a Cloud Environment, found miss configurations and exploit them automatically? All while you are zipping on Margaritas?
Covered topics
- Building AI Agents.
- Process on AWS Cloud Pentest
- Tool Integration such as: scoutsuite, pacu, s3recon, s3scanner, cloudfox.
Exercises
Rebels – CyberHog.
You build an agent that escalate privilege through harvesting of cloud credentials. You applied knowledge gain throughout the course for your final assignment.
Final exam
40 Questions.
OpenAI API, Agents Design, Agentic AI Concepts, General Concepts on CrewAI, Debugging GenAI Agents.
QUESTIONS?
If you have any questions, please contact our eLearning Manager at [email protected].
Only logged in customers who have purchased this product may leave a review.
Reviews
There are no reviews yet.