Social Media Icons
Social Media Icons
Discord YouTube LinkedIn WhatsApp

Windows Evasion Bootcamp - Aug 2026

Master Windows evasion in 4 weeks - obfuscate PowerShell and .NET, evade Defender, explore EDR internals, dive into API hooking and ETW, and practice stealthy attacks in hands-on labs running Elastic EDR.

Starts: Aug 2026
Duration: 4 weeks (Saturdays)
Access: Live session recordings provided

$299.00

What to Expect?

Over the course of 4 weeks, you will:

  • Learn how to bypass security defenses such as AMSI, Microsoft Defender, and EDR systems.
  • Work with live labs using tools like Elastic EDR and perform real-world attacks like DCSync and payload execution.
  • Learn how to reduce detection through advanced obfuscation, payload crafting, and stealth operations.
  • Explore EDR internals, API hooking, and ETW to learn how defenders trace adversary activity.
  • Use Elastic EDR to simulate and test evasion techniques, and tweak your approach based on alerts and telemetry.

Key Features

  • Comprehensive weekly modules covering everything from evasion basics to advanced techniques.
  • Real-world scenarios with Elastic EDR, AMSI emulation, PowerShell obfuscation, and more.
  • Learn to execute stealthy DCSync attacks, bypass Defender, and manipulate telemetry.
  • Learn from seasoned cybersecurity professionals who walk you through each technique.
  • Test and refine your skills in a simulated environment with direct feedback.
  • Work with Elastic EDR, one of the most popular open-source tools for endpoint detection.
  • Start with foundational concepts and gradually tackle advanced evasion techniques.

Get Certified (CWEP)

Earning the CWEP certification demonstrates your expertise in Windows evasion techniques. From evading modern EDRs and obfuscating PowerShell/.NET payloads, to understanding API hooking, ETW patching, and advanced stealth tactics. The certification proves your ability to operate undetected in high-security environments and simulate real-world threat actor behavior. This credential enhances your career prospects, making you stand out for roles such as Red Teamer, Threat Emulation Specialist, or Senior Penetration Tester.

Bootcamp Agenda

Session 1: Introduction to Evasion and Lab Setup

  • Introduction to Evasion
  • Lab Setup
  • Introduction to Enterprise Defensive Solutions
  • Programming Basics
  • Processes and Threads
  • Playing with more Win32 API
  • Emulating AMSI

    • Session 2: PowerShell, .NET, and Payload Obfuscation

  • PowerShell and Dotnet
  • Payload Obfuscation(Strings, PowerShell, Dotnet)
  • Bypassing Defender

    • Session 3: Understanding EDRs and Hooking Mechanisms

  • Introduction to EDRs
  • API Hooking
  • Event Tracing for Windows
  • Setting up EDR labs
  • Understanding EDR Evasion

    • Session 4: EDR Evasion with Elastic and Stealth Techniques

  • Playing around with Elastic EDR
  • Using alerts to improve evasion
  • Executing Malicious dotnet binaries
  • Executing DCSync with minimum alerts
  • Blinding the EDR
  • Blending in with the noise
  • Introduction to Advanced Evasion

    • Bootcamp Schedule (August 2026 Batch)

    This live bootcamp is delivered over four consecutive Saturdays, starting from August 8th, 2026, and concluding on August 29th, 2026.

    • Live, Instructor-led Training via Zoom
    • Private Discord Community for Discussions and Q&A
    • Recorded Sessions Available after each Class

    Live Session Dates

    Live Session 1: Saturday, Aug 8 @ 2 pm - 6 pm IST
    Live Session 2: Saturday, Aug 15 @ 2 pm - 6 pm IST
    Live Session 3: Saturday, Aug 22 @ 2 pm - 6 pm IST
    Live Session 4: Saturday, Aug 29 @ 2 pm - 6 pm IST

    Who Should Join This Bootcamp?

    1. Red Teamers: Those looking to enhance their skills in bypassing endpoint defenses and executing stealthy attacks.
    2. Cybersecurity Enthusiasts: Individuals with a foundational understanding of security who want to take their skills to the next level.
    3. Penetration Testers: Learn how to evade detection during assessments and craft more sophisticated attacks..
    4. Blue Teamers Transitioning to Offensive Roles : Gain insight into evasion tactics to better defend against real-world attacks.
    5. Malware Developers : Learn how to create payloads that can bypass modern detection mechanisms.

    Master Windows evasion in 4 weeks - obfuscate PowerShell and .NET, evade Defender, explore EDR internals, dive into API hooking and ETW, and practice stealthy attacks in hand-on labs running Elastic EDR.

    $299.00

    Training Instructor

    Siddharth Johri

    Security Consultant
    Siddharth Johri is a cybersecurity professional skilled in Network Pentesting, AD Security, and Red Teaming, with a focus on uncovering vulnerabilities while evading detection and defenses.

    Key Takeaways

    1. Hands-on training in Windows evasion techniques used by real-world adversaries.
    2. Strong foundation in Windows internals, including Win32 APIs, processes, threads, and AMSI behavior.
    3. Mastery of PowerShell and .NET obfuscation techniques to evade detection.
    4. Exposure to EDR fundamentals, API hooking concepts, and an introduction to Event Tracing for Windows (ETW).
    5. Real-world labs simulating stealthy payload execution, low-noise attacks, and defensive evasion against Elastic EDR.
    6. Official certification as Certified Windows Evasion Practitioner (CWEP) upon successful completion.

    Why Attend?

    1. Learn the techniques used by real-world adversaries and acquire essential skills for advanced red teaming.
    2. Gain practical experience working with powerful EDR tools and bypassing endpoint defenses in real-time.
    3. As detection techniques evolve, it's crucial to stay up-to-date on the latest methods to remain competitive in the field.
    4. Get personalized guidance from experienced red teamers and security professionals.
    5. This bootcamp prepares you for advanced adversary emulation work, making you a valuable asset to any cybersecurity team.

    FAQs

    Do I need prior Malware Development experience?

    While prior Malware Development experience will be advantageous, this course does not have malware development as a pre-requisite. However, basic knowledge about cybersecurity and attacking Windows and Active Directory Infrastructure will be assumed.

    What all will I get familiar with?

    You will gain hands-on experience with Elastic EDR, PowerShell, .NET, AMSI, and Windows APIs. Labs are designed to simulate real-world environments and use open-source EDR tools for detection and evasion.

    Can I access the course after the bootcamp ends?

    Yes, all participants will have access to course materials, recorded sessions, and lab setups for a limited period after the bootcamp ends.

    Will I get a certificate after completing this bootcamp?

    Yes, participants who complete the bootcamp and pass the certification exam will receive the CWEP certificate, validating their newfound skills in Windows evasion techniques and red teaming.

    Ready to Master the Art of Pentesting?

    Choose our pentesting courses for:

    Affordable Price

    Unlock your potential with affordable upskilling! Our unbeatable course prices are your chance to level up without breaking the bank. 

    Lifetime Access

    Acquire lifetime access to our resources when you buy our courses. Gain knowledge today and unlock a lifetime of learning. 

    Certificate of Completion

    Upon completing our course, you'll receive a certificate of completion to showcase your new skills. Add it to your resume or LinkedIn profile.

    Hands-On Experience

    Get hands-on experience with real-world scenarios and challenges, giving you practical skills that you can apply immediately in your career. 

    Expert Instructors

    Learn from industry experts with years of experience in pentesting, who are passionate about sharing their knowledge and helping you succeed. 

    Flexible Learning

    Whether you're a beginner or an experienced professional, our courses are designed to meet you where you are and help you reach your goals. 

    Get in Touch

    Have a question, need assistance, or want to collaborate? We’re here to help!

    Whether you're looking for cutting-edge cybersecurity solutions or expert training or want to learn more about our services, contact us today.


    +91