Login via PatreonLifetime Member Login

Patreon Coding Class Subscription

25 USD / mo

  • Acess to live session + recording
  • Monthly subscription
  • Access to the Discord
  • Access to the portal






Sign up

Coding Class Lifetime Access

300 USD

  • Access to all the coding class episodes (more than 85) You can scroll to see all the episodes recorded so far

  • One time payment
  • Lifetime membership
  • Access to the Discord
  • Access to the portal


* registration information email may be in your spam folder look for an email from

Offline Red Team Training

500 USD


* registration information email may be in your spam folder look for an email from

Join Our Community

We have a really nice community on Discord feel free to join us if you have any questions or just want to hang out.

The Discord can be be join using the following link: Discord link

Once you registered through Patreon or PayPal you can reach out to me on Discord Mr.Un1k0d3r#8648

preludesecurity.com Framework Special Video

Want to see what https://preludesecurity.com is about watch the live sessions

Episode Overview

Season 1 Episode 1 presented on November 18, 2020 at 7 PM EST
Introduction to the toolset and core concept.


Season 1 Episode 2 presented on November 25, 2020 at 7 PM EST.
Introduction to assembly language programming and shellcoding core concept.


Season 1 Episode 3 presented on December 2, 2020 at 7 PM EST.
Shellcoding basics: Resolving Windows APIs using loaded modules LDR in the PEB and kernel32 GetProcAddress and LoadLibrary.


Season 1 Episode 4 presented on December 9, 2020 at 7 PM EST.
Remote process injection using the PEB kernelcallbacktable manipulation and SendMessage API.


Season 1 Episode 5 presented on December 16, 2020 at 7 PM EST.
Writing customer shellcode encoder in assembly using key brute force and MMX instructions set.


Season 1 Episode 6 presented on December 23, 2020 at 7 PM EST.
Fooling the EDR using self debugging and DLL loading event to manipulate loaded DLLs.


Season 1 Episode 7 presented on December 30, 2020 at 7 PM EST.
Fileless lateral movement technique using Windows ServiceManager (SVCCTL) in C.


Season 2 Episode 1 presented on January 6, 2021 at 7 PM EST.
Windows APIs EDR evasion using Nt* APIs and direct syscall.


Season 2 Episode 2 presented on January 13, 2021 at 7 PM EST.
Demystifying some C concept.


Season 2 Episode 3 presented on January 20, 2021 at 7 PM EST.
Generic process injection concept in C and C#.


Season 2 Episode 4 presented on January 27, 2021 at 7 PM EST.
C# execute .NET in memory to avoid touching the disk and C# AMSI trick.


Season 2 Episode 5 presented on February 3, 2021 at 7 PM EST.
Attacking the EDR for fun and profit by removing the usermode hooks..


Season 2 Episode 6 presented on February 10, 2021 at 7 PM EST.
C and C# evasion technique to prevent sandbox execution.


Season 2 Episode 7 presented on February 17, 2021 at 7 PM EST.
Basic Command & Control (C2) over HTTP concept in C#.


Season 2 Episode 8 presented on February 24, 2021 at 7 PM EST.
Hooking Windows API for fun and profit.


Season 2 Episode 9 presented on March 3, 2021 at 7 PM EST.
Dropping your initial payload and phishing concept.


Season 2 Episode 10 presented on March 10, 2021 at 7 PM EST.
Cobalt Strike tricks and writing BOF file for Cobalk Strike.


Season 2 Episode 11 presented on March 17, 2021 at 7 PM EST.
SPECIAL GUEST: @byt3bl33d3r is going to present some of his work regarding nim.


Season 2 Episode 12 presented on March 24, 2021 at 7 PM EST.
Windows Internal Useful APIs. Remote information gathering.


Season 2 Episode 13 presented on March 31, 2021 at 7 PM EST.
Resolving syscall dynamically.


Season 3 Episode 1 presented on April 7, 2021 at 7 PM EST.
LDAP and the Windows Active Directory world.


Season 3 Episode 2 presented on April 21, 2021 at 7 PM EST.
SPECIAL GUEST: @waldoirc Understanding ETW, API hooking, and malware analysis.


Season 3 Episode 3 presented on May 5, 2021 at 7 PM EST.
Writing keyloggers using 2 different approaches.


Season 3 Episode 4 presented on May 19, 2021 at 7 PM EST.
The Windows COM world.


Season 3 Episode 5 presented on June 2, 2021 at 7 PM EST.
Linux Shellcoding.


Season 3 Episode 6 presented on June 16, 2021 at 7 PM EST.
Introduction to buffer overflow.


Season 3 Episode 7 presented on June 30, 2021 at 7 PM EST.
Birthday SPECIAL: A surprise.


Season 3 Episode 8 presented on July 14, 2021 at 7 PM EST.
Buffer overflow part 2: ROP Gadget.


Season 4 Episode 1 presented on September 15, 2021 at 7 PM EST.
Revisiting ETW and AMSI bypass.


Season 4 Episode 2 presented on September 22, 2021 at 7 PM EST.
PetitPotam and ADCS tricks for Red Teamers.


Season 4 Episode 3 presented on October 13, 2021 at 7 PM EST.
C Obfuscation For Red Teamers.


Season 4 Episode 4 presented on October 20, 2021 at 7 PM EST.
SPECIAL GUEST: @snowscan & Juan Ansible & Terraform automation. NO AUDIO


Season 4 Episode 5 presented on November 3, 2021 at 7 PM EST.
Sandbox detection tricks.


Season 4 Episode 6 presented on November 17, 2021 at 7 PM EST.
SPECIAL GUEST: @waldoirc Hooking Heaps and Living Free.


Season 4 Episode 7 presented on December 1, 2021 at 7 PM EST.
Initial Access payload; Some macro trick and .Net appdomain trick.


Season 4 Episode 8 presented on December 8, 2021 at 7 PM EST.
SPECIAL GUEST: Cobalt Strike version 4.5 pre-release exclusive sneak peak presented by @joevest and Chris Thrope which are both core dev of Cobalt Strike.


Season 4 Episode 9 presented on December 15, 2021 at 7 PM EST.
Patching legitimate software to hide your payload. (code cave)


Season 5 Episode 1 presented on January 12, 2022 at 4 PM EST.
SPECIAL GUEST: Offensive PIC for red teamers presented by @thefLinkk


Season 5 Episode 2 presented on January 19, 2022 at 7 PM EST.
Demystifying Import Address Table and Export Address Table.

Season 4 Episode 3 and 4 were postponed


Season 5 Episode 5 presented on February 9, 2022 at 7 PM EST.
Update on evasion and unhooking.


Season 5 Episode 6 presented on February 23, 2022 at 7 PM EST.
SPECIAL GUEST: Intro to Cobalt Strike Artifact Kit: Let's add some basic evasion capabilities for our Beacons. Presented by István Tóth aka @an0n_r0


Season 5 Episode 7. Presented on March 2, 2022 7 PM EST.
SPECIAL GUEST: ETW, more position independent shellcode and BRc4 @NinjaParanoid


Season 5 Episode 8 presented on March 16, 2022 at 7 PM EST.
Using mailslot instead of namedpipe to hide from EDRs. IRP_MJ_CREATE_NAMED_PIPE vs IRP_MJ_CREATE_MAILSLOT. ETW Provider attack to stop feeding at the source.


Season 5 Episode 9 presented on March 30, 2022 at 7 PM EST.
The mystery of DLL side loading. Demystifying how to do it properly.


Season 5 Episode 10 presented on April 5, 2022 at 7 PM EST.
Building your C2 introduction to preludesecurity.com


Season 5 Episode 11 presented on April 28, 2022 at 7 PM EST.
Reflective DLL Loading.


Summer Special Episode 1 presented on June 15, 2022 at 7 PM EST.
SPECIAL GUEST: Meterpreter's Railgun presented by @zerosteiner the lead developer of the Metasploit Framework at Rapid7.


Summer Special Episode 2 presented on June 22, 2022 at 7 PM EST.
The case of TrustedInstaller and some EDRs tricks.


Summer Special Episode 3 presented on July 14, 2022 at 7 PM EST.
MsBuild payload obfuscations and tricks.


Summer Special Episode 4 presented on August 5, 2022 at 9 AM EST.
SPECIAL GUEST: Obfuscation with NIM and NIM packer presented by @ShitSecure


Summer Special Episode 5 presented on August 10, 2022 at 7 PM EST.
Building obfuscation framework to automate the obfuscation process in C#.


Summer Special Episode 6 presented on September 21, 2022 at 7 PM EST.
Hunting for other SMB hash leakage vectors.


Summer Special Episode 7 presented on October 3, 2022 at 7 PM EST.
Killchain for ATP/MDE: firewall, elevate, registry key manipulation all in C.


Summer Special Episode 8 presented on October 26, 2022 at 7 PM EST.
Implementing your own GetProcAddress and LoadLibrary as part of your loader by parsing the PEB.


Summer Special Episode 9 presented on November 3, 2022 at 7 PM EST.
How to Get Started using Jenkins for CI/CD - For Offense & Defense. Presented by Jake.


Summer Special Episode 10 presented on November 16, 2022 at 7 PM EST.
RPC R&D style using impacket and MSDN documentation.


Season 6 Episode 1 presented on January 18, 2023 at 7 PM EST.
The core concept of our C2 written in C#.


Season 6 Episode 2 presented on January 25, 2023 at 7 PM EST.
C# invisible Cobalt String beacon in memory.


Season 6 Episode 3 presented on February 8, 2023 at 7 PM EST.
Building your C2 in .Net core part 1.


Season 6 Episode 4 presented on February 22, 2023 at 7 PM EST.
Building your C2 in .Net core part 2.


Season 6 Episode 5 presented on March 8, 2023 at 7 PM EST.
Building your C2 in .Net core part 3.


Season 6 Episode 6 presented on March 21, 2023 at 7 PM EST.
Getting Started with Continuous Security Testing with preludesecurity.com. This session will introduce new concepts and technologies for continuous security testing.


Season 6 Episode 7 presented on March 29, 2023 at 7 PM EST.
Building your C2 in .Net core part 4.


Season 6 Episode 8 presented on April 18, 2023 at 7 PM EST.
Building your C2 in .Net core part 5.


Season 6 Episode 9 presented on April 26, 2023 at 7 PM EST.
Building your C2 in .Net core part 6.


Season 6 Episode 10 presented on May 10, 2023 at 7 PM EST.
Building your C2 in .Net core part 7.


Season 6 Episode 11 presented on May 31, 2023 at 7 PM EST.
Building your C2 in .Net core part 8.


Season 6 Episode 12 presented on June 14, 2023 at 7 PM EST.
MSIL CIL obfuscation in C#. Obfuscating your code a level below.


Season 6 Episode 13 presented on July 19, 2023 at 7 PM EST.
Adding features to our C2 such as payload obfuscation at rest and new handlers. Switch case obfuscation trick preview.


Season 7 Episode 1 presented on October 10, 2023 at 7 PM EST.
Browser is the new LSASS part 1. Getting the master key.


Season 7 Episode 2 presented on October 25, 2023 at 7 PM EST.
Browser is the new LSASS part 2. Getting the cookie file.


Season 7 Episode 3 presented on November 8, 2023 at 7 PM EST.
Browser is the new LSASS part 3 .Getting the key remotely.


Season 7 Episode 4 presented on November 22, 2023 at 7 PM EST.
Phishing vectors in 2023. Getting code execution on the target.


Season 7 Episode 5 presented on December 6, 2023 at 7 PM EST.
Phishing vectors in 2023 part 2. Code obfuscation at rest.


Season 7 Episode 6 presented on December 20, 2023 at 7 PM EST.
Santa secret sauce: phishing trick to pass reputation and hide your final payload. Special guest: Eqw5


Season 8 Episode 1 presented on January 17, 2024 at 7 PM EST.
Special guest: Waldo-IRC present Introduction to thoughtful and simple debugging.


Season 8 Episode 2 presented on January 31, 2024 at 7 PM EST.
Red teaming and reconnaissance: Building your own C# utility to query LDAP.


Season 8 Episode 3 presented on February 14, 2024 at 7 PM EST.
Azure for red team: Token manipulation and the device code phishing.


Season 8 Episode 4 presented on February 28, 2024 at 7 PM EST.
Special guest: Kumo is presenting devops for red teamers.


Season 8 Episode 5 presented on March 13, 2024 at 7 PM EST.
Initial access: all the techniques we covered and what is efficient against EDRs.


Season 8 Episode 6 presented on April 3, 2024 at 7 PM EST.
Cobalt Strike and modern EDR evasion. The importance of BOF, avoiding Fork & Run and namedpipe.


Season 8 Episode 7 presented on April 17, 2024 at 7 PM EST.
TBD