Threathunting Academy Evasion| 25-26 February 2026 |
Event details
| Date | February 25, 2026 8:30 am - November 26, 2025 5:00 pm |
|---|---|
| Location | Jarviss Wommelgem Uilenbaan 82, 2160-Wommelgem |
Hands-on technical workshop: Blue Team / Red Team Exercise
Wednesday 25 and Thursday 26 February 2026
Threathunting Academy Evasion: is a practical training program that combines offensive and defensive cybersecurity techniques to teach advanced evasion methods.
Through hands-on labs, participants will learn how adversaries operate and how to counter their tactics effectively.
What you will learn?
- Gain a clear understanding of adversary tactics techniques, and procedures (TTPs) like privilege escalation, code execution, persistence memory injection and evasion.
- Deal with and better understand alerts from various security tooling
- Build and customize a C2 framework (Havoc C2) to simulate real-world attacks and implement evasion techniques such as AMSI/UAC bypasses ETW patching, and static signature evasion.
- Develop a custom evasive shellcode loader by applying techniques learned during the course.
- Analyze adversary behavior, identify threats, and use the right tools for detection and response.
- Understand the strengths and limitations of AV/EDR/SIEM solutions and how they integrate into a security operations center (SOC).
Why follow this workshop?
- Understand Adversary TTP’s (Mitre)
- Recognize techniques, tools used by adversaries
- Know your blindspots
- Interpret EDR Alerts
- Investigate (hunt), analyze (forensics) and respond
- Incident preparedness, know what to do and when
- Many attacks are not automatically BLOCKED and need manual intervention
Agenda
Day 1
- Introduction
- Attack Frameworks
- Telemetry and logging best practices
- Processes, Tokens and DLL’s
- Privilege Escalation
- AV/EDR Deep dive
- Net and powershell
- Static Analysis
Day 2
- WIN32API & Functions
- Building an evasive shellcode & loaders
- Fully bypass MS Defender
- Malware Analysis Lab
What to expect?
● 2-day technical training
● Maximum of 15 seats to keep teacher-student interaction at the highest level
● Lunch included
Taught by top experts
This training is delivered by two top professionals who have hands-on experience in building and managing next-generation automated SOCs.
Luk Schoonaert
Hands on CISO and strategic advisor specializing in threat hunting, detection engineering, and mitigating advanced threats
Pieter-Jan Blaton
Senior SOC Analyst, master at troubleshooting and a life-time cybersecurity veteran with deep levels of understanding ranging from network, endpoint, SIEM/SOAR, UEBA and other security technologies.
Student Pre-requisites
- Bring a laptop
- Technical background knowledge
- Knowledge of Windows/Linux
- No coding skills required
Want to know more?
Download the pdf here
Where?
This event will take place in the Antwerp region exact venue to be announced.
Register here:
€2,500 per participant (excl. VAT)