Understanding eCrime is no longer optional. It is a mission-critical capability for any organization serious about anticipating, preventing, and neutralizing today’s most pervasive cyber threats. This intensive training provides a comprehensive exploration of the eCrime ecosystem, unpacking the full spectrum of adversarial tactics, techniques, and procedures used by financially motivated threat actors to exploit organizations of all sizes and sectors.

Blending traditional intelligence tradecraft with cutting-edge cyber security methodology, this course empowers cyber threat intelligence professionals, SOC analysts, CISOs, and forward-thinking defenders to operationalize threat intelligence, proactively reduce risk, and harden their defensive posture. Whether you are new to the world of eCrime or looking to refine your existing expertise, this course will give you the insight, confidence, and real-world skillset to outpace adversaries.

Through hands-on exercises, real case studies, and live tooling, participants will learn to track and attribute infrastructure, analyze adversary tradecraft, uncover victimology, and confidently identify key players within organized eCrime operations. Attendees will explore the dark web, develop basic operational personas, collect intelligence from adversary-run forums and marketplaces, and learn how to infiltrate closed communities — all safely and effectively.

This is not theory. This is practical, tactical, and grounded in the reality of modern digital threat operations. By the end of the training, students will walk away with the knowledge and tools needed to investigate, disrupt, and counter eCrime adversaries, all while supporting broader intelligence collection plans and strategic security initiatives within their organizations.

Student Requirements
Foundational knowledge in cybersecurity and a keen interest in cyber threat intelligence.

Target Audience
Cyber security professionals, cyber threat intelligence analysts, SOC analysts, CISO’s, and anyone else interested in learning more about the eCrime ecosystem, cyber threat intelligence, and eCrime countermeasures.

Trainer Bio

Scott Jarkoff
Scott Jarkoff is the Co-Founder of Praeryx, a new startup currently developing some insanely deep services and technology. Prior to that Scott Jarkoff was the Director, Intelligence Strategy, APJ & META, at CrowdStrike, where he directed the Asia-Pacific & Japan, and Middle East threat intelligence business. He advised and guided customers on operationalizing and integrating threat intelligence within a holistic intelligence-led security strategy.

Scott's creative genius does not stop at cyber security. He is also the visionary Co-Founder and mastermind behind deviantART, the largest and most vibrant online art community in the world. Under his guidance, deviantART blossomed into a bustling hub where millions of artists and art enthusiasts connect, share, and thrive in a kaleidoscope of creativity. Scott's profound impact on the art world through deviantART mirrors his innovative spirit in tech, making him a true renaissance man in both realms.

Scott is based in Tokyo where he masterminds all facets of multiple opeartions. He has twenty-five years cyber security and intelligence experience, between his time with the US Department of Defense, and the private sector.

This hands-on offensive security training focuses on real-world attack surfaces across three modern and highly targeted areas: Large Language Models (LLMs), Microsoft Entra ID, and Android Applications. Designed for red teamers, security professionals, and tech-savvy defenders, this training combines practical theory with 20+ hands-on labs to simulate actual attack scenarios and strengthen offensive capabilities.

The training begins with an introduction to LLMs, covering how they work, the data and techniques behind their training, and the real-world applications driving their rapid adoption. It also explores the security challenges associated with deploying LLMs. Participants will then dive into LLM attack simulations, gaining hands-on experience with threats like prompt injection, system prompt extraction, sensitive information disclosure, and model manipulation.

The second section introduces Microsoft Entra ID (formerly Azure AD) — Microsoft’s cloud-based identity and access management solution. The session covers its architecture, key components, RBAC, licensing, and how it differs from traditional on-prem Active Directory. The practical component focuses on pentesting Entra ID, including enumeration using tools like ROADrecon and AzureHound, password spraying with MSOLSpray, token and cookie-based attacks, and exploiting misconfigurations in Entra Connect and privileged accounts.

The final part of the training covers Android application pentesting, beginning with an overview of the Android architecture, common attack surfaces, and testing methodologies. Through deep-dive labs, participants will explore real-world attack scenarios such as bypassing SSL pinning and root detection, reverse engineering Flutter apps, exploiting IPC mechanisms, analyzing insecure storage, and performing advanced tampering involving Smali code and exploitation with Metasploit.

By the end of the training, participants will walk away with practical red teaming techniques and offensive knowledge applicable to AI systems, cloud identity platforms, and mobile environments.

Student Requirements
- Basic knowledge of computers and android
- Familiarity with the Windows and Linux operating systems
- Some experience with penetration testing tools is helpful but not mandatory
- Prior experience with command-line tools (PowerShell, Bash) is helpful but not mandatory

Target Audience
Cyber security professionals, cyber threat intelligence analysts, SOC analysts, CISO’s, and anyone else interested in learning more about the eCrime ecosystem, cyber threat intelligence, and eCrime countermeasures.

Trainer Bio

G Khartheesvar
G Khartheesvar is a Software Engineer at INE, specializing in web application security, network penetration testing, and cloud security. With experience in Red Teaming and Blue Teaming, he works across both offensive and defensive security disciplines. He has published research at Black Hat Asia and is a core contributor to the open-source project ThreatSeeker, which helps security professionals detect and analyze threats using Windows event logs. He holds a Dual Degree (Bachelor of Technology & Master of Technology) in Computer Science and Engineering from the National Institute of Technology Hamirpur, India. Passionate about cybersecurity, he actively explores new advancements in the field and strives to contribute to the security community through research and development.

Litesh Ghute
Litesh Ghute is a Software Engineer at INE, specializing in web application security, network penetration testing, cloud security, and mobile application security. He has published research at BlackHat USA and Asia, co-trained in cloud security training, and led teams in national hackathons like the Smart India Hackathon. With expertise in advanced penetration testing, web application security, and network penetration testing, he has identified and reported CVEs, contributing to the security community by uncovering critical vulnerabilities. Holding a B.Tech (Hons.) in computer science, he currently works as a full-stack developer and lab builder, focusing on security topics. His open-source projects, AWSGoat and GCPGoat, simulate vulnerable cloud infrastructures for security research and training.