* Cantinho Satkeys

Refresh History
  • FELISCUNHA: ghyt74   49E09B4F  e bom feriado   4tj97u<z
    Hoje às 10:39
  • JPratas: try65hytr Pessoal  h7ft6l k7y8j0
    Hoje às 03:51
  • j.s.: try65hytr a todos  4tj97u<z
    30 de Outubro de 2024, 21:00
  • JPratas: dgtgtr Pessoal  4tj97u<z k7y8j0
    28 de Outubro de 2024, 17:35
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  k8h9m
    27 de Outubro de 2024, 11:21
  • j.s.: bom fim de semana   49E09B4F 49E09B4F
    26 de Outubro de 2024, 17:06
  • j.s.: dgtgtr a todos  4tj97u<z
    26 de Outubro de 2024, 17:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana
    26 de Outubro de 2024, 11:49
  • JPratas: try65hytr Pessoal  101yd91 k7y8j0
    25 de Outubro de 2024, 03:53
  • JPratas: dgtgtr A Todos  4tj97u<z 2dgh8i k7y8j0
    23 de Outubro de 2024, 16:31
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    23 de Outubro de 2024, 10:59
  • j.s.: dgtgtr a todos  4tj97u<z
    22 de Outubro de 2024, 18:16
  • j.s.: dgtgtr a todos  4tj97u<z
    20 de Outubro de 2024, 15:04
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  101041
    20 de Outubro de 2024, 11:37
  • axlpoa: hi
    19 de Outubro de 2024, 22:24
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    19 de Outubro de 2024, 11:31
  • j.s.: ghyt74 a todos  4tj97u<z
    18 de Outubro de 2024, 09:33
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    18 de Outubro de 2024, 03:28
  • schmeagle: iheartradio
    17 de Outubro de 2024, 22:58
  • j.s.: dgtgtr a todos  4tj97u<z
    17 de Outubro de 2024, 18:09

Autor Tópico: Practical Cyber Threat Hunting  (Lida 238 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 115395
  • Karma: +0/-0
Practical Cyber Threat Hunting
« em: 21 de Maio de 2020, 08:22 »

Practical Cyber Threat Hunting
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 44100 Hz
Language: English | Size: 4.64 GB | Duration: 7.5 hours

What you'll learn
Students will gain abilities like Network forensic skills, Memory Forensic skills threat hunting over ELK incident response skills for APT analysis and more. In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like IOC, TTP, Cyber Kill Chain Model, Incident Response Steps. I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.

Requirements
Knowledge of Basic TCP/IP Basic Attack techniques lile SQL injection, RCE and others.
Description
In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like IOC, TTP, Cyber Kill Chain Model, Incident Response Steps. I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.

Important Note: My Udemy Training only includes the videos. Memory images, pcaps and virtual machines aren't shared in Udemy. I am creating lab environment in a different platform in Cloud and when I complete the Lab network in cloud I will announce and You can purchase separately from this.

Who this course is for:
Who want to be member of Blue Team Or Purple Team As a Threat Intelligence Analyst Or Incident Responder Or Threat Hunter

Screenshots


Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction