* Cantinho Satkeys

Refresh History
  • j.s.: bom fim de semana  49E09B4F
    23 de Novembro de 2024, 21:01
  • j.s.: try65hytr a todos
    23 de Novembro de 2024, 21:01
  • FELISCUNHA: dgtgtr   49E09B4F  e bom fim de semana
    23 de Novembro de 2024, 12:27
  • JPratas: try65hytr A Todos  101yd91 k7y8j0
    22 de Novembro de 2024, 02:46
  • j.s.: try65hytr a todos  4tj97u<z 4tj97u<z
    21 de Novembro de 2024, 18:43
  • FELISCUNHA: dgtgtr  pessoal   49E09B4F
    20 de Novembro de 2024, 12:26
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    19 de Novembro de 2024, 02:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    16 de Novembro de 2024, 11:11
  • j.s.: bom fim de semana  49E09B4F
    15 de Novembro de 2024, 17:29
  • j.s.: try65hytr a todos  4tj97u<z
    15 de Novembro de 2024, 17:29
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    15 de Novembro de 2024, 10:07
  • JPratas: try65hytr A Todos  4tj97u<z classic k7y8j0
    15 de Novembro de 2024, 03:53
  • FELISCUNHA: dgtgtr   49E09B4F
    12 de Novembro de 2024, 12:25
  • JPratas: try65hytr Pessoal  classic k7y8j0 yu7gh8
    12 de Novembro de 2024, 01:59
  • j.s.: try65hytr a todos  4tj97u<z
    11 de Novembro de 2024, 19:31
  • cereal killa: try65hytr pessoal  2dgh8i
    11 de Novembro de 2024, 18:16
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    09 de Novembro de 2024, 11:43
  • JPratas: try65hytr Pessoal  classic k7y8j0
    08 de Novembro de 2024, 01:42
  • j.s.: try65hytr a todos  49E09B4F
    07 de Novembro de 2024, 18:10
  • JPratas: dgtgtr Pessoal  49E09B4F k7y8j0
    06 de Novembro de 2024, 17:19

Autor Tópico: Practical Cyber Threat Hunting  (Lida 245 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 117428
  • Karma: +0/-0
Practical Cyber Threat Hunting
« em: 21 de Maio de 2020, 08:22 »

Practical Cyber Threat Hunting
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 44100 Hz
Language: English | Size: 4.64 GB | Duration: 7.5 hours

What you'll learn
Students will gain abilities like Network forensic skills, Memory Forensic skills threat hunting over ELK incident response skills for APT analysis and more. In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like IOC, TTP, Cyber Kill Chain Model, Incident Response Steps. I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.

Requirements
Knowledge of Basic TCP/IP Basic Attack techniques lile SQL injection, RCE and others.
Description
In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like IOC, TTP, Cyber Kill Chain Model, Incident Response Steps. I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.

Important Note: My Udemy Training only includes the videos. Memory images, pcaps and virtual machines aren't shared in Udemy. I am creating lab environment in a different platform in Cloud and when I complete the Lab network in cloud I will announce and You can purchase separately from this.

Who this course is for:
Who want to be member of Blue Team Or Purple Team As a Threat Intelligence Analyst Or Incident Responder Or Threat Hunter

Screenshots


Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction