وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Ethical Hacking/Complete RED TEAM OPERATIONS in Practical

سرفصل های دوره

Start from 0 & learn both topics Red team and Blue team. The only course you can learn about how TA hack organization


1. Introduction(Red Team Operations)
  • 1. Introduction to the course
  • 2. Disclaimer

  • 2. LOLBin for Red Teamers and Threat Hunters
  • 1. What Is LOLBin
  • 2. Abusing Rundll32.exe
  • 3. Abusing Certutil.exe
  • 4. Abusing BITSAdmin.exe
  • 5. Abusing Conhost.exe
  • 6. Abusing MSHTA.exe
  • 7. Abusing Reg.exe
  • 8. Abusing Wscript.exe
  • 9. Abusing PowerShell.exe
  • 10. Abusing WMIC.exe
  • 11. Abusing Rclone and Vssadmin
  • 12. Attack flow using LOLBin

  • 3. Working with Windows Processes
  • 1. Overview about Process and Threads
  • 2. Overview about DLLs and APIs
  • 3. Process Creation Step by Step
  • 4. Process chain for Malwares

  • 4. MITRE ATT&CK framework discussion
  • 1. MITRE ATT&CK framework and its Origin

  • 5. Open source intelligence (OSINT) for Red and Blue Teamers
  • 1. Comprehensive exploration of OSINT for Red and Blue Teamers

  • 6. Persistence techniques for Red and Blue Teamers
  • 1. Persistence Registry Run Keys
  • 2. Persistence Startup Folder
  • 3. Persistence Windows Management Instrumentation (WMI)
  • 4. Persistence Scheduled tasks
  • 5. Persistence - Services

  • 7. Investigating defensive mechanisms and methods to evade antivirus and EDR
  • 1. Exploring research on static, dynamic, and heuristic engines
  • 2. Process Injection Dll Injection Process Hollowing attacks
  • 3. DLL Hijacking
  • 4. Refining the obfuscation technique through the method of renaming
  • 5. Control flow Obfuscation
  • 6. Hooking and Unhooking
  • 7. Understanding AMSI Overview and Methods to Bypass

  • 8. Red + Blue Team Operation - Initial Access Phase
  • 1. Developing Shellcode for Process Injection Techniques.
  • 2. Process Injection Code Overview
  • 3. Gaining Initial Access via Process Injection Techniques.
  • 4. Investigating Reverse Connection
  • 5. Leveraging External Remote Services for Initial Access.
  • 6. Gaining Initial Access via Phishing Tactics.
  • 7. Leveraging Public-Facing Applications for Initial Access.
  • 8. Utilizing Supply Chain Attacks for Initial Access.

  • 9. Red + Blue Team Operation - Defence Evasion Phase
  • 1. Disabling Windows Defender Protection.
  • 2. Configuring Exclusions in Windows Defender.
  • 3. Bypassing Windows Defender and EDR with an Anti-Rootkit Tool.
  • 4. Using DISM to Deactivate Windows Defender.

  • 10. Red + Blue Team Operation - Post Exploitation Phase
  • 1. Exploration of Cobalt Strike and Reversing Encoded Compressed Obfuscated Script
  • 2. Payload Delivery Utilizing bitsadmin.exe.
  • 3. Elimination of Indicators - Time Stomping Attack
  • 4. Execution through Command and Scripting Interpreter

  • 11. Red + Blue Team Operation - Persistence phase
  • 1. Adding a Cobalt Strike Payload in the Run Key Registry.
  • 2. Placing the Payload in the Start-up Folder.
  • 3. Adopting a Threat Actors Perspective for Scheduled Task Placement
  • 4. Create an account to maintain access
  • 5. Manipulate user accounts to maintain access
  • 6. Enable and Disable the account

  • 12. Red + Blue Team Operation - Privilege Escalation
  • 1. UAC Bypass and Elevate from Medium to High Integrity.
  • 2. Utilizing the LUA Registry Key for UAC Deactivation.
  • 3. UAC token Duplication Attack
  • 4. Comprehensive Exploration of Windows Named Pipes.
  • 5. Named Pipe Impersonation Attack
  • 6. Elevate Privilege through Service Control Manager
  • 7. Exploiting vulnerabilities to elevate the Privilege
  • 8. Unquoted Service Paths misconfiguration
  • 9. Hunting password files in a target machine

  • 13. Red + Blue Team Operation - Credential Access
  • 1. What is LSASS.exe
  • 2. Obtaining credentials via the WDigest protocol.
  • 3. Extracting data from lsass.exe process and retrieving confidential information
  • 4. Diverse Approaches for Extracting Data from the lsass.exe Process
  • 5. NTLM Password cracking
  • 6. Stealing Browser login datas
  • 7. Credential Access through SAM and SYSTEM Hives

  • 14. Red + Blue Team Operation - Lateral Movement
  • 1. RDP enable Via Registry
  • 2. Modify System firewall to enable the RDP Connections
  • 3.1 Impacket libraries.html
  • 3.2 windows-admin-shares.html
  • 3. Laterally Move Through Impacket
  • 4. Investigation and IR plan for a lateral movement

  • 15. Red + Blue Team Operation - Exfiltration
  • 1. Exfiltrating Confidential Information
  • 2. Exfiltration through third party Application
  • 3. The Stealbit Exfiltration Tool

  • 16. Red + Blue Team Operation - Impact
  • 1. Deleting Shadow copies from the Machine
  • 2. Modify Boot Status policies
  • 3. Deleting Event Logs from the target Machine
  • 4. Executing Ransomware Binary to the Target Machine
  • 5. IR plan for a Ransomware Attack

  • 17. Blue Team Operations - Investigation
  • 1. Investigating 4624 and 4625 Events
  • 2. Investigating 7045 and 7034 Events
  • 3. Investigating Scheduled task creation Events
  • 4. Investigating SMB and RDP Activity
  • 5. Investigating SRUM Data
  • 6. Investigating Browser History

  • 18. History of Ransomwares
  • 1. Akira Ransomware
  • 2. Ryuk Ransomware
  • 3. Lockbit Ransomware

  • 19. Conclusion
  • 1. Red + Blue Teamers - Course Conclusion
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 21729
    حجم: 6742 مگابایت
    مدت زمان: 885 دقیقه
    تاریخ انتشار: 8 آبان 1402
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید