Ethical Hacking/Complete RED TEAM OPERATIONS in Practical

سرفصل های دوره

Start from 0 & learn both topics Red team and Blue team. The only course you can learn about how TA hack organization

1. Introduction(Red Team Operations)

1. Introduction to the course

2. Disclaimer

2. LOLBin for Red Teamers and Threat Hunters

1. What Is LOLBin

2. Abusing Rundll32.exe

3. Abusing Certutil.exe

4. Abusing BITSAdmin.exe

5. Abusing Conhost.exe

6. Abusing MSHTA.exe

7. Abusing Reg.exe

8. Abusing Wscript.exe

9. Abusing PowerShell.exe

10. Abusing WMIC.exe

11. Abusing Rclone and Vssadmin

12. Attack flow using LOLBin

3. Working with Windows Processes

1. Overview about Process and Threads

2. Overview about DLLs and APIs

3. Process Creation Step by Step

4. Process chain for Malwares

4. MITRE ATT&CK framework discussion

1. MITRE ATT&CK framework and its Origin

5. Open source intelligence (OSINT) for Red and Blue Teamers

1. Comprehensive exploration of OSINT for Red and Blue Teamers

6. Persistence techniques for Red and Blue Teamers

1. Persistence Registry Run Keys

2. Persistence Startup Folder

3. Persistence Windows Management Instrumentation (WMI)

4. Persistence Scheduled tasks

5. Persistence - Services

7. Investigating defensive mechanisms and methods to evade antivirus and EDR

1. Exploring research on static, dynamic, and heuristic engines

2. Process Injection Dll Injection Process Hollowing attacks

3. DLL Hijacking

4. Refining the obfuscation technique through the method of renaming

5. Control flow Obfuscation

6. Hooking and Unhooking

7. Understanding AMSI Overview and Methods to Bypass

8. Red + Blue Team Operation - Initial Access Phase

1. Developing Shellcode for Process Injection Techniques.

2. Process Injection Code Overview

3. Gaining Initial Access via Process Injection Techniques.

4. Investigating Reverse Connection

5. Leveraging External Remote Services for Initial Access.

6. Gaining Initial Access via Phishing Tactics.

7. Leveraging Public-Facing Applications for Initial Access.

8. Utilizing Supply Chain Attacks for Initial Access.

9. Red + Blue Team Operation - Defence Evasion Phase

1. Disabling Windows Defender Protection.

2. Configuring Exclusions in Windows Defender.

3. Bypassing Windows Defender and EDR with an Anti-Rootkit Tool.

4. Using DISM to Deactivate Windows Defender.

10. Red + Blue Team Operation - Post Exploitation Phase

1. Exploration of Cobalt Strike and Reversing Encoded Compressed Obfuscated Script

2. Payload Delivery Utilizing bitsadmin.exe.

3. Elimination of Indicators - Time Stomping Attack

4. Execution through Command and Scripting Interpreter

11. Red + Blue Team Operation - Persistence phase

1. Adding a Cobalt Strike Payload in the Run Key Registry.

2. Placing the Payload in the Start-up Folder.

3. Adopting a Threat Actors Perspective for Scheduled Task Placement

4. Create an account to maintain access

5. Manipulate user accounts to maintain access

6. Enable and Disable the account

12. Red + Blue Team Operation - Privilege Escalation

1. UAC Bypass and Elevate from Medium to High Integrity.

2. Utilizing the LUA Registry Key for UAC Deactivation.

3. UAC token Duplication Attack

4. Comprehensive Exploration of Windows Named Pipes.

5. Named Pipe Impersonation Attack

6. Elevate Privilege through Service Control Manager

7. Exploiting vulnerabilities to elevate the Privilege

8. Unquoted Service Paths misconfiguration

9. Hunting password files in a target machine

13. Red + Blue Team Operation - Credential Access

1. What is LSASS.exe

2. Obtaining credentials via the WDigest protocol.

3. Extracting data from lsass.exe process and retrieving confidential information

4. Diverse Approaches for Extracting Data from the lsass.exe Process

5. NTLM Password cracking

6. Stealing Browser login datas

7. Credential Access through SAM and SYSTEM Hives

14. Red + Blue Team Operation - Lateral Movement

1. RDP enable Via Registry

2. Modify System firewall to enable the RDP Connections

3.1 Impacket libraries.html

3.2 windows-admin-shares.html

3. Laterally Move Through Impacket

4. Investigation and IR plan for a lateral movement

15. Red + Blue Team Operation - Exfiltration

1. Exfiltrating Confidential Information

2. Exfiltration through third party Application

3. The Stealbit Exfiltration Tool

16. Red + Blue Team Operation - Impact

1. Deleting Shadow copies from the Machine

2. Modify Boot Status policies

3. Deleting Event Logs from the target Machine

4. Executing Ransomware Binary to the Target Machine

5. IR plan for a Ransomware Attack

17. Blue Team Operations - Investigation

1. Investigating 4624 and 4625 Events

2. Investigating 7045 and 7034 Events

3. Investigating Scheduled task creation Events

4. Investigating SMB and RDP Activity

5. Investigating SRUM Data

6. Investigating Browser History

18. History of Ransomwares

1. Akira Ransomware

2. Ryuk Ransomware

3. Lockbit Ransomware

19. Conclusion

1. Red + Blue Teamers - Course Conclusion

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy