Hacker Tools, Techniques, and Incident Handling (SEC504) Online Training

سرفصل های دوره

This intermediate SEC504 training prepares learners to detect and respond to threats that your company will inevitably face in the digital realm, deploying a dynamic response according to the attack.

It's a cliche to claim that the best defense is a strong offense, but in the case of digital security it's a cliche that's as true as it's ever been. One of the most fundamental skills a security administrator can gain is an understanding of the tools that hostile actors use to penetrate networks and extract valuable information.

1. Incident Response

1. Incident Response

2. Incident Handling Process

3. Preparing for the Incident

4. Event Detection

5. Eradicate and Recover

6. Writing Everything Up

7. When is it a Legal Problem

8. Interfacing With Law Enforcement

2. Digital Investigations

1. Digital Investigations

2. Identify Digital Evidence

3. Understanding the Disc

4. Basics of Coding

5. Network Devices

6. Operating Systems

7. Reading Materials

3. Live Examination

1. Live Examination -2

2. Approaching the System

3. Working with FTK

4. Working with EnCase

5. Watching the System Talk

6. Cloning a System

7. Moving to the Next Step

4. Network Investigations

1. Network Investigations

2. Session Monitoring

3. Too Many Connections

4. Knowing the Boundaries

5. Packet Reading Basics

6. Network Analysis WITH SSLTLS

5. Memory Investigations

1. Memory Investigations

2. How RAM Operates

3. Volatile Memory

4. Extracting the Memory

5. Volatility

6. Comparing to the System

memory investigations.zip

6. Malware Investigations

1. Malware Investigations

2. Know the Enemy

3. Malware Alert!

4. Finding the Malware

5. The Hunt Begins

6. Whats in the Payload

7. Find the Evidence on the Network

8. Report the Findings

7. Cloud Investigations

1. Cloud Investigations

2. Identifying the Different Clouds

3. Specializing Those Clouds

4. Where is the cloud

5. Where are we going

6. Understand the flow

7. Tool Usage

8. Federal Rules of Evidence

1. Federal Rules of Evidence

2. Daubert Standard

3. Rule 702

4. Rule 701

5. Rule 901

6. Rule 902

7. Tying it all together

9. MITRE ATTAndCK Framework Introduction

1. MITRE ATTAndCK Framework Introduction

2. Damage Assessment

3. Enter the Matrix

4. Organizational Assessment

5. Whose Fault is it

6. Moving to Contain

10. Open-Source Intelligence

1. Open-Source Intelligence

2. Open-Source Legality

3. Public Records

4. Publications and Other Print

5. Walking Around the Neighborhood

6. The Google

7. Time Traveling

8. Technical Recon

11. DNS Interrogation

1. DNS Interrogation

2. What is DNS

3. DNS records

4. Hijacking DNS

5. Crafting DNS Packets

6. Verify the DNS

7. Zone Transfers

8. DNS Defenses

12. Website Reconnaissance

1. Website Reconnaissance

2. Understand the Structure

3. HTML Basics

4. Behind the Scenes

5. Crawling Around

6. Network Signatures

13. Network and Host Scanning with Nmap

1. Network and Host Scanning with Nmap

2. Types of Scans

3. What the Scans Look Like

4. Dusting for Prints

5. Whats Under the Mask

14. Enumerating Shadow Cloud Targets

1. Enumerating Shadow Cloud Targets

2. Shadow Components

3. Scanning for Clouds

4. Finding the Key Master

5. Great Cloud Attacks in History

15. Server Message Block (SMB) Sessions

1. Server Message Block (SMB) Sessions

2. What is SMB

3. SMB Security Features

4. Using SMB

5. SMB Defense

6. Exploiting SMB

16. Defense Spotlight DeepBlueCLI

1. DeepBlueCLI

2. Installing DeepBlueCLI

3. Using DeepBlueCLI

4. Using DeepBlueCLI For Tidbits

5. The Alternatives

6. Breaking Some Events

dfns sptlght dpblecli.zip

17. Password Attacks

1. Password Attacks

2. What to Attack

3. When to Attack

4. Where to Attack

5. Why (How) to Attack

6. Crossing the Rainbow Bridge

7. Rainbow Addendum

18. Microsoft 365 Attacks

1. Microsoft 365 Attacks

2. Out with the old

3. Phishing is Still an Issue

4. If We Cant Play No One Can

5. Crossing the Different Sites

6. Pivoting and Traffic Analysis

19. Understanding Password Hashes

1. Understanding Password Hashes

2. What is Hashing

3. Which Hash to Pick

4. Hash Collisions

5. Is Hashing Enough

6. Building Some Known Hashes

7. Custom Hash Tables

20. Password Attack Examples

1. Password Attack Exercise

2. Hiren (boot disc)

3. Salting our Passwords

4. Hashcat

5. John the Ripper

6. Network Device Cracking

21. Cloud Spotlight - Insecure Storage

1. Cloud Spotlight Insecure Storage

2. The Harm in Sharing Too Much

3. Default Storage in Windows

4. File Sharing in Windows Server

5. POSIX-based File Permissions

6. Sharing on a Web Server in IIS

22. Multi-Purpose Netcat

1. Multi-purpose Netcat

2. What is Netcat

3. Making Someone Use Netcat

4. What Does Netcat Look Like on the Network

5. Command Access

6. Covering the Tracks

23. Metasploit Framework

1. Metasploit Framework

2. Metasploit on Kali

3. Systems Without Metasploit

4. How to Prep the Target

5. Other Metasploit Add-Ins

6. Options Outside of Metasploit

24. Drive-By Attacks

1. Drive-By Attacks

2. How a Drive-By Attack is Planned

3. Usual Suspects

4. Turning the Sandbox into a Honeypot

5. Analyze an Attack to Build Against it

6. Using Those Results to Help

drv by ttcks.zip

25. Defense Spotlight System Resource Usage Monitor

1. System Resource Usage Monitor

2. Windows Resource Monitor

3. Windows Process IDs

4. POSIX-Based Resource Monitors

5. POSIX-Based Process IDs

6. Sledding Season

7. Making a NOP Sled

dfns sg mntr.zip

26. Command Injection

1. Command Injection

2. The Good

3. The Bad

4. And The Ugly

5. Where to Command Inject

6. More Detailed Hunting

cmmnd njctn.zip

27. Cross-Site Scripting (XSS)

1. Cross-Site Scripting (XSS)

2. Common Weak Points

3. Directory Browsing

4. Using a Site as Our Own

5. Third-party Protection

6. XSS Review

28. Cloud Spotlight - SSRF and IMDS Attacks

1. Cloud Spotlight SSRF IMDS and SQL Injection Attacks

2. WebGoat

3. Server-Side Request Forgery (SSRF)

4. Cloud Instance Metadata Services Attack

5. SQL Injection

6. Famous for the Wrong Reasons

29. Endpoint Security Bypass

1. Endpoint Security Bypass

2. Bypassing Through Websites

3. Piggybacking Off Trusted Applications

4. Its a Phony!

5. Doing the Research

6. Damage the Security

7. Keep Updated

30. Pivoting and Lateral Movement

1. Pivoting and Lateral Movement

2. Whats the Point

3. Digging on the Initial System

4. Im Not Done With You Yet!

5. Persistence

6. Internal Threats

pvtng ltrl mvmnt.zip

31. Hijacking Attacks

1. Hijacking Attacks

2. Predictability

3. Hijacks on the Client Side

4. Man-in-the-Middle

5. Man-in-the-Browser

6. Sending a Care Package

7. Back to the Classics

32. Covering Tracks

1. Covering Tracks

2. Why Cover Your Tracks

3. Event Logs

4. Network Traffic

5. It Wasnt Me!

6. Destroy the Evidence

33. Establishing Persistence

1. Establishing Persistence

2. What is Establishing Persistence

3. Applying Open-Source Intelligence

4. Reconnaissance Information-Gathering

5. Post-Exploitation

6. Cloud Post-Exploitation

34. Data Collection

1. Data Collection

2. Importance

3. Choosing and Configuring Exploits

4. Delivering Those Exploits

5. Real Intelligence Threat Analytics

6. Where to go From Here

35. Attacking Windows Active Directory

1. Attacking Windows Active Directory

2. Knowing Active Directory

3. Target Discovery and Enumeration

4. Asset Compromise

5. Internal Attacker Compromise Attribution

6. Known Active Directory Attacks

7. Email Compromises

36. Password Spray Guessing and Credential Stuffing Attacks

1. Password Spray Guessing and Credential Stuffing Attacks

2. Password Spraying

3. Password Guessing

4. Credential Stuffing

5. Using the Same Thing Over and Over

6. Time for Reviewing

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: CBT Nuggets