ＨｉｄｅＺｅｒｏＯｎｅ

Are you interested in proactively hunting for threats within an organization or becoming a stealthier penetration tester? The Threat Hunting Professional Learning Path will help you establish a proactive defense mentality as well as proactively hunt for threats in an organization’s network, endpoints, or perimeter and be several steps ahead of forthcoming adversaries. During the learning process, you will leverage tactical threat intelligence, memory forensics, endpoint/IDS/IPS events, uncommon data sources, and SIEM solutions among others. The Threat Hunting Professional Learning Path also prepares you for the eCTHPv2 exam and certification.

Learning path at a glance:

• Constantly fine-tune an organization’s defenses based on the latest attacker Techniques, Tactics, and Procedures
• Use threat intelligence or hypotheses to hunt for known and unknown threats
• Inspect network traffic and identify abnormal activity in it
• Perform memory forensics using Redline, Volatility, and a variety of tools to identify in-memory malware
• Use alternative data sources such as Sysmon and SilkETW to collect event logs
• Detect advanced hacking techniques such as AMSI bypasses, COM Hijacking, and sophisticated/evasive malware
• Use tools such as PowerShell, ELK, and Splunk to analyze Windows events and detect attacks such as DCSync, Kerberoasting, and obfuscated PowerShell commands.

Are you interested in learning how to professionally analyze, handle, and respond to security incidents on heterogeneous networks and assets? The Incident Handling & Response Professional Learning Path will help you understand the mechanics of modern cyber-attacks and how to detect them. This learning path will actually teach you how to effectively use and fine-tune open-source IDS, log management, and SIEM solutions in order to detect and even hunt for intrusions. Specifically, you will analyze traffic, flows, and endpoints, as well as utilize analytics and tactical threat intelligence during the learning process. The Incident Handling & Response Professional Learning Path also prepares you for the eCIR exam and certification.

The Advanced Penetration Testing Learning Path provides all the advanced skills required to carry out a thorough and professional penetration test against modern networks and infrastructure, such as the ability to execute state-sponsored-like operations and advanced adversary simulations.

You must be familiar with PowerShell scripting, Active Directory administration and Windows internals knowledge, basic reverse engineering skills, and possess a good working knowledge of network protocols, as the content dives into all stages of a red-teaming engagement.

Learning path at a glance:

• Implementation details on numerous undocumented attacks
• Obscure ways of exploitation and backdooring
• Advanced client-side exploitation techniques
• Custom attack vector and payload creation
• Custom payload creation techniques
• In-depth analysis of Active Directory exploitation
• Stealthy lateral movement and evasion against modern defenses
• In-depth analysis of critical domain infrastructure exploitation
• In-depth details of common misconfigurations and weaknesses
• Details for covert operations and stealthy persistence

Would you like to expand your knowledge of how to code simple iOS and Android applications in order to build real-world POCs and exploits? The Mobile Application Security and Penetration Testing Learning path give penetration testers and IT security professionals the practical skills to understand the technical threats and attack vectors targeting mobile devices. This learning path covers the process of identifying security issues on Android and iOS applications, using a wide variety of techniques including Reverse Engineering, Static/Dynamic/Runtime, and Network Analysis, as well as prepares you for the eMAPT exam and certification.

Interested in assessing and mitigating advanced web application risks an organization could potentially be exposed to? The Advanced Web Application Penetration Tester Professional Learning Path provides all the advanced skills necessary to carry out a thorough and advanced penetration test against modern web applications, as well as prepares you for the eWPTX exam and certification.

Learning path at a glance:

• Based on techniques professional pentesters useMaster advanced Web Application attacks & security tools
• In-depth Web Application Vulnerabilities analysis
• Covers XSS, SQL Injection, HTML5, and much more
• In-depth obfuscation and encoding techniques
• Bypassing filters and WAF techniques included
• Explore HTML5 and XML attacks vectors and exploits
• Explore advanced PHP, Java, Deserialization, LDAP, Server Side, and Authentication/SSO attacks
• Learn effective API & Cloud-powered Application penetration testing
• Demystifies Java RCE internals, attacking RMI-based JMX services, JNDI injection attacks, PHP Objection Instantiation, PHP Type Juggling, constructing Property Oriented Programming chains, and attacking memory-unsafe languages

If you are looking for the most practical way into the exploit development and software security world look no further. The Exploit Development Student Learning Path provides not only the fundamentals of Windows and Linux exploit development but also covers advanced Windows and Linux exploit development techniques, as well as anti-exploit mechanism bypasses.

Learning path at a glance:

• Based on techniques professional exploit developers use
• Thoroughly covers fundamental as well as advanced exploitation techniques
• Software debugging
• Shellcoding
• Covers both Windows and Linux exploit development
• Methodology on how to identify and fully exploit 0-day vulnerabilities
• Covers bypassing modern anti-exploit mechanisms
• Learn how to use tools like Immunity Debugger, x32dbg, Mona, Pwntools, GDB, Ropper, etc.