دسته: موسسه های دیگر

User mode malware on Windows is ubiquitous and custom user mode implants are used regularly in red-team engagements. Knowledge of the latest malware techniques helps red teamers improve their custom tooling, malware analysts in taking apart malware, and anti-malware solution developers in designing behavioral solutions to detect malicious activity. The common theme amongst all Windows malware and implants is that they abuse the facilities provided by the Windows platform to achieve their objectives. Knowledge of the rich set of Windows APIs, understanding their usage in various stages of an implant, and leveraging them to detect and bypass various defenses in the system is essential for red and blue teamers. This training course takes attendees through a practical journey with a hands-on approach to teach them about the post-exploitation techniques used by PE file-based implants at every stage of their execution. Beneficial to both the offensive and the defensive side of the camp, the knowledge and hands-on experience gained in this training will help attendees with real-world red teaming engagements and in defending against both custom advanced persistent threat (APT) tooling and common-off-the-shelf (COTS) malware. Attendees will learn about how malware and implants interact with the latest version of Windows and how the different stages of malware abuse and exploit various components of Windows OS to achieve their goals and evade defenses.

ادامه مطلب

This intense course covers the skills required to conduct a simulation of a sophisticated adversary, including the latest tradecraft and offensive tactics. During the training you will gain insight in to planning and conducting a red team operation including all the steps required to perform efficient opensource intelligence, design and automate the deployment of operational infrastructure, gain initial access and perform post-exploitation and lateral movement. You will learn how to bypass defensive controls including anti-virus, EDR, AMSI and application whitelisting that will leave you equipped to target even the most mature environments.

Syllabus

Introduction to red team operations

Active and passive reconnaissance

Infrastructure design concepts

Cobalt Strike and malleable profiles

Initial access techniques

Defensive evasion

Process Injection

Custom Tooling

Host triage

Persistence

Privilege escalation

Pivoting and lateral movement

Exploiting Active Directory

MacOS and Linux

MDSec: Adversary Simulation and Red Team Tactics

ادامه مطلب

Through OALABS we want to bring you the kind of reverse engineering tutorials that we wished we had when we were first learning to analyze malware. With Patreon we offer access to a wide variety of tutorials and workshops aimed at all skill levels. Our RE101 level tutorials cover important topics like how to setup a malware analysis lab, as well as reverse engineering fundaments like learning assembly, and how to use a debugger. Our RE201 level tutorials cover malware analysis specific topics like how to bypass anti-analysis checks in malware, and how to resolve dynamic imports. Our RE504 level tutorials cover advanced reverse engineering topics like how to bypass software protectors such as Themida, and VMProtect. Patreon also allows us to maintain a set of free publicly available malware analysis tutorials on YouTube as well as weekly malware analysis streams on Twitch.

ادامه مطلب

You can find a comprehensive list of courses offered by Hackingloops on their website . They offer a wide range of courses on ethical hacking, penetration testing, cyber security, and web penetration testing techniques. You can also download a free guide that will show you step-by-step how to get started and set up your own lab today .

Here is a list of some of the courses offered by Hackingloops:

  • Ethical Hacking Course: This course covers the basics of ethical hacking, including information gathering, scanning, enumeration, and vulnerability analysis. It also covers advanced topics such as web application hacking, wireless network hacking, and social engineering.
  • Penetration Testing Course: This course covers the basics of penetration testing, including information gathering, scanning, enumeration, and vulnerability analysis. It also covers advanced topics such as web application penetration testing, wireless network penetration testing, and social engineering .
  • Cyber Security Course: This course covers the basics of cyber security, including network security, operating system security, and application security. It also covers advanced topics such as cloud security, mobile security, and IoT security .
  • Web Penetration Testing Course: This course covers the basics of web penetration testing, including information gathering, scanning, enumeration, and vulnerability analysis. It also covers advanced topics such as web application hacking, web application penetration testing, and web application security .

Hacking Loops

ادامه مطلب

The course will purely focus on Web/Server/Mobile offensive hacking using the Bug Bounty Hunter Mentality.

Syllabus

1. Information Security Concepts.
2. Advanced Reconnaissance Methodologies (10+ methodologies).
3. Advanced Network Scanning & Enumeration.
4. Systems Exploitation.
5. Vulnerability Assessment.
6. Web Hacking Vulnerabilities (Client Side bugs, Server Side bugs, Business Logic Bugs, Server Security Misconfigurations, Bypassing Security Controls, and much more…).
7. Mobile Hacking (Reverse Engineering, Static Analysis, Dynamic Analysis).
8. Source Code Analysis.
9. Forensics Analysis.

Advanced Reconnaissance & Bug Bounty Hacking Methodologies

ادامه مطلب

The RTFM Video Library is an invaluable resource for serious Red Team members who find themselves on critical missions. Led by a seasoned Red Team operator, this high-quality video series delves into various aspects of offensive security, providing practical guidance and insights.

Syllabus

1: Infrastructure Setup
2: Initial Access
3: Situational Awareness
4: User Level Persistence
5: Escalation
6: Lateral Movement
7: Active Directory Enumeration
8: Domain Fortification
9: Hunting for User Workstations
10: Active Directory Forest Compromise
11: Secret Enclave Compromise
12: Pivoting through Tunnels

RTFM – Red Team Field Manual

ادامه مطلب