This course will teach you the advanced features included in your Maltego Client. After this course, you will be able to create custom Entities, use the advanced options included with the Maltego Standard Transforms, and collaborate with colleagues.
This intermediate-level, 3-day-long intensive course dives deep into Modern Initial Access and Evasion tactics, which were effective on numerous engagements delivered in tightly monitored environments. The author will share his insights regarding strategies that made his malware accomplish engagement objectives, side by side with aggressively configured AVs & EDRs. Designing modern Red Team malware carriers smuggled in scripts, executables, and HTML websites are only some areas the course focuses on. We will explore numerous technical concepts and file formats. Craft advanced malicious Office documents, shellcode loaders, smuggling payloads, and other infected scripts that will help us reach target systems effectively. By applying modern AV & EDR evasion techniques into custom-crafted Red Team weaponry, capable teams will be equipped with the knowledge to succeed during adversary simulations even in the rapidly changing threat surface landscape. This course focuses on that – telling effective techniques apart from ones that no longer work.
Classic Initial Access
New Hope
Executables & Shellcode Loaders
Maldocs
In this CSP course, you will apply all the knowledge and skills taught in the CSL course to crack real software. Real software are commercial proprietary software. We are doing this for educational purposes and not to harm software developers. This skill and knowledge benefits developers in that they are better able to secure their software. The concept is similar to ethical hacking – the only way to defend against hackers is to know how hackers break in. Similarly, for software security. The best way to improve software security is to learn how software is being cracked.
Cracking Software Legally (CSL) course is reverse engineering training and software penetration testing legally. In this course, you will learn about reverse engineering and Assembly language. Also, this course will provide valuable information for people who work in the field of Malware Analysis and Exploit Development. Gives.
The ability to perform digital investigations and incident response is a critical skill for many occupations. Unfortunately, digital investigators frequently lack the training or experience to take advantage of the volatile artifacts found in physical memory. Volatile memory contains valuable information about the runtime state of the system, provides the ability to link artifacts from traditional forensic analysis (network, file system, registry), and provides the ability to ascertain investigative leads that have been unbeknownst to most analysts. Malicious adversaries have been leveraging this knowledge disparity to undermine many aspects of the digital investigation process with such things as anti-forensics techniques, memory resident malware, kernel rootkits, and encryption (file systems, network traffic, etc.). The only way to turn-the-tables and defeat a creative digital human adversary is through talented analysts.
This course demonstrates why memory forensics is a critical component of the digital investigation process and how investigators can gain the upper hand. The course will consist of lectures on specific topics in Windows, Linux, and Mac OS X memory forensics followed by intense hands-on exercises to put the topics into real world contexts. Our goal is to give you practical experience with all the major facets of memory analysis. For example, you’ll defeat disk encryption, recover cached passwords, investigate insider theft, compliment network forensics with data you find in memory, and hunt for attackers throughout corporate networks. We still leave enough room for detecting common RATs and hacker tools, reversing packed/compressed malicious code, and generating timelines from memory. You’ll even customize your own automated memory artifact scanner and engage in a fast-paced, challenging CTF that involves corroborating evidence across multiple memory samples (i.e., Windows PCs, Linux servers).
