دسته: دوره ها

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Further details on the MITRE ATT&CK® framework can be found at https://attack.mitre.org/ Our red team operations tooling courses map to the MITRE ATT&CK® matrix tactics, techniques, and procedures. Each course focuses on the use of a specific industry-standard, generally open source, tool to carry out adversary emulation. Knowing what a tool is and how it can perform a specific task, will ultimately lend to your ability as an organization or an individual to detect and defend against specific attack vectors.

Syllabus

Introduction

ATT&CK – Reconnaissance (TA0043)

ATT&CK – Resource Development (TA0042)

ATT&CK – Initial Access (TA0001)

ATT&CK – Execution (TA0002)

ATT&CK – Persistence (TA0003)

ATT&CK – Privilege Escalation (TA0004)

ATT&CK – Defense Evasion (TA0005)

ATT&CK – Credential Access (TA0006)

ATT&CK – Discovery (TA0007)

ATT&CK – Lateral Movement (TA0008)

ATT&CK – Collection (TA0009)

ATT&CK – Command and Control (TA0011)

ATT&CK – Exfiltration (TA0010)

ATT&CK – Impact (TA0040)

Pluralsight: Red Team Tools

ادامه مطلب

What is the use of Burp Suite? Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. Burp Suite is installed by default in Kali Linux. The tool is written in Java and developed by PortSwigger Web Security. The tool has three editions: a Community Edition that can be downloaded free of charge, a Professional Edition and an Enterprise Edition that can be purchased after a trial period. The Community edition has significantly reduced functionality. It intends to provide a comprehensive solution for web application security checks. In addition to basic functionality, such as proxy server, scanner and intruder, the tool also contains more advanced options such as a spider, a repeater, a decoder, a comparer, an extender and a sequencer.

Syllabus

Web Application Penetration Testing with Burp Suite

Advanced Web Application Penetration Testing with Burp Suite

Writing Burp Suite Macros and Plugins

Pluralsight: Web Security Testing with Burp Suite

ادامه مطلب

This skill focuses on creating shell scripts using Bash and/or Z Shell to automate just about any task on a UNIX system. With the skills here, you’ll maximize your productivity by using shell scripts to automate tasks and make your life easier.

Syllabus

Getting Started with Shell Scripting for Bash and Z Shell

Mastering Bash and Z Shell Scripting Syntax

Operationalizing Bash and Z Shell Scripts

Pluralsight: Shell Scripting with Bash and Z Shell

ادامه مطلب

NIST defines an Intrusion Detection System (IDS) as software that looks for suspicious activity and alerts administrators. In the NIST Special Publication 800-62 it goes on to say that it is a security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner. NIST Special Publication 800-161 states that an Intrusion Prevention System (IPS) is software that has all the capabilities of an intrusion detection system and can also attempt to stop possible incidents. Such systems are key in enterprise network security monitoring. This skills path is designed for anyone looking to learn and utilize the most popular open source IDS/IPS tools; Snort, Suricata and Zeek (formally Bro). The learner can study the tool that best fits their needs and environment or review all three. For each tool you will gain an understanding of the fundamentals of each tool in the getting started courses. You’ll then discover scripting and rule sets, before looking at extensions, frameworks and integrations. The final course will be utilizing the tools in an enterprise environment or for distributed operations. 

Syllabus

  1. Enterprise Security Monitoring with Snort
  2. Enterprise Security Monitoring with Suricata
  3. Enterprise Security Monitoring with Zeek (formerly Bro)

Pluralsight: Enterprise Security Monitoring with Open Source Network IDS & IPS

ادامه مطلب

Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services. This training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.

Antisyphon: Breaching the Cloud w/ Beau Bullock

ادامه مطلب

One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur. Much of this class is spent focusing on the IP, ICMP, UDP, and TCP headers. We will step through each of the fields within each header to ensure that the student understands how the data within that field plays a role in communications. This knowledge is deepened by observing the behavior in packet decodes, some of which are normal traffic while some are common attacks.

Antisyphon: Getting Started in Packet Decoding w/ Chris Brenton

ادامه مطلب