دسته: دوره ها

Threat hunting and Incident response tactics and procedures have evolved rapidly over the past several years. Your team can no longer afford to use antiquated incident response and threat hunting techniques that fail to properly identify compromised systems. The key is to constantly look for attacks that get past security systems, and to catch intrusions in progress, rather than after attackers have completed their objectives and done worse damage to the organization. For the incident responder, this process is known as ” threat hunting “. FOR508 teaches advanced skills to hunt, identify, counter, and recover from a wide range of threats within enterprise networks, including APT nation-state adversaries, organized crime syndicates, and ransomeware operators.

ادامه مطلب

FOR498, a digital forensic acquisition training course, provides the necessary skills to identify the many and varied data storage mediums in use today, and how to collect and preserve this data in a forensically sound manner despite how and where it may be stored. It covers digital acquisition from computers, portable devices, networks, and the cloud. It then teaches the student rapid triage, or the art and science of identifying and starting to extract actionable intelligence from a hard drive in 90 minutes or less.

Syllabus

FOR498.1: Scene Prep, Management, and Storage Interfaces
FOR498.2: Portable Devices and Acquisition Processes
FOR498.3: Triage and Data Acquisition
FOR498.4: Non-Traditional and Cloud Acquisition
FOR498.5: Apple Acquisition and Internet of Things
FOR498.6: Beyond the Forensic Tools: The Deeper Dive

FOR498: Digital Acquisition and Rapid Triage

ادامه مطلب

FOR500 builds comprehensive digital forensics knowledge of Microsoft Windows operating systems providing the means to recover, analyze, and authenticate forensic data, track user activity on the network, and organize findings for use in incident response, internal investigations, intellectual property theft inquiries, and civil or criminal litigation. Use this knowledge to validate security tools, enhance vulnerability assessments, identify insider threats, track hackers, and improve security policies. Detailed and real-world exercises teach the tools and techniques that every investigator should employ step-by-step to solve a forensic case. Newly updated to cover all Windows versions through Windows 11!

ادامه مطلب
Have you ever wondered about how web applications are attacked in the real world and what you can do to mitigate every attack? The Web Defense Professional Learning Path will illustrate exactly how each attack works, what the impact of each attack is, how to fix it, and how the exploit no longer works after the fix. This learning path will also give you in-depth, practical advice about how to simplify your defense and how to implement attack mitigations that actually work (regardless of you having access to the source code or not). In addition, it will cover mitigation advice for multiple platforms and languages, the OWASP Testing Guide, detailed techniques and methodology to simplify the defense of web applications, advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity, and more. The Web Defense Professional Learning Path also prepares you for the eWDP exam and certification.
ادامه مطلب

The Advanced Penetration Testing Learning Path provides all the advanced skills required to carry out a thorough and professional penetration test against modern networks and infrastructure, such as the ability to execute state-sponsored-like operations and advanced adversary simulations.

You must be familiar with PowerShell scripting, Active Directory administration and Windows internals knowledge, basic reverse engineering skills, and possess a good working knowledge of network protocols, as the content dives into all stages of a red-teaming engagement.

Learning path at a glance:
-Implementation details on numerous undocumented attacks
-Obscure ways of exploitation and backdooring
-Advanced client-side exploitation techniques
-Custom attack vector and payload creation
-Custom payload creation techniques
-In-depth analysis of Active Directory exploitation
-Stealthy lateral movement and evasion against modern defenses
-In-depth analysis of critical domain infrastructure exploitation
-In-depth details of common misconfigurations and weaknesses
-Details for covert operations and stealthy persistence

eCPTX

ادامه مطلب

If you’re looking for the most practical way into the exploit development and software security world look no further. The Exploit Development Student Learning Path provides not only the fundamentals of Windows and Linux exploit development but also covers advanced Windows and Linux exploit development techniques, as well as anti-exploit mechanism bypasses. In addition, you’ll learn software debugging, shellcoding, how to identify and fully exploit 0-day vulnerabilities, bypassing modern anti-exploit mechanisms, how to use tools such as Immunity Debugger, x32dbg, Mona, Pwntools, GDB, RopperThis, and more. This learning path also prepares you for the eCXD exam and certification.

eCXD

ادامه مطلب