ＨｉｄｅＺｅｒｏＯｎｅ

Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. This course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today, based on the instructor’s many years of ongoing experience in testing … real webapps today.

Antisyphon: Modern WebApp Pentesting w/ BB King

Incident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.

Antisyphon: Network Forensics and Incident Response w/ Troy Wojewoda

Getting a foothold is the first step in a successful breach—be it in the form of user credentials, email access, or code execution on a target system. This course will provide students with the fundamental skills and know-how to perform the most common attacks used to get an initial foothold during a red team exercise. Since Microsoft products and services are the most widespread platform in use by organizations, Office 365 and Microsoft Windows will be the primary targets of student exercises. Core concepts will also be discussed so that students can apply the lessons learned to other platforms in the future.

Regular expressions are universally embedded in the world of information technology. They are a part of many programming languages, databases, search engines, and command-line tools. As an information security professional, you are continuously analyzing textual data for indicators of compromise, juicy data morsels to exfiltrate, forensic artifacts, supporting evidence in threat hunting, and so much more. Familiarity with regular expressions is a skill, a very life-enhancing essence if you like, to take your information security analysis capabilities from “just ok” to “wizard level.” They are applicable in so many places that you really cannot afford to not have this knowledge.Join me for a four-hour session that takes you on a journey through regular expression POSIX, BRE, ERE, and PCRE syntax and explores various tools that you probably use daily through the lens of regular expressions. Your life will be forever changed when you can apply the power of regular expressions to your professional duties.

Antisyphon: Regular Expressions, Your New Lifestyle w/ Joff Thyer

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the addition of MITRE Shield, you now have a 360 degree view of attack scenarios and the data and capabilities needed to stop them.

Syllabus

Introduction
Network Analysis
OS Analysis
Infrastructure Analysis
File Analysis
Application Analysis
Incident Management
Threat Intelligence

Pluralsight: Blue Team Tools

This intense course covers the skills required to conduct a simulation of a sophisticated adversary, including the latest tradecraft and offensive tactics. During the training you will gain insight in to planning and conducting a red team operation including all the steps required to perform efficient opensource intelligence, design and automate the deployment of operational infrastructure, gain initial access and perform post-exploitation and lateral movement. You will learn how to bypass defensive controls including anti-virus, EDR, AMSI and application whitelisting that will leave you equipped to target even the most mature environments.

Syllabus

Introduction to red team operations

Active and passive reconnaissance

Infrastructure design concepts

Cobalt Strike and malleable profiles

Initial access techniques

Defensive evasion

Process Injection

Custom Tooling

Host triage

Persistence

Privilege escalation

Pivoting and lateral movement

Exploiting Active Directory

MacOS and Linux

MDSec: Adversary Simulation and Red Team Tactics