ＨｉｄｅＺｅｒｏＯｎｅ

The C|SCU curriculum is designed to educate computer users on the more practical aspects of networking and security, allowing them to expand their computer skills. Students will develop a foundational understanding of a variety of computer and network security concerns, including identity theft, credit card fraud, online banking phishing scams, malware, loss of sensitive information, and social engineering. This certification is an excellent complement to educational offerings in the domain of security and networking.

Are you looking to gain the theoretical and practical knowledge required to perform advanced reverse engineering of third-party software and malware on the assembly language level? The Reverse Engineering Professional Learning Path will teach you several methods to identify, isolate, and finally, analyze portions of code which are of high interest, as well as the most common Windows APIs utilized for file, memory, and registry manipulation by either software protections (such as packers) or malware. During the learning process, you will also get insights into the most common anti-reversing tricks, including different code obfuscation methods, and how to bypass them.

Learning path at a glance:

• Start from the basics up to highly technical chapters
• Learn about IA-32 CPU Architecture
• Learn about functions, stack frames, heaps, exceptions, important Ring3 Windows internal structures, PE file format
• Master ImmunityDBG
• Learn about important Ring3 Windows Internal Structures
• Learn different methods to locate the important algorithms
• Understand and bypass Anti-Reversing techniques
• Perform full manual unpacking on packed executables
• Practice-based course with dozens of guided exercises
• Challenge your mind with hardcore technical topics

Have you ever wondered about how web applications are attacked in the real world and what you can do to mitigate every attack? The Web Defense Professional Learning Path will illustrate exactly how each attack works, what the impact of each attack is, how to fix it, and how the exploit no longer works after the fix. This learning path will also give you in-depth, practical advice about how to simplify your defense and how to implement attack mitigations that actually work (regardless of you having access to the source code or not).

Learning path at a glance:

• Close the gap between Web application attack and defense
• Mitigation advice for multiple platforms and languages
• The most comprehensive and practical coverage of the OWASP Testing Guide
• Comprehensively aligned to OWASP methodologies, tools, and tests
• Covers and goes beyond OWASP TOP 10
• Detailed techniques and methodology to simplify the defense of web applications
• No boring theory: practice-oriented curriculum
• Over 20 different lab scenarios to practice with
• Advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity…
• Coverage of OWASP Cheat Sheets, OWASP OpenSAMM, OWASP ModSecurity Core Rule Set

Are you interested in dissecting malicious software in order to understand its mechanics and purpose? The Malware Analysis Professional Learning Path provides a holistic approach to reverse engineering and analyzing all aspects of malware. During the learning process, you will come across realistic and even real-world malware such as ransomware, botnets, and rats, against which you will perform reverse engineering, static analysis, and dynamic analysis activities.

Learning path at a glance:

• Learn about IA-32 CPU Architecture
• Entire module dedicated to x64 bit assembly
• Practical display and dive into the TLS method
• Understand how malware uses Windows APIs to achieve their malicious activity
• Understand and bypass Anti-Reversing techniques
• Perform full manual unpacking on packed executables
• Debug samples using different debuggers
• Learn different methods to locate the important algorithms

Have you ever wanted to learn how to perform digital forensics activities after an intrusion? The Digital Forensics Professional Learning Path will teach you how to identify and gather digital evidence as well as retrieve and analyze data from both the wire and endpoints. The Digital Forensics Professional Learning Path also prepares you for the eCDFP exam and certification.

This course is part of the Digital Forensics Professional Learning path which prepares you for the eCDFP exam and certification

Learning path at a glance:

• Learn how to acquire volatile and non-volatile data, using various techniques
• Dive into the structure of files and then, analyze file headers, malicious documents, and file metadata
• Become familiar with walking through partitions, recovering corrupted disks, and locating hidden data
• Learn how to analyze both FAT & NTFS file systems
• Get familiar with file carving and creating your own custom carving signatures
• Learn how to analyze the Windows registry, LNK files, prefetch files, and previously mounted USB devices
• Learn how to perform thorough investigations, against Skype, explorer’s shellbags, and Windows recycle bin
• Become proficient in forensically investigating network attacks

Are you interested in proactively hunting for threats within an organization or becoming a stealthier penetration tester? The Threat Hunting Professional Learning Path will help you establish a proactive defense mentality as well as proactively hunt for threats in an organization’s network, endpoints, or perimeter and be several steps ahead of forthcoming adversaries. During the learning process, you will leverage tactical threat intelligence, memory forensics, endpoint/IDS/IPS events, uncommon data sources, and SIEM solutions among others. The Threat Hunting Professional Learning Path also prepares you for the eCTHPv2 exam and certification.

Learning path at a glance:

• Constantly fine-tune an organization’s defenses based on the latest attacker Techniques, Tactics, and Procedures
• Use threat intelligence or hypotheses to hunt for known and unknown threats
• Inspect network traffic and identify abnormal activity in it
• Perform memory forensics using Redline, Volatility, and a variety of tools to identify in-memory malware
• Use alternative data sources such as Sysmon and SilkETW to collect event logs
• Detect advanced hacking techniques such as AMSI bypasses, COM Hijacking, and sophisticated/evasive malware
• Use tools such as PowerShell, ELK, and Splunk to analyze Windows events and detect attacks such as DCSync, Kerberoasting, and obfuscated PowerShell commands.