Top 5 Tools & Techniques for Penetration Testing course introduces the top five tools for penetration testing and bug bounties, providing practical knowledge for the information security industry. Participants will learn how to effectively use these tools in real-world scenarios.
Blitzscaling Security: Diary of a Security Engineer by Sparc Flow chronicles the journey of Alex, the inaugural security engineer at a rapidly growing startup. The narrative delves into Alex’s experiences, from the interview process to the initial months of establishing security protocols. It highlights interactions with various teams, communication challenges, vulnerability prioritization, and the tension between conventional security wisdom and practical application. The book emphasizes pragmatism and first principles, aiming to debunk prevalent myths in the security field that may be counterproductive.
Michael Bazzell has helped hundreds of celebrities, billionaires, and everyday citizens disappear completely from public view. He is now known in Hollywood as the guy who “fixes” things. Many of his previous books about privacy were mostly REACTIVE and he focused on ways to hide information, clean up an online presence, and sanitize public records to avoid unwanted exposure. This textbook is PROACTIVE. It is about starting over. It is the complete guide that he would give to any new client in an extreme situation. It leaves nothing out and provides explicit details of every step he takes to make someone completely disappear, including legal documents and a chronological order of tasks. For many, this is the only manual needed to secure a new private life.
It is time to look at OSINT in a different way. For many years, and within previous editions of this book, we have relied on external resources to supply our search tools, virtual environments, and investigation techniques. We have seen this protocol fail us when services shut down, websites disappear, and custom resources are dismantled due to outside pressures. This book aims to correct our dilemma. We will take control of our investigative resources and become self-reliant. There will be no more need for online search tools; we will make and host our own locally. We will no longer seek pre-built virtual machines; we will create and configure our own. The new OSINT professional must be self-sustaining and possess their own tools and resources. You will become a more proficient subject matter expert who will be armed with the knowledge and readiness to articulate the sources of your findings.
This new 11th edition contains hundreds of pages which have been updated to keep your OSINT investigative methods fresh. It also includes new online and offline search tools and a new Debian Linux OSINT virtual machine. Brand-new search methods for Facebook, Instagram, TikTok, LinkedIn, YouTube, and others ensure you have the latest techniques within your online investigation arsenal. An entire section is devoted to Methodology, Workflow, Documentation, and Ethics which provides a clear game plan for your next active investigation. All digital files are included via download. Today, we start over.
The Active Directory Penetration Tester Job Role Path is designed for individuals who aim to develop skills in pentesting large Active Directory (AD) networks and the components commonly found in such environments. This path equips students with the skills needed to evaluate the security of AD environments, navigate complex Windows networks, and identify elusive attack paths. This path includes advanced hands-on labs where participants will practice techniques such as Kerberos attacks, NTLM relay attacks, and the abuse of services like AD Certificate Services (ADCS), Exchange, WSUS, and MSSQL. Students will also learn how to exploit misconfigurations in Active Directory DACLs and Domain Trusts, perform evasion tactics in Windows environments, and leverage Command and Control (C2) frameworks for post-exploitation activities. By combining theoretical foundations with practical exercises and a structured methodology for identifying AD vulnerabilities, this path enables students to conduct professional security assessments on complex AD infrastructures and effectively report security weaknesses discovered by chaining multiple vulnerabilities.
The SOC Analyst Job Role Path is for newcomers to information security who aspire to become professional SOC analysts. This path covers core security monitoring and security analysis concepts and provides a deep understanding of the specialized tools, attack tactics, and methodology used by adversaries. Armed with the necessary theoretical background and multiple practical exercises, students will go through all security analysis stages, from traffic analysis and SIEM monitoring to DFIR activities and reporting. Upon completing this job role path, you will have obtained the practical skills and mindset necessary to monitor enterprise-level infrastructure and detect intrusions at an intermediate level. The SOC Analyst Prerequisites skill path can be considered prerequisite knowledge to be successful while working through this job role path.
