ＨｉｄｅＺｅｒｏＯｎｅ

Have you ever wondered about how web applications are attacked in the real world and what you can do to mitigate every attack? The Web Defense Professional Learning Path will illustrate exactly how each attack works, what the impact of each attack is, how to fix it, and how the exploit no longer works after the fix. This learning path will also give you in-depth, practical advice about how to simplify your defense and how to implement attack mitigations that actually work (regardless of you having access to the source code or not).

Learning path at a glance:

• Close the gap between Web application attack and defense
• Mitigation advice for multiple platforms and languages
• The most comprehensive and practical coverage of the OWASP Testing Guide
• Comprehensively aligned to OWASP methodologies, tools, and tests
• Covers and goes beyond OWASP TOP 10
• Detailed techniques and methodology to simplify the defense of web applications
• No boring theory: practice-oriented curriculum
• Over 20 different lab scenarios to practice with
• Advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity…
• Coverage of OWASP Cheat Sheets, OWASP OpenSAMM, OWASP ModSecurity Core Rule Set

Are you interested in dissecting malicious software in order to understand its mechanics and purpose? The Malware Analysis Professional Learning Path provides a holistic approach to reverse engineering and analyzing all aspects of malware. During the learning process, you will come across realistic and even real-world malware such as ransomware, botnets, and rats, against which you will perform reverse engineering, static analysis, and dynamic analysis activities.

Learning path at a glance:

• Learn about IA-32 CPU Architecture
• Entire module dedicated to x64 bit assembly
• Practical display and dive into the TLS method
• Understand how malware uses Windows APIs to achieve their malicious activity
• Understand and bypass Anti-Reversing techniques
• Perform full manual unpacking on packed executables
• Debug samples using different debuggers
• Learn different methods to locate the important algorithms

Have you ever wanted to learn how to perform digital forensics activities after an intrusion? The Digital Forensics Professional Learning Path will teach you how to identify and gather digital evidence as well as retrieve and analyze data from both the wire and endpoints. The Digital Forensics Professional Learning Path also prepares you for the eCDFP exam and certification.

This course is part of the Digital Forensics Professional Learning path which prepares you for the eCDFP exam and certification

Learning path at a glance:

• Learn how to acquire volatile and non-volatile data, using various techniques
• Dive into the structure of files and then, analyze file headers, malicious documents, and file metadata
• Become familiar with walking through partitions, recovering corrupted disks, and locating hidden data
• Learn how to analyze both FAT & NTFS file systems
• Get familiar with file carving and creating your own custom carving signatures
• Learn how to analyze the Windows registry, LNK files, prefetch files, and previously mounted USB devices
• Learn how to perform thorough investigations, against Skype, explorer’s shellbags, and Windows recycle bin
• Become proficient in forensically investigating network attacks

The Threat Hunting Professional Learning Path is an in-depth collection of courses designed for cybersecurity practitioners seeking to develop proactive defense strategies. You’ll start by building a strong core foundation with the fundamentals, then advance through intelligence integration and hunting strategies. You’ll explore both network and endpoint threats, which will give you the practical skills needed to identify threats across a diverse array of environments. You’ll also learn how to effectively document and report findings in a timely and organized manner for post-investigation evidence gathering. By the end of this learning path, you’ll be equipped to carry out threat hunts quickly, efficiently, and in a way that improves and enhances organizational security posture.

Are you interested in learning how to professionally detect, analyze, and respond to real-world security incidents across modern enterprise environments? The Incident Handling & Response Professional Learning Path is designed to introduce you to the full incident response lifecycle and the daily operations of an incident responder, combining practical skills with real-world scenarios and tooling. This learning path will teach you how to prepare for incidents through planning and readiness, detect and triage threats using SIEM and endpoint data, and apply threat intelligence and threat hunting techniques to uncover stealthy attacks. You will also learn how to perform digital forensics to support investigations and response actions. The Incident Handling & Response Professional Learning Path also prepares you for the eCIR exam and certification.

The Advanced Penetration Testing Learning Path provides all the advanced skills required to carry out a thorough and professional penetration test against modern networks and infrastructure, such as the ability to execute state-sponsored-like operations and advanced adversary simulations.

You must be familiar with PowerShell scripting, Active Directory administration and Windows internals knowledge, basic reverse engineering skills, and possess a good working knowledge of network protocols, as the content dives into all stages of a red-teaming engagement.

Learning path at a glance:

• Implementation details on numerous undocumented attacks
• Obscure ways of exploitation and backdooring
• Advanced client-side exploitation techniques
• Custom attack vector and payload creation
• Custom payload creation techniques
• In-depth analysis of Active Directory exploitation
• Stealthy lateral movement and evasion against modern defenses
• In-depth analysis of critical domain infrastructure exploitation
• In-depth details of common misconfigurations and weaknesses
• Details for covert operations and stealthy persistence