SEC588 will equip you with the latest cloud-focused penetration testing techniques and teach you how to assess cloud environments. The course dives into topics like cloud-based microservices, in-memory data stores, serverless functions, Kubernetes meshes, and containers. It also looks at how to identify and test cloud-first and cloud-native applications. You will also learn specific tactics for penetration testing in Azure and Amazon Web Services, particularly important given that AWS and Microsoft account for more than half the market. It is one thing to assess and secure a data center, but it takes a specialized skill set to evaluate and report on the risks to an organization if its cloud services are left insecure. 27 Hands-on Labs

ادامه مطلب

SEC580 will teach you how to apply the incredible capabilities of the Metasploit Framework in a comprehensive penetration testing and vulnerability assessment regimen. In this course, you will learn how Metasploit can fit into your day-to-day penetration testing assessment activities. You’ll gain an in-depth understanding of the Metasploit Framework far beyond how to exploit a remote system. You’ll also explore exploitation, post-exploitation reconnaissance, token manipulation, spear-phishing attacks, and the rich feature set of the Meterpreter, a customized shell environment specially created for exploiting and analyzing security flaws.

Syllabus

SEC580.1: Metasploit for Enterprise Penetration Testing – Section 1
SEC580.2: Metasploit for Enterprise Penetration Testing – Section 2
ادامه مطلب

The challenges faced by security professionals are constantly evolving, so there is a huge demand for those who can understand a technology problem and quickly develop a solution. If you have to wait on a vendor to develop a tool to recover a forensics artifact, or to either patch or exploit that new vulnerability, then you will always be behind. It is no longer an option for employers serious about information security to operate without the ability to rapidly develop their own tools. This course will give you the skills to develop solutions so that your organization can operate at the speed of the adversary. SEC573 is an immersive, self-paced, hands-on, and lab-intensive course. After covering the essentials required for people who have never coded before, the course will present students with real-world forensics, defensive, and offensive challenges. You will develop a malware dropper for an offensive operation; learn to search your logs for the latest attacks; develop code to carve forensics artifacts from memory, hard drives, and packets; automate the interaction with an online website’s API; and write a custom packet sniffer. Through fun and engaging labs, you’ll develop useful tools and build essential skills that will make you the most valuable member of your information security team. 128 Hands-on Labs + Capture-the-Flag Challenge

Syllabus

SEC573.1: Essentials Workshop with pyWars
SEC573.2: Essentials Workshop with MORE pyWars
SEC573.3: Defensive Python
SEC573.4: Forensics Python
SEC573.5: Offensive Python
SEC573.6: Capture-the-Flag Challenge

SEC573: Automating Information Security with Python

ادامه مطلب

SEC560 prepares you to conduct successful penetration testing for a modern enterprise, including on-premise systems, Azure, and Azure AD. You will learn the methodology and techniques used by real-world penetration testers in large organizations to identify and exploit vulnerabilities at scale and show real business risk to your organization. The course material is complemented with 30+ practical lab exercises concluding with an intensive, hands-on Capture-the-Flag exercise in which you will conduct a penetration test against a sample target organization and demonstrate the knowledge you have mastered.

Syllabus

SEC560.1: Comprehensive Penetration Test Planning, Scoping, Recon, and Scanning
SEC560.2: Initial Access, Payloads, and Situational Awareness
SEC560.3: Privilege Escalation, Persistence, and Password Attacks
SEC560.4: Lateral Movement and Reporting
SEC560.5: Domain Domination and Azure Annihilation
SEC560.6: Penetration Test and Capture-the-Flag Exercise

SEC560: Enterprise Penetration Testing

ادامه مطلب

SEC467 will prepare you to add social engineering skills to your security strategy. In this course, you will learn how to perform recon on targets using a wide variety of sites and tools, create and track phishing campaigns, and develop media payloads that effectively demonstrate compromise scenarios. You will also learn how to conduct pretexting exercises, and you will put what you have learned into practice with a fun Capture-the-Human exercise. SEC467 will open up new attack possibilities, help you better understand the human vulnerability in attacks, and provide you with hands-on practice with snares that have been proven effective.

Syllabus

SEC467.1: Social Engineering Fundamentals, Recon, and Phishing
SEC467.2: Media Drops and Payloads, Pretexting, Physical Testing, and Reporting

SEC467: Social Engineering for Security Professionals

ادامه مطلب

With Open-Source Intelligence (OSINT) being the engine of most major investigations in this digital age the need for a more advanced course was imminent. The data in almost every OSINT investigation becomes more complex to collect, exploit and analyze. For this OSINT practitioners all around the world have a need for performing OSINT at scale and means and methods to check and report on the reliability of their analysis for sound and unbiased reports. In SEC587 you will learn how to perform advanced OSINT Gathering & Analysis as well as understand and use common programming languages such as JSON and Python. SEC587 also will go into Dark Web and Financial (Cryptocurrency) topics as well as disinformation, advanced image and video OSINT analysis. This is an advanced fast-paced course that will give seasoned OSINT investigators new techniques and methodologies and entry-level OSINT analysts that extra depth in finding, collecting and analyzing data sources from all around the world.

Syllabus

SEC587.1: Disinformation and Coding for OSINT Efficiency
SEC587.2: Intelligence Analysis and Data Analysis with Python
SEC587.3: Sensitive Group Investigations and Video and Image Verification
SEC587.4: Sock Puppets, OPSEC, Dark Web and Cryptocurrency
SEC587.5: Automated Monitoring and Vehicle Tracking
SEC587.6: Capstone: Capture (and Present) the Flags

SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis

ادامه مطلب