نویسنده: Admin

This course is geared for those interested in seeing how Security Onion is used practically to triage alerts, hunt for threats, as well as build new detections. This course consists of three case studies that briefly cover the 3 most common workflows used in Security Onion:

Case Study 1: Alert Triage & Case Creation – This case study walks through how to triage alerts within the alerts interface including escalation to TheHive.
Case Study 2: Threat Hunting – This case study focuses on threat hunting within Security Onion using the Hunt interface, targeting SSL & Sysmon logs.
Case Study 3: Detection Engineering – This case study covers ingesting Google Workspace audit logs into Security Onion and writing Sigma rules within Playbook targeting these new logs.

Practical Analysis with Security Onion 2.3

ادامه مطلب

This course is geared for those wanting to understand how to build a Detection Playbook with Security Onion 2.3. Students will gain both a theoretical and practical understanding of building detections in Security Onion, reinforced with real-life examples from network and host datasources.

Syllabus

Course Welcome & Introduction to Security Onion
Security Onion Installation

tDetection Engineering
tKey Components of a Play
Operationalizing Plays with Sigma

Getting Started with Playbook
Creating New Plays

Developing Your Detection Playbook with Security Onion 2.3

ادامه مطلب

This course is geared for administrators of Security Onion 2.3. Students will gain a foundational understanding of the platform – how to architect, deploy, manage and tune their Security Onion 2.3 grid.

Syllabus

Preview Course Welcome & Introduction to Security Onion

Overall Architecture
Installation – Manager Node
Installation – Search Node
Installation – Forward Node

Grid Management with Salt
Grid User Management
Grid Firewall Management
Grid Updates
Grid Hardening

Security Onion 2.3 in Production

ادامه مطلب

The topic of Hardware Hacking is one of the topics that is rarely addressed and mentioned in official courses, but nevertheless it is one of the most important techniques required for hackers who intend to carry out field and physical attacks. This package includes videos from conferences like DefCon on this topic, hands-on courses, lots of books, YouTube videos and blogs. In this course, you will learn a wide range of topics such as making (Rubber Ducky) BAD USB, FPGA attacks, security testing of switches and routers, Wifi jamming, direct attacks on Memory, attacks on Mouse, etc. This package includes more than 40 hours of educational videos and many books. To know the names of the courses and books in this package, you can watch the video of this article.

Complete Hardware Hacking Package

ادامه مطلب

Learn how to design, build and maintain your own C2 Framework codebase from scratch.  Build a RESTful API-driven Team Server, and a .NET Framework Implant with a variety of post-exploitation capabilities. Design and build Unit Tests to automatically test your code and prevent regression bugs.

Syllabes

Getting Started
Team Server
Agent
Testing
Final Code

C2 Development in C Sharp

ادامه مطلب

Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming. Students will first cover the core concepts of adversary simulation, command & control, engagement planning and reporting. They will then go through each stage of the attack lifecycle – from initial compromise to full domain takeover, data hunting and exfiltration.  Students will learn how common “OPSEC failures” can lead to detection by defenders, and how to carry out those attacks in a stealthier way. Finally, they will learn how to bypass defences such as Windows Defender, AMSI and AppLocker.

Syllabus

Getting Started
Command & Control
External Reconnaissance
Initial Compromise
Host Reconnaissance
Host Persistence
Host Privilege Escalation
Host Persistence (Reprised)
Credential Theft
Password Cracking Tips & Tricks
Domain Reconnaissance
User Impersonation
Lateral Movement
Session Passing
Pivoting
Data Protection API
Kerberos
Active Directory Certificate Services
Group Policy
MS SQL Servers
Microsoft Configuration Manager
Domain Dominance
Forest & Domain Trusts
Local Administrator Password Solution
Microsoft Defender Antivirus
Application Whitelisting
Data Hunting & Exfiltration
Extending Cobalt Strike
Exam Preparation

Zero Point Security: Red Team Ops

ادامه مطلب