CBT Nuggets – Hacker Tools, Techniques, and Incident Handling (SEC504)

دوره آموزشی CBT Nuggets – Hacker Tools, Techniques, and Incident Handling (SEC504)، شما را برای شناسایی و پاسخ به تهدیدهایی امنیتی که شما در قلمرو دیجیتال با آن مواجه خواهید شد، آماده می کند و یک پاسخ را مطابق با نوع حمله به شما آموزش میدهد. یکی از اساسی‌ترین مهارت‌هایی که یک مدیر امنیتی می‌تواند به دست آورد، درک ابزارهایی است که افراد متخاصم برای نفوذ به شبکه‌ها و استخراج اطلاعات ارزشمند استفاده می‌کنند. این آموزش در مورد ابزارها، تکنیک‌ها و مدیریت حوادث مربوط به شناخت نقاط قوت و محدودیت‌های ابزارهایی است که علیه شما و شبکه‌تان به کار می‌روند تا بتوانید قبل از وقوع از آن‌ها جلوگیری کنید، در صورت انجام آن‌ها را متوقف کنید و بفهمید که بعد از آن چه اتفاقی افتاده است. پس از اتمام  آموزش دوره SEC504، می‌دانید که چگونه تهدیداتی را که شما به ناچار در حوزه دیجیتال با آن مواجه می‌شود، شناسایی کرده و به آن‌ها پاسخ دهید و یک پاسخ پویا را مطابق با حمله به کار بگیرید.

Date: 2022
Publisher: CBT Nuggets
Duration: 28H
VIDEOS: 232
By: Erik Choron

This intermediate SEC504 training prepares learners to detect and respond to threats that your company will inevitably face in the digital realm, deploying a dynamic response according to the attack. It’s a cliche to claim that the best defense is a strong offense, but in the case of digital security it’s a cliche that’s as true as it’s ever been. One of the most fundamental skills a security administrator can gain is an understanding of the tools that hostile actors use to penetrate networks and extract valuable information.

This training on hacker tools, techniques and incident handling is about recognizing the strengths and limitations of tools that will be deployed against you and your network so that you can prevent them before they occur, stop them when they do, and understand what happened afterward.

After finishing the videos in this SEC504 training, you’ll know how to detect and respond to threats that your company will inevitably face in the digital realm, deploying a dynamic response according to the attack.

For anyone who leads an IT team, this Cyber Security training can be used to onboard new security admins, curated into individual or team training plans, or as a Cyber Security reference resource.

SEC504: What You Need to Know

This SEC504 training has videos that cover cybersecurity tools, techniques, and topics including:

• Minimizing loss to your company and organization after a digital attack
• Building necessary protections to prevent and identify digital attacks
• Applying dynamic approaches to incident response to slow, mitigate, prevent, or respond to attacks on the fly
• Extracting useful information after an attack and generating useful reports

Who Should Take SEC504 Training?

This SEC504 training is considered associate-level Cyber Security training, which means it was designed for security admins. This incident response skills course is designed for security admins with three to five years of experience with cybersecurity tools and techniques.

New or aspiring security admins. Taking a course like this in hacker tools, techniques, and incident handling is a little bit like taking cooking classes from Gordon Ramsey before you’ve moved past Mac ‘n Cheese in your cooking ability. You’ll learn a ton, but a lot of what you’ll learn is a way of thinking about cybersecurity that can eventually be applied to your career.

Experienced security admins. A security administrator with about five years of experience is the perfect audience for this course in hacker tools, techniques, and incident handling. At that point in your career, you’re leaving behind the rote button-clicking and report-running of an early-career and approaching the dynamic, threat anticipation of a security engineer. Use this course to launch yourself into a more exciting and fulfilling cybersecurity career.

Incident Response
1. Incident response 1 min
2. Incident Handling Process 7 mins
3. Preparing for the Incident 5 mins
4. Event Detection 6 mins
5. Eradicate and Recover 6 mins
6. Writing Everything Up 8 mins
7. When is it a Legal Problem? 5 mins
8. Interfacing With Law Enforcement 5 mins

Digital Investigations
1. Digital Investigations 2 mins
2. Identify Digital Evidence 7 mins
3. Understanding the Disc 7 mins
4. Basics of Coding 7 mins
5. Network Devices 7 mins
6. Operating System 8 mins
7. Reading Materials 4 mins

Live Examination
1. Live Examination 1 min
2. Approaching the System 6 mins
3. Working with FTK 10 mins
4. Working with EnCase 4 mins
5. Watching the System Talk 8 mins
6. Cloning a System 11 mins
7. Moving to the Next Step 4 mins

Network Investigations
1. Network Investigations 1 min
2. Session Monitoring 8 mins
3. Too Many Connections 10 mins
4. Knowing the Boundaries 6 mins
5. Packet Reading Basics 11 mins
6. Network Analysis WITH SSL/TLS 6 mins

Memory Investigations
1. Memory Investigations 2 mins
2. How RAM Operates 8 mins
3. Volatile Memory 9 mins
4. Extracting the Memory 9 mins
5. Volatility 10 mins
6. Comparing to the System 5 mins

Malware Investigations
1. Malware Investigations 1 min
2. Know the Enemy 6 mins
3. Malware Alert! 6 mins
4. Finding the Malware 9 mins
5. The Hunt Begins 7 mins
6. What’s in the Payload? 5 mins
7. Find the Evidence on the Network 9 mins
8. Report the Findings 2 mins

Cloud Investigations
1. Cloud Investigations 2 mins
2. Identifying the Different Clouds 7 mins
3. Specializing Those Clouds 5 mins
4. Where is the cloud? 9 mins
5. Where are we going? 9 mins
6. Understand the flow 7 mins
7. Tool Usage 5 mins

Federal Rules of Evidence
1. Federal Rules of Evidence 6 mins
2. Daubert Standard 12 mins
3. Rule 702 6 mins
4. Rule 701 5 mins
5. Rule 901 6 mins
6. Rule 902 5 mins
7. Tying it all together 4 mins

MITRE ATT&CK Framework Introduction
1. MITRE ATT&CK Framework Introduction 1 min
2. Damage Assessment 8 mins
3. Enter the Matrix 9 mins
4. Organizational Assessment 10 mins
5. Whose Fault is it? 9 mins
6. Moving to Contain 9 mins

Open-Source Intelligence
1. Open-Source Intelligence 2 mins
2. Open-Source Legality 5 mins
3. Public Records 8 mins
4. Publications and Other Print 9 mins
5. Walking Around the Neighborhood 5 mins
6. The Google 6 mins
7. Time Traveling 5 mins
8. Technical Recon7 mins

DNS Interrogation
1. DNS Interrogation 1 min
2. What is DNS? 7 mins
3. DNS records 5 mins
4. Hijacking DNS 10 mins
5. Crafting DNS Packets 6 mins
6. Verify the DNS 7 mins
7. Zone Transfers 4 mins
8. DNS Defenses 6 mins

Website Reconnaissance
1. Website Reconnaissance 3 mins
2. Understand the Structure 9 mins
3. HTML Basics 9 mins
4. Behind the Scenes 7 mins
5. Crawling Around 9 mins
6. Network Signatures 5 mins

Network and Host Scanning with Nmap
1. Network and Host Scanning with Nmap 5 mins
2. Types of Scans 10 mins
3. What the Scans Look Like 10 mins
4. Dusting for Prints 11 mins
5. What’s Under the Mask? 8 mins

Enumerating Shadow Cloud Targets
1. Enumerating Shadow Cloud Targets 3 mins
2. Shadow Components 11 mins
3. Scanning for Clouds 12 mins
4. Finding the Key Master 10 mins
5. Great Cloud Attacks in History 7 mins

Server Message Block (SMB) Sessions
1. Server Message Block (SMB) Sessions 1 min
2. What is SMB? 6 mins
3. SMB Security Features 11 mins
4. Using SMB 8 mins
5. SMB Defense 6 mins
6. Exploiting SMB 13 mins

Defense Spotlight: DeepBlueCLI
1. DeepBlueCLI 1 min
2. Installing DeepBlueCLI 6 mins
3. Using DeepBlueCLI 8 mins
4. Using DeepBlueCLI For Tidbits 10 mins
5. The Alternatives 9 mins
6. Breaking Some Events 9 mins

Password Attacks
1. Password Attacks 2 mins
2. What to Attack 10 mins
3. When to Attack 7 mins
4. Where to Attack 10 mins
5. Why (How) to Attack 7 mins
6. Crossing the Rainbow Bridge 11 mins
7. Rainbow Addendum 5 mins

Microsoft 365 Attacks
1. Microsoft 365 Attacks 3 mins
2. Out with the old… 11 mins
3. Phishing is Still an Issue 6 mins
4. If We Can’t Play, No One Can 9 mins
5. Crossing the Different Sites 8 mins
6. Pivoting and Traffic Analysis 9 mins

Understanding Password Hashes
1. Understanding Password Hashes 1 min
2. What is Hashing? 6 mins
3. Which Hash to Pick? 7 mins
4. Hash Collisions 6 mins
5. Is Hashing Enough? 8 mins
6. Building Some Known Hashes 8 mins
7. Custom Hash Tables 9 mins

Password Attack Examples
1. Password Attack Exercise 1 min
2. Hiren (boot disc) 10 mins
3. Salting our Passwords 9 mins
4. Hashcat 8 mins
5. John the Ripper 10 mins
6. Network Device Cracking 10 mins

Cloud Spotlight – Insecure Storage
1. Cloud Spotlight – Insecure Storage 2 mins
2. The Harm in Sharing Too Much 6 mins
3. Default Storage in Windows 12 mins
4. File Sharing in Windows Server 9 mins
5. POSIX-based File Permissions 8 mins
6. Sharing on a Web Server in IIS 7 mins

Multi-Purpose Netcat
1. Multi-purpose Netcat 2 mins
2. What is Netcat? 8 mins
3. Making Someone Use Netcat 11 mins
4. What Does Netcat Look Like on the Network 10 mins
5. Command Access 9 mins
6. Covering the Tracks 10 mins

Metasploit Framework
1. Metasploit Framework 5 mins
2. Metasploit on Kali 11 mins
3. Systems Without Metasploit 11 mins
4. How to Prep the Target 6 mins
5. Other Metasploit Add-Ins 5 mins
6. Options Outside of Metasploit5 mins

Drive-By Attacks
1. Drive-By Attacks 1 min
2. How a Drive-By Attack is Planned 11 mins
3. Usual Suspects 9 mins
4. Turning the Sandbox into a Honeypot 13 mins
5. Analyze an Attack to Build Against it 7 mins
6. Using Those Results to Help 4 mins

Defense Spotlight: System Resource Usage Monitor
1. System Resource Usage Monitor 1 min
2. Windows Resource Monitor 14 mins
3. Windows Process IDs 10 mins
4. POSIX-Based Resource Monitors 6 mins
5. POSIX-Based Process IDs 8 mins
6. Sledding Season 9 mins
7. Making a NOP Sled 4 mins

Command Injection
1. Command Injection 1 min
2. The Good 8 mins
3. The Bad 13 mins
4. And The Ugly 11 mins
5. Where to Command Inject 8 mins
6. More Detailed Hunting 6 mins

Cross-Site Scripting (XSS)
1. Cross-Site Scripting (XSS) 2 mins
2. Common Weak Points 10 mins
3. Directory Browsing 7 mins
4. Using a Site as Our Own 9 mins
5. Third-party Protection 11 mins
6. XSS Review 5 mins

Cloud Spotlight – SSRF and IMDS Attacks
1. Cloud Spotlight – SSRF, IMDS, and SQL Injection Attacks 1 min
2. WebGoat 7 mins
3. Server-Side Request Forgery (SSRF) 8 mins
4. Cloud Instance Metadata Services Attack 8 mins
5. SQL Injection 12 mins
6. Famous for the Wrong Reasons 5 mins

Endpoint Security Bypass
1. Endpoint Security Bypass 2 mins
2. Bypassing Through Websites 11 mins
3. Piggybacking Off Trusted Applications 8 mins
4. It’s a Phony! 6 mins
5. Doing the Research 6 mins
6. Damage the Security 11 mins
7. Keep Updated 2 mins

Pivoting and Lateral Movement
1. Pivoting and Lateral Movement 2 mins
2. What’s the Point? 8 mins
3. Digging on the Initial System 10 mins
4. I’m Not Done With You Yet! 8 mins
5. Persistence 11 mins
6. Internal Threats 5 mins

Hijacking Attacks
1. Hijacking Attacks 1 min
2. Predictability 9 mins
3. Hijacks on the Client Side 7 mins
4. Man-in-the-Middle 6 mins
5. Man-in-the-Browse 9 mins
6. Sending a Care Package 9 mins
7. Back to the Classics 4 mins

Covering Tracks
1. Covering Tracks 2 mins
2. Why Cover Your Tracks 5 mins
3. Event Logs 12 mins
4. Network Traffic 14 mins
5. It Wasn’t Me! 6 mins
6. Destroy the Evidence 6 mins

Establishing Persistence
1. Establishing Persistence 2 mins
2. What is Establishing Persistence? 10 mins
3. Applying Open-Source Intelligence 8 mins
4. Reconnaissance Information-Gathering 12 mins
5. Post-Exploitation 5 mins
6. Cloud Post-Exploitation 8 mins

Data Collection
1. Data Collection 1 min
2. Importance 8 mins
3. Choosing and Configuring Exploits 11 mins
4. Delivering Those Exploits 9 mins
5. Real Intelligence Threat Aalytics 10 mins
6. Where to go From Here 7 mins

Attacking Windows Active Directory
1. Attacking Windows Active Directory 1 min
2. Knowing Active Directory 9 mins
3. Target Discovery and Enumeration 9 mins
4. Asset Compromise 10 mins
5. Internal Attacker Compromise Attribution 7 mins
6. Known Active Directory Attacks 4 mins
7. Email Compromises 6 mins

Password Spray, Guessing, and Credential Stuffing Attacks

1. Password Spray, Guessing, and Credential Stuffing Attacks 1 min
2. Password Spraying 10 mins
3. Password Guessing 11 mins
4. Credential Stuffing 8 mins
5. Using the Same Thing Over and Over 9 mins
6. Time for Reviewing 5 mins