Detailed Course Outline
Cybersecurity basics
- What is hacking?
- What is IT security?
- Attackers, motivation and tactics
- General definitions and metrics
- Attack techniques and tactics according to Mitre Att&ck
Current trends
- Current metrics
- Proven attack techniques
- Cybersecurity trends and current threat situation
Initial infection
- Types of social engineering
- Password-based attacks
- Advantages and disadvantages of password policies
- Phishing and bypassing MFA / 2FA
- M365 attacks
- Adversary-in-the-browser attack
- Browser-in-the-browser attack
- Recognizing and preventing phishing
- Email-based attacks
- Browser-based attacks
- Attacks with peripheral devices
- Exploit vs. social engineering
- Physical attacks
Infrastructure security
- Introduction of the attack chain
- Enumeration and footprinting
- Discovery and port scanning
- Off-line cracking
- Reverse and bind shells
- Evaluation of vulnerabilities
- Command injections, webshells and SSRF
- Introduction to Metasploit
Linux Security
- Linux basics
- Linux Exploitation
- Lateral movement and pivoting
- Privilege Escalation
- Post-exploitation
- Case Studies
Windows Security
- Windows basics
- Windows Credential System
- NG Firewall Invasion
- Pivoting
- Memory Corruptions
- Exploit Mitigations
- Meterpreter advanced
- Keylogging
- Client-Side Exploitation
- Sysinternals Suite
- Library hijacking
Active Directory Security
- Active Directory basics
- Coercion attacks
- Passing on the hash (PTH)
- Passing on the ticket (PTT)
- Golden tickets, silver tickets
- Impersonation
- Kerberoasting
- Over-pass the Hash / Pass the Key
- Skeleton key
- Machine account quota
- AdminSDHolder
- Enterprise access model
- Privileged Access Workstations
Evasion
- Native Malware, Powershell Malware, .NET Malware
- A/V evasion
- Exfiltration and C+C
Post-exploitation
- Native and meterpreter commands for post-exploitation
- Living-off-the-land attacks
- Fileless malware
- Lateral Movemenent (RDP, WMI, WinRM, DCOM RPC)
Defense in Depth
- Windows hardening
- Active Directory Hardening
- The Kill Chain
- Network defense
- Basics of ISMS
- Advanced network defense
- Threat modeling and protecting crown jewels
- Setting up and operating security operation centers
- Incident response policies
- Threat intelligence
Ransomware defense
- Backup strategy
- RPO and RTO
- Recovery strategy
- Ransomware protection
- To pay or not to pay?
- Decryption considerations
- Tools
Web security
- Introduction to web applications, services and http
- OWASP TOP 10
- Dealing with browser developer tools
- Web vulnerabilities on the server side (SSRF, command injections, deserialization, SQLi, file inclusion)
- Browser-supported web vulnerabilities (XSS, XSRF, etc)
- Vulnerabilities in web services
Ask me Anything with trainer
- Open question and answer session
- Discussion of current projects
- Deepening
Network security
- Introduction to Wireshark and Scapy
- Different types of MiTM attacks
- Sniffing and injection
- Switching security
- Microsegementation
- Wifi security main threats
- Attacks on TCP/IP stack
- TCP, UDP, IPv4/ IPv6 threats
- Network access control
Secure communication
- Encryption basics
- Different cryptosuites
- Public key infrastructures
- Crypto-Hardening
- Practical use of cryptography
- Introduction to TLS/SSL
- TLS/SSL attacks and defense
- Hard disk encryption
Denial of service
- Types of denial of service
- Motives of the attackers
- Memory corruption DoS
- Focus on volume-based DDoS
- Defense against denial of service
- Incident response for DoS
Case studies and exercises
Basics
- Setting up a phishing page
- DNS reconnaissance
- Port scanning
- Exchange-Exploitation
Linux
- Exploitation of a Linux server
- Post-exploitation of the Linux server
- Linux lateral movement
- Heartbleed
Windows
- Pivot to Windows
- Lateral movement in Active Directory - Coercion attack
- Kerberoasting
- Post-Exploitation
Web
- Web bruteforcing
- XSS vulnerability
- SQL Injection
- Exploitation Wordpress RCE
Networking
- Scapy basics
- Analysis of MiTM attacks
- Wireshark basics
- VoIP interception of WebRTC traffic
- TLS stripping with HSTS bypass
Demos
- Attack on Keepass
- Windows DLL hijacking
- Examples from Virustotal and Any.run
- Backdoor with MSFvenom
- Targeted breaking of an A/V signature