Enrolment options
- Enrolled students: There are no students enrolled in this course.
Guests cannot access this course. Please log in.
Course content
Sections:
1
•
Activities:
1
•
Resources:
92
- Announcements
- 001 Introduction to the course yzC8 gitir
- 002 Disclaimer AlQy gitir
- 003 What Is LOLBin qcv3 gitir
- 004 Abusing Rundll32 exe 35pk gitir
- 005 Abusing Certutil exe 5SOQ gitir
- 006 Abusing BITSAdmin exe Ogcb gitir
- 007 Abusing Conhost exe 40DH gitir
- 008 Abusing MSHTA exe 0aEi gitir
- 009 Abusing Reg exe ZBWd gitir
- 010 Abusing Wscript exe I4jo gitir
- 011 Abusing PowerShell exe NlbL gitir
- 012 Abusing WMIC exe 3xIv gitir
- 013 Abusing Rclone and Vssadmin pEVY gitir
- 014 Attack flow using LOLBin yue5 gitir
- 015 Overview about Process and Threads b03N gitir
- 016 Overview about DLL s and API s xP80 gitir
- 017 Process Creation Step by Step EgZG gitir
- 018 Process chain for Malware s 2vwm gitir
- 019 MITRE ATT CK framework and its Origin VE9n gitir
- 020 Comprehensive exploration of OSINT for Red and Blue Teamers 8LeP gitir
- 021 Persistence Registry Run Keys glZG gitir
- 022 Persistence Startup Folder 04nT gitir
- 023 Persistence Windows Management Instrumentation WMI AHXM gitir
- 024 Persistence Scheduled tasks 3l0R gitir
- 025 Persistence Services 2cKU gitir
- 026 Exploring research on static dynamic and heuristic engines y4Fq gitir
- 027 Process Injection Dll Injection Process Hollowing attacks k0Ra gitir
- 028 DLL Hijacking H3iH gitir
- 029 Refining the obfuscation technique through the method of renaming ywgM gitir
- 030 Control flow Obfuscation Ayqy gitir
- 031 Hooking and Unhooking Q4w3 gitir
- 032 Understanding AMSI Overview and Methods to Bypass mBRq gitir
- 033 Developing Shellcode for Process Injection Techniques ctLA gitir
- 034 Process Injection Code Overview YGHW gitir
- 035 Gaining Initial Access via Process Injection Techniques FsOn gitir
- 036 Investigating Reverse Connection GNsl gitir
- 037 Leveraging External Remote Services for Initial Access SY4r gitir
- 038 Gaining Initial Access via Phishing Tactics BCFr gitir
- 039 Leveraging Public Facing Applications for Initial Access agYc gitir
- 040 Utilizing Supply Chain Attacks for Initial Access mAUI gitir
- 041 Disabling Windows Defender Protection j6qb gitir
- 042 Configuring Exclusions in Windows Defender qwFr gitir
- 043 Bypassing Windows Defender and EDR with an Anti Rootkit Tool VYXF gitir
- 044 Using DISM to Deactivate Windows Defender Ztwo gitir
- 045 Exploration of Cobalt Strike and Reversing Encoded Compressed Obfuscated Script CllC gitir
- 046 Payload Delivery Utilizing bitsadmin exe 0qsX gitir
- 047 Elimination of Indicators Time Stomping Attack PXBW gitir
- 048 Execution through Command and Scripting Interpreter q7KD gitir
- 049 Adding a Cobalt Strike Payload in the Run Key Registry OLU3 gitir
- 050 Placing the Payload in the Start up Folder xMdp gitir
- 051 Adopting a Threat Actor s Perspective for Scheduled Task Placement fRZG gitir
- 052 Create an account to maintain access IFvI gitir
- 053 Manipulate user accounts to maintain access uE1m gitir
- 054 Enable and Disable the account 6NgR gitir
- 055 UAC Bypass and Elevate from Medium to High Integrity I2s1 gitir
- 056 Utilizing the LUA Registry Key for UAC Deactivation Cb0g gitir
- 057 UAC token Duplication Attack SqHc gitir
- 058 Comprehensive Exploration of Windows Named Pipes 0usK gitir
- 059 Named Pipe Impersonation Attack 4EaB gitir
- 060 Elevate Privilege through Service Control Manager xzUm gitir
- 061 Exploiting vulnerabilities to elevate the Privilege XrBZ gitir
- 062 Unquoted Service Paths misconfiguration fRMc gitir
- 063 Hunting password files in a target machine MSSs gitir
- 064 What is LSASS exe dOUf gitir
- 065 Obtaining credentials via the WDigest protocol Bw5d gitir
- 066 Extracting data from lsass exe process and retrieving confidential information ee0S gitir
- 067 Diverse Approaches for Extracting Data from the lsass exe Process GYv3 gitir
- 068 NTLM Password cracking aYjU gitir
- 069 Stealing Browser login data s tD1U gitir
- 070 Credential Access through SAM and SYSTEM Hives gzir gitir
- 071 RDP enable Via Registry P5q5 gitir
- 072 Modify System firewall to enable the RDP Connections orz1 gitir
- 073 Laterally Move Through Impacket SGlp gitir
- 074 Investigation and IR plan for a lateral movement 12Ip gitir
- 075 Exfiltrating Confidential Information ptjH gitir
- 076 Exfiltration through third party Application zLWD gitir
- 077 The Stealbit Exfiltration Tool egIE gitir
- 078 Deleting Shadow copies from the Machine qmuO gitir
- 079 Modify Boot Status policies pFJs gitir
- 080 Deleting Event Logs from the target Machine iOgQ gitir
- 081 Executing Ransomware Binary to the Target Machine IckT gitir
- 082 IR plan for a Ransomware Attack WHs5 gitir
- 083 Investigating 4624 and 4625 Events PzJ5 gitir
- 084 Investigating 7045 and 7034 Events 8NXS gitir
- 085 Investigating Scheduled task creation Events n1RK gitir
- 086 Investigating SMB and RDP Activity q00e gitir
- 087 Investigating SRUM Data emjk gitir
- 088 Investigating Browser History VBF6 gitir
- 089 Akira Ransomware Qx5K gitir
- 090 Ryuk Ransomware C6uz gitir
- 091 Lockbit Ransomware zFbh gitir
- 092 Red Blue Teamers Course Conclusion lFMZ gitir