2022
-
»
Environment Variables in Linux
-
»
Identifying ARP Request Packets with Wireshark
-
»
Netbios Enumeration
-
»
SNMP Enumeration with snmp-check
-
»
MAC flooding attack
-
»
PsTools
-
»
Hands on Windows Shellcoding: Create ROP via mona.py
-
»
Introduction to Configuration Management
-
»
Vi Editor in Linux
-
»
A General Overview of Nuclei Command Line
-
»
Introduction to Patching
-
»
Understanding Bug Bounty Hunting
-
»
The Basics of Securing Workstations: Virtual
-
»
A Note on Linux Package Managers
-
»
Windows Exploit Countermeasures: Part 1
-
»
Network protocols explained: IMAP, POP3, SMTP, RDP and VNC
-
»
Vulnerability Scanners: Result Accuracies
-
»
The Basics of Securing Workstations: Physical
-
»
Post-Exploitation: Information Collection and Persistance via Process Migration
-
»
Basic Physical Security
-
»
Basic Wireless Technologies and an Example of their Exploits
-
»
Secure Browsing 101
-
»
Common Constraints of Penetration Testing
-
»
An Overview of File Inclusion Vulnerabilities
-
»
So many Linux commands and switches – How do I remember them all?
-
»
Viewing hidden files and directories in Linux
-
»
Windows Universal Shellcoding x86
-
»
Kerberos Attack and Defense Techniques
-
»
Introduction to Malware Endpoint hunting
-
»
Malware hunting: Detection tools
-
»
MAC Spoofing with MAC Changer
-
»
Exploiting EternalBlue With Metasploit
-
»
Securing Servers: An Introductory Guide
-
»
What is Network Sniffing?
-
»
Common Application Security Testing (AST) Tools in DevSecOps
-
»
Introduction to Vulnerability Management
-
»
Hunting Webshells: Tools
-
»
AppSec Pipeline and Shift-left
-
»
Hunting Webshells: Linux and Windows Commands
-
»
Creating and Executing Linux Shell Scripts
-
»
Access Control Trends in Organizations
-
»
Access Control Technologies and Systems
-
»
Access Control Models
-
»
How Practical is Homomorphic Encryption?
-
»
The 6 components of DevSecOps
-
»
Linux Resource Monitoring Commands
-
»
Understanding GCP Identity and Access Management
-
»
Using Metasploit to Enumerate SSH
-
»
Intro to Hunting Webshells
-
»
Suspicious Traffic Hunting
-
»
Malware Classification
-
»
Securing Docker Containers
-
»
A Beginner’s Practical Guide to Docker
-
»
Basic Windows Shellcoding
-
»
Windows Egg-Hunting
-
»
API Security
-
»
Federated Identity Management and Single-Sign-On (SSO)
-
»
Shell Scripts in Linux
-
»
Managing Linux User Accounts
-
»
Hands-on with Google Cloud Key Management Service (KMS)
-
»
Enumerating and Exploiting AWS S3 Buckets with S3Scanner and Flaws.cloud
-
»
An Introduction to DevSecOps
-
»
Search, Seize, Preserve!: Digital Evidence
-
»
Azure Sentinel: A Beginner's Guide
-
»
A Quick Rundown of Cryptography and Steganography
-
»
What Is Phishing?
-
»
Windows Exploitation: SEH based overflow
-
»
Password Cracking Techniques, Tools and Protection Recommendations
-
»
S3 Bucket URL Enumeration
-
»
Hands-on with YAML Basics
-
»
Linux Exploitation: Format String Vulnerabilities and Exploitation
-
»
An Explanation of Knowledge and Behavior-Based Detection Within an IDS
-
»
Root Login vs. Sudo
-
»
Additional Security with Amazon EMR
-
»
Social Engineering: Basic Principals, Attacks, Phases and Prevention
-
»
File Types in Linux
-
»
A Brief Introduction to Wordlists and how to Generate them with CeWL
-
»
Open Redirection
-
»
File Permissions in Linux
-
»
Understanding User Roles and IAM in AWS
-
»
Enumerating Active Directory with Powerview
-
»
Enumerating SMTP with Metasploit
-
»
The Working Environment of Popular Debuggers and Disassemblers
-
»
User Accounts on Linux Systems
-
»
An Introduction to Active Directory and how PowerShell can be used as a Security Auditor
-
»
Introduction to Debuggers and Disassemblers
-
»
Sandboxing
-
»
Security as a Service (SECaaS)
-
»
Platform as a Service (Paas)
-
»
Software as a Service (SaaS)
-
»
Tools to get you Started in Malware Analysis
-
»
Linux Exploitation: x64 shellcode
-
»
Linux Exploitation: Basic Linux Shellcoding
-
»
Investigating Crypto Crimes: An Introduction
-
»
Custom Security Groups on AWS
-
»
A Brief Overview into Containers and the Challenges they Address
-
»
Improving DevOps Pipeline Security
-
»
General Security Risks when Applying DevOps
-
»
Shared Security Responsibilities in AWS
-
»
Identifying Malware Persistance
-
»
The NIST Cybersecurity Framework and the Benefits of Implementing it
-
»
Linux Exploitation: Linux Reverse TCP Shellcode
-
»
Infrastructure as a Service (IaaS)
-
»
A Quick Overview of Container Vulnerabilities
-
»
Security Measures to Protect your AWS Simple Storage Service (S3)
-
»
A Brief Explanation of Zero-Trust Security Architecture
-
»
The Security Advantages of AWS Elastic Load Balancing (ELB)
-
»
Linux Command Line 101: Basic Redirection and Pipes
-
»
Broken Access Control (BAC)
-
»
Introduction to GRC and its importance in Cyber Security
-
»
Linux Command Line 101: Viewing File Contents
-
»
Linux Exploitation: Advanced Exploit Protection Evasion
-
»
A Look into AWS Data Center Security Procedures
-
»
Introduction to the DevSecOps Environment
-
»
An Overview of Version Control System (VCS)
-
»
A Brief Introduction to AWS Key Management Service
-
»
Access Control Monitoring
-
»
Access Control Levels
-
»
Access Control Threats
-
»
Access Control Fundamentals
-
»
Introduction to RSA encryption
-
»
PowerShell Basics for Security Professionals
-
»
AWS Password Policies
-
»
AWS - Five Pillars of a Well-Architected Framework
-
»
A Quick Start Guide to Network Monitoring and Security features in AWS
-
»
Compliance and Security in Amazon Web Services (AWS)
-
»
Linux Command Line 101: Basic File and Directory Operations
-
»
Introduction to Resilient Data Protection Systems
-
»
Linux Exploitation: Evading Exploit Protection
-
»
Getting started with Linux Forensics
-
»
Manual and automated password acquisition
-
»
Fundamental threat hunting concepts and examples
-
»
An introduction to web shells
-
»
Scanning SMB, Telnet and FTP default ports
-
»
Common methods an adversary may adopt to cover their tracks
-
»
Securing Data in the Cloud with Cryptographic Appliances
-
»
Host discovery
-
»
Collecting Linux System Information for DFIR
-
»
Basic Components of a Secure Network Architecture in the Cloud
-
»
Directory traversal
-
»
Analyzing malicious code without reverse engineering the assembly
-
»
Server-side request forgery
-
»
Insecure Direct Object References
-
»
NTFS data stream manipulation
-
»
What is fileless malware?
-
»
Evading IDS/Firewall while network scanning
-
»
What is Privilege Escalation?
-
»
Business Continuity Planning
-
»
The Importance of Security Training and Awareness
-
»
Introduction to Web Application Firewall (WAF)
-
»
Securing Wireless Network-based IDPS (NIDPS)
-
»
Business Impact Analysis Issues in the Cloud
-
»
Securing Computing Resources
-
»
Malware Injection Techniques: API hooking techniques
-
»
Using YARA for Threat Hunting in Enterprise Environments
-
»
Cloud-Based Key Control
-
»
Common Myths about Password Security
-
»
Content Discovery - Part 2
-
»
Content Discovery - Part 1
-
»
Hybrid Cloud
-
»
Private Cloud
-
»
Public Cloud
-
»
Cloud computing
-
»
Introduction to Security Control Types and Functions
-
»
Windows Exploitation: Stack Overflow Part 2
-
»
Windows Exploitation: Stack Overflow Part 1
-
»
Disaster Recovery
-
»
Advanced Persistent Threat Lifecycle
-
»
Understanding the different types of scan you can perform with Nmap
-
»
Common Code Injection Vulnerabilities
-
»
How to Stop SMTP Open Relays
-
»
A Note on Linux Directory Structure for DFIR
-
»
Introduction to Honeypots, Honeynets, and Padded Cells
-
»
Introduction to Threat Modeling
-
»
A gentle introduction to digital forensics on Linux
-
»
Understanding Security Information and Event Management Systems (SIEMs)
-
»
DNS enumeration using zone transfer
-
»
What is a Keylogger?
-
»
Understanding Proxy Servers
-
»
Perimeter Security
-
»
DMZ security risks and opportunities
-
»
What Is Spyware?
-
»
What is Adware?
-
»
Secure Peer-to-Peer Networks
-
»
Develop Secure Java Applets: A Step-by-Step Guide
-
»
Find Out Which Cloud model Fits for Your Security Concerns
-
»
Significance of ‘strings’ tool in Digital Forensics
-
»
Malware Injection Techniques: AtomBombing, EWMI, NtTestAlert
-
»
Security risks and protection of VMs
-
»
Types of virtualization
-
»
Windows update types
-
»
Application restriction
-
»
Enumerating AWS S3 Buckets
-
»
What is OS Fingerprinting/Banner grabbing?
-
»
What are Security Roles And Responsibilities?
-
»
Introduction to Data Classification
-
»
SDLC Software Development Life Cycle
-
»
BYOD Bring Your Own Device
-
»
Content Filtering
-
»
Types of Alerts
-
»
Internet Protocol Security (IPSec)
-
»
Transport Layer Security (TLS): An Introduction
-
»
Secure Sockets Layer (SSL) and Secure-HTTP (HTTP-S) Protocols
-
»
Benefits of Separation of Duties
-
»
Windows Recycle Bin Forensics
-
»
Malware Injection Techniques: APC injection
-
»
Linux Exploitation: Abusing EIP
-
»
Rootkits
-
»
Network Footprinting
-
»
Network Switches
-
»
Weaknesses in default configuration settings
-
»
Design vulnerabilities
-
»
Race conditions
-
»
XML External Entity Injection
-
»
SQL Injection Attacks
-
»
Hashing Algorithms: Introduction
-
»
Remote Access Authentication: PAP and CHAP
-
»
How Do You Prevent Brute Force Attacks?
-
»
Hands-on with Hash Functions
-
»
Low-security VPN solution: Point-to-Point Tunneling Protocol
-
»
The Role of Security Policies in an Organization
-
»
A Note on Volatility Profiles for Memory Forensics
-
»
Server-Client Communication Security: Digital Certificates
-
»
Site-to-Site VPN
-
»
Introduction to Virtual Private Network (VPN)
-
»
A Beginner's Guide to Mimikatz
-
»
Linux Exploitation: Stack Smashing
-
»
Data Security Management
-
»
Cross-Site Request Forgery
-
»
The Biba Model: A comparison between Bell-laPadula
-
»
The Attacker Mindset: The DAD Triad
-
»
Introduction to Risk Management
-
»
Importance of Hashing in Digital Forensics
-
»
Deploy Your First Project on Terraform with Basic HCL
-
»
Input Validation
-
»
Practical Windows Hardening: Security Templates
-
»
Identification and Authentication Methods: Kerberos
-
»
Different types of vulnerability scanners
-
»
Significance of Windows Alternate Data Streams in DFIR
-
»
Introduction to Linux binary exploitation - Part 1
-
»
Cross-Site Scripting (XSS) Vulnerabilities
-
»
Buffer overflow vulnerabilities
-
»
Introduction to Access Controls
-
»
Windows NTFS File Attributes for Digital Forensics
-
»
Securing application cookies
-
»
What are software backdoors?
-
»
File system security: Overview of File System
-
»
What is Infrastructure as Code (IAC) and its Benefits?
-
»
Detecting exfiltration over network protocols
-
»
Windows Shellbags in Digital Forensics
-
»
Introduction to DevOps: Culture and Practices
-
»
Network protocols explained: ARP, DNS, DHCP, HTTP and FTP
-
»
Data Audit Best Practices
-
»
Network Security with a Packet Filtering Firewalls
-
»
An Introduction to Web Browser Forensics
-
»
Hands On with Public Key Cryptography
-
»
Malware Injection Techniques: Thread Execution Hijacking and SetWindowsHookEx
-
»
Malware Injection Techniques: Process Hollowing
-
»
Malware Injection Techniques: Introduction
-
»
What is a Firewall?
-
»
Securing Windows: An Introduction to Windows Group Policy
-
»
Securing Confidentiality of Data using the Bell-LaPadula Model
-
»
Components of an Information System
-
»
Hands-on with shared key encryption
-
»
Introduction to STRIDE as a Threat Modelling Framework
-
»
Common network devices you need to know
-
»
Introduction to Cryptography and Block Cipher Modes
-
»
Windows File System Tunneling in Digital Forensics
-
»
Bluetooth Attacks
-
»
Securing wireless devices
-
»
BIOS Security 101
-
»
Data Loss Prevention - Part 2
-
»
Different types of cyber attacks
-
»
How do intrusion detection systems work?
-
»
What is WOW64?
-
»
Windows Processes and Services
-
»
Windows Scheduled Tasks in Digital Forensics
-
»
Native Scripting Tools in Windows: Should You Use Powershell?
-
»
Windows Event Logs in Digital Forensics
-
»
Reverse Shells 101
-
»
Introduction to the Sysinternals Tools
-
»
Secure Your AWS Root Account with 5 Best Practices
-
»
A Day in the Life of a Digital Forensic Investigator
-
»
Data Loss Prevention - Part 1
-
»
Windows Internals: Processes
-
»
Introduction to Behavior Analysis Techniques
-
»
Model, provision and manage AWS using CloudFormation
-
»
Windows Master File Table (MFT) in Digital Forensics
-
»
The OSI Model
-
»
Fuzzy Hashing, Import Hashing and Section Hashing
-
»
Introduction to YARA Rules - Part 2
-
»
What is Data Governance?
-
»
A General Overview of Penetration Testing Methodologies
-
»
What is vulnerability scanning?
-
»
What is Security Testing and Penetration Testing?
-
»
Windows File System Journal in Digital Forensics
-
»
Network protocols explained: what are they, and why are they important?
-
»
What is Ransomware?
-
»
Cybersecurity Business Analyst
-
»
Introduction to YARA Rules - Part 1
-
»
Identifying Obfuscated Malware
-
»
Forensic Importance of Windows File Management
-
»
Windows Volume Shadow Copies in Digital Forensics
-
»
Windows Registry in Digital Forensics
-
»
Reverse Engineering Portable Executables (PE) - Part 2
-
»
Reverse Engineering Portable Executables (PE) - Part 1
-
»
What will I do as an Incident Responder?
-
»
Introduction to Static Code Analysis for Malware Reverse Engineering
-
»
Using Netcat as a Reverse Shell
-
»
What is Pre-Incident Preparation?
-
»
Botnets and Zombies
-
»
Review and Testimonial: Samuel Romanov
-
»
OWASP Top 10 Web Application Vulnerabilities
-
»
Importance of Timelines in a Forensic Investigation
-
»
Person-in-the-Middle Attack (PITM)
-
»
Windows Hibernation files in Digital Forensics
-
»
A simple introduction to Red, Blue and Purple Teaming
-
»
Hunting in distributed organizations
-
»
What information can I find in a memory dump?
-
»
Guidelines for creating a Mission Update Brief
-
»
Setting up a DFIR Lab at home
-
»
Introduction to Risk Assessments
-
»
4 Approaches to threat hunt
-
»
Understanding Denial of Service Attacks
-
»
Hunting with Threat Emulation
-
»
Introduction to Memory Forensics
-
»
Email: Another source for data exfiltration
-
»
Visual signs of a malware infection
-
»
Understanding File Magic Numbers for Digital Forensics
-
»
Intrusion detection systems
-
»
Writing Digital Forensics Reports
-
»
Generating a threat hunting hypothesis
-
»
Windows Prefetch files in digital forensics
-
»
Common delivery malware infection methods
-
»
The business case for threat hunting for small businesses
-
»
Using DNS for Threat Hunting
-
»
Understanding the Threat Hunting Process Step-by-Step
-
»
Types of Malware
-
»
Cyber Kill Chain
-
»
Physical, Technical and Administrative Controls
-
»
Threat actors in cyberspace
-
»
Types of hackers
-
»
Types of Security Threats
-
»
AAA of security
-
»
What is an Incident Response Toolkit?
-
»
Timestamp Format in Windows, Linux-based and MAC Operating Systems
-
»
Little-endian vs Big-endian
-
»
What is a forensic image?
-
»
A short introduction to the major cyber disciplines
-
»
Cybersecurity for pre-beginners
-
»
CIA Triad
-
»
Mossé Cyber Security Institute: Part III
-
»
Performing digital forensics on a windows machine – where do I start?
-
»
Using organizational chart to show the structure of teams and organizations
-
»
What are Zero-Day Vulnerabilities and Who Uses Them?
-
»
Guidelines for creating a CONOP Brief
-
»
The Reconnaissance Phase in Penetration Testing Engagements
-
»
Mastering the Preparation Phase in penetration testing engagements
-
»
Introduction to the Penetration Testing Workflow
-
»
Review and Testimonial: Nathan Collins
-
»
Example of a penetration testing report executive summary
-
»
Introduction to Red Team Tools and Techniques
-
»
Using Contextual Analysis to decide on a target software for vulnerability research
-
»
Introduction to the Vulnerability Research and Exploitation Workflow
-
»
Designing Threat Emulation Scenarios
-
»
How can CISOs make sense of Cyber Red Team results?
-
»
Can Red Teaming exercises be automated?
-
»
Top reasons why Red Teamers should know how to write their own custom tools
-
»
Choosing a Command and Control Infrastructure
-
»
The importance of Freedom of Movement when running Red Team exercises
-
»
Key metrics to measure the success of a Red Team Exercise
-
»
The business case against Red Teaming
-
»
What role does incident handling play when a cyber attack occurs?
-
»
What is the difference between Red Teaming, Penetration Testing and Vulnerability Assessments?
-
»
What is the OODA Loop and why is it relevant to Red Teaming?
-
»
Using the Cyber Kill Chain and the MITRE Matrix for Red Team Operations
-
»
Designing realistic cyber threat emulations
-
»
What is the right mindset for Red Teaming?
-
»
Why do we Red Team?
-
»
A short introduction to writing incident response playbooks
-
»
Why do we do incident response?
-
»
Review and Testimonial: Anushka Lal
-
»
Mossé Cyber Security Institute: Part II
-
»
Mossé Cyber Security Institute: Part I
2021