Cyber Security & ANTI-HACKING Workshop (HACK) – מתווה

מתווה קורס מפורט

Cybersecurity basics
  • What is hacking?
  • What is IT security?
  • Attackers, motivation and tactics
  • General definitions and metrics
  • Attack techniques and tactics according to Mitre Att&ck
Current trends
  • Current metrics
  • Proven attack techniques
  • Cybersecurity trends and current threat situation
Initial infection
  • Types of social engineering
  • Password-based attacks
  • Advantages and disadvantages of password policies
  • Phishing and bypassing MFA / 2FA
  • M365 attacks
  • Adversary-in-the-browser attack
  • Browser-in-the-browser attack
  • Recognizing and preventing phishing
  • Email-based attacks
  • Browser-based attacks
  • Attacks with peripheral devices
  • Exploit vs. social engineering
  • Physical attacks
Infrastructure security
  • Introduction of the attack chain
  • Enumeration and footprinting
  • Discovery and port scanning
  • Off-line cracking
  • Reverse and bind shells
  • Evaluation of vulnerabilities
  • Command injections, webshells and SSRF
  • Introduction to Metasploit
Linux Security
  • Linux basics
  • Linux Exploitation
  • Lateral movement and pivoting
  • Privilege Escalation
  • Post-exploitation
  • Case Studies
Windows Security
  • Windows basics
  • Windows Credential System
  • NG Firewall Invasion
  • Pivoting
  • Memory Corruptions
  • Exploit Mitigations
  • Meterpreter advanced
  • Keylogging
  • Client-Side Exploitation
  • Sysinternals Suite
  • Library hijacking
Active Directory Security
  • Active Directory basics
  • Coercion attacks
  • Passing on the hash (PTH)
  • Passing on the ticket (PTT)
  • Golden tickets, silver tickets
  • Impersonation
  • Kerberoasting
  • Over-pass the Hash / Pass the Key
  • Skeleton key
  • Machine account quota
  • AdminSDHolder
  • Enterprise access model
  • Privileged Access Workstations
Evasion
  • Native Malware, Powershell Malware, .NET Malware
  • A/V evasion
  • Exfiltration and C+C
Post-exploitation
  • Native and meterpreter commands for post-exploitation
  • Living-off-the-land attacks
  • Fileless malware
  • Lateral Movemenent (RDP, WMI, WinRM, DCOM RPC)
Defense in Depth
  • Windows hardening
  • Active Directory Hardening
  • The Kill Chain
  • Network defense
  • Basics of ISMS
  • Advanced network defense
  • Threat modeling and protecting crown jewels
  • Setting up and operating security operation centers
  • Incident response policies
  • Threat intelligence
Ransomware defense
  • Backup strategy
  • RPO and RTO
  • Recovery strategy
  • Ransomware protection
  • To pay or not to pay?
  • Decryption considerations
  • Tools
Web security
  • Introduction to web applications, services and http
  • OWASP TOP 10
  • Dealing with browser developer tools
  • Web vulnerabilities on the server side (SSRF, command injections, deserialization, SQLi, file inclusion)
  • Browser-supported web vulnerabilities (XSS, XSRF, etc)
  • Vulnerabilities in web services
Ask me Anything with trainer
  • Open question and answer session
  • Discussion of current projects
  • Deepening
Network security
  • Introduction to Wireshark and Scapy
  • Different types of MiTM attacks
  • Sniffing and injection
  • Switching security
  • Microsegementation
  • Wifi security main threats
  • Attacks on TCP/IP stack
  • TCP, UDP, IPv4/ IPv6 threats
  • Network access control
Secure communication
  • Encryption basics
  • Different cryptosuites
  • Public key infrastructures
  • Crypto-Hardening
  • Practical use of cryptography
  • Introduction to TLS/SSL
  • TLS/SSL attacks and defense
  • Hard disk encryption
Denial of service
  • Types of denial of service
  • Motives of the attackers
  • Memory corruption DoS
  • Focus on volume-based DDoS
  • Defense against denial of service
  • Incident response for DoS

Case studies and exercises

Basics
  • Setting up a phishing page
  • DNS reconnaissance
  • Port scanning
  • Exchange-Exploitation
Linux
  • Exploitation of a Linux server
  • Post-exploitation of the Linux server
  • Linux lateral movement
  • Heartbleed
Windows
  • Pivot to Windows
  • Lateral movement in Active Directory - Coercion attack
  • Kerberoasting
  • Post-Exploitation
Web
  • Web bruteforcing
  • XSS vulnerability
  • SQL Injection
  • Exploitation Wordpress RCE
Networking
  • Scapy basics
  • Analysis of MiTM attacks
  • Wireshark basics
  • VoIP interception of WebRTC traffic
  • TLS stripping with HSTS bypass
Demos
  • Attack on Keepass
  • Windows DLL hijacking
  • Examples from Virustotal and Any.run
  • Backdoor with MSFvenom
  • Targeted breaking of an A/V signature