Description

Price: 5.00 USD | Size: 1.20 GB | Duration :9.00+  Hours

BRAND: Expert TRAINING | ENGLISH | INSTANT DOWNLOAD

OFFENSIVE SECURITY – SOC 200

Content

0.Tamarisk-SOC200-WEI_03_00-Command Prompt VBScript and Powershell

1.Tamarisk-SOC200-WEI_03_01-Command Prompt

2.Tamarisk-SOC200-WEI_03_02-Visual Basic Script (VBScript)

3.Tamarisk-SOC200-WEI_03_03-PowerShell

4.Tamarisk-SOC200-WEI_05_00-Windows Event Log

5.Tamarisk-SOC200-WEI_05_01-Introduction to Windows Events

6.Tamarisk-SOC200-WEI_05_02-PowerShell and Event Logs

7.Tamarisk-SOC200-WEI_06_00-Empowering the Logs

8.Tamarisk-SOC200-WEI_06_01-System Monitor (Sysmon)

9.Tamarisk-SOC200-WEI_06_02-Sysmon and Event Viewer

10.Tamarisk-SOC200-WEI_06_03-Sysmon and PowerShell

11.Tamarisk-SOC200-WEI_06_04-Remote Access with PowerShell Core

12.Tamarisk-SOC200-WSSA_01_03-Brute Force Logins

13.Tamarisk-SOC200-WSSA_02_02-Local File Inclusion

14.Tamarisk-SOC200-WSSA_02_03-Command Injection

15.Tamarisk-SOC200-WSSA_02_04-File Upload

16.Tamarisk-SOC200-WSSA_03_01-Binary Attacks

17.Tamarisk-SOC200-WSSA_03_02-Windows Defender Exploit Guard (WDEG)

18.Tamarisk-SOC200-WCSA_01_03-Using Macros

19.Tamarisk-SOC200-WCSA_02_01-Introduction to PowerShell Logging

20.Tamarisk-SOC200-WCSA_02_02-PowerShell Module Logging

21.Tamarisk-SOC200-WCSA_02_03-PowerShell Script Block Logging

22.Tamarisk-SOC200-WCSA_02_04-PowerShell Transcription

23.Tamarisk-SOC200-WCSA_02_05-Case Study PowerShell Logging for Phishing Attacks

24.Tamarisk-SOC200-WCSA_02_07-ObfuscatingDeobfuscating Commands

25.Tamarisk-SOC200-WPE_01_01-Privilege Escalation Enumeration

26.Tamarisk-SOC200-WPE_01_03-Bypassing UAC

27.Tamarisk-SOC200-WPE_02_01-Service Creation

28.Tamarisk-SOC200-WPE_02_02-Attacking Service Permissions

29.Tamarisk-SOC200-WPE_02_03-Leveraging Unquoted Service Paths

30.Tamarisk-SOC200-LEI_01_00-Linux Applications and Daemons

31.Tamarisk-SOC200-LEI_01_01-Daemons

32.Tamarisk-SOC200-LEI_01_02-Logging on Linux and the Syslog Framework

33.Tamarisk-SOC200-LEI_01_03-Rsyslog Meets Journal

34.Tamarisk-SOC200-LEI_01_04-Web Daemon Logging

35.Tamarisk-SOC200-LEI_02_00-Automating the Defensive Analysis

36.Tamarisk-SOC200-LEI_02_01-Python for Log Analysis

37.Tamarisk-SOC200-LEI_02_02-DevOps Tools

38.Tamarisk-SOC200-LEI_02_03-Hunting for Login Attempts

39.Tamarisk-SOC200-LSSA_01_00-Credential Abuse

40.Tamarisk-SOC200-LSSA_01_01-Suspicious Logins

41.Tamarisk-SOC200-LSSA_01_03-Password Brute Forcing

42.Tamarisk-SOC200-LSSA_02_00-Web Application Attacks

43.Tamarisk-SOC200-LSSA_02_01-Command Injection

44.Tamarisk-SOC200-LSSA_02_03-SQL Injection

45.Tamarisk-SOC200-LPE_01_00-Attacking the Users

46.Tamarisk-SOC200-LPE_01_01-Becoming a User

47.Tamarisk-SOC200-LPE_01_02-Backdooring a User

48.Tamarisk-SOC200-LPE_02_00-Attacking the System

49.Tamarisk-SOC200-LPE_02_01-Abusing System Programs

50.Tamarisk-SOC200-LPE_02_03-Weak Permissions

51.Tamarisk-SOC200-ND_01_02-Foundations of IDS and Rule Crafting

52.Tamarisk-SOC200-ND_02_01-Known Vulnerabilities

53.Tamarisk-SOC200-ND_02_03-Novel Vulnerabilities

54.Tamarisk-SOC200-ND_03_01-C2 Infrastructure

55.Tamarisk-SOC200-ND_03_03-Network Communications

56.Tamarisk-SOC200-WP_01_01-Persisting via Windows Service

57.Tamarisk-SOC200-WP_01_02-Persisting via Scheduled Tasks

58.Tamarisk-SOC200-WP_01_03-Persisting by DLL-SideloadingHijacking

59.Tamarisk-SOC200-WP_02_01-Using Run Keys

60.Tamarisk-SOC200-WP_02_02-Using Winlogon Helper

61.Tamarisk-SOC200-AAE_01_02-Signature-Based Detection

62.Tamarisk-SOC200-AAE_01_03-Real-time Heuristic and Behavioral-Based Detection

63.Tamarisk-SOC200-AAE_02_01-Understanding AMSI

64.Tamarisk-SOC200-AAE_02_02-Bypassing AMSI

65.Tamarisk-SOC200-ADE_01_02-Interacting with LDAP

66.Tamarisk-SOC200-ADE_01_03-Enumerating Active Directory with PowerView

67.Tamarisk-SOC200-ADE_02_01-Auditing Object Access

68.Tamarisk-SOC200-ADE_02_02-Baseline Monitoring

69.Tamarisk-SOC200-ADE_02_03-Using Honey Tokens

70.Tamarisk-SOC200-NET_02_01-Detecting Egress Busting

71.Tamarisk-SOC200-NET_03_02-Port Forwarding and Tunneling in Practice

72.Tamarisk-SOC200-WLM_01_01-Pass The Hash

73.Tamarisk-SOC200-WLM_01_02-Brute Force Domain Credentials

74.Tamarisk-SOC200-WLM_01_03-Terminal Services

75.Tamarisk-SOC200-WLM_02_01-Pass The Ticket

76.Tamarisk-SOC200-WLM_02_02-Kerberoasting

77.Tamarisk-SOC200-ADP_01_01-Domain Group Memberships

78.Tamarisk-SOC200-ADP_01_02-Domain User Modifications

79.Tamarisk-SOC200-ADP_01_03-Golden Tickets

80.Tamarisk-SOC200-SIEM_01_02-Elastic Stack (ELK)

81.Tamarisk-SOC200-SIEM_01_03-ELK Integrations with OSQuery

82.Tamarisk-SOC200-SIEM_02_01-Rules and Alerts

83.Tamarisk-SOC200-SIEM_02_02-Timelines and Cases

84.Tamarisk-SOC200-SIEM02_01_00-Phase One Web Server Initial Access

85.Tamarisk-SOC200-SIEM02_01_01-Enumeration and Command Injection of web01

86.Tamarisk-SOC200-SIEM02_01_02-Phase One Detection Rules

87.Tamarisk-SOC200-SIEM02_02_00-Phase Two Lateral Movement to Application Server

88.Tamarisk-SOC200-SIEM02_02_01-Brute Force and Authentication to appsrv01

89.Tamarisk-SOC200-SIEM02_02_02-Phase Two Detection Rules

90.Tamarisk-SOC200-SIEM02_03_00-Phase Three Persistence and Privilege Escalation on Application Server

91.Tamarisk-SOC200-SIEM02_03_01-Persistence and Privilege Escalation on appsrv01

92.Tamarisk-SOC200-SIEM02_03_02-Phase Three Detection Rules

93.Tamarisk-SOC200-SIEM02_04_00-Phase Four Perform Actions on Domain Controller

94.Tamarisk-SOC200-SIEM02_04_01-Dump AD Database

95.Tamarisk-SOC200-SIEM02_04_02-Phase Four Detection Rules