SlideShare a Scribd company logo

Offensive cyber security engineer

S
ShivamSharma909

The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program. https://www.infosectrain.com/courses/offensive-cyber-security-engineer-training/

Education
1 of 24
Download to read offline
www.infosectrain.com | sales@infosectrain.com OFFENSIVE CYBER SECURITY ENGINEER TRAINING PROGRAM 120 hrs of instructor-led Live Online training Exam voucher included for EC-Council CEH Make you ready for face-off Extra Doubt clearing sessions Hands on lab
www.infosectrain.com | sales@infosectrain.com 01 Offensive Cyber Security Expert MITRE ATT&CK ISO 27001 Fundamental/PCI-DSS Job Interview Preparation You start here Advanced Penetration Testing Exploit Development Basics (Python Shell Script) Review entire job skill set Certified Ethical Hacker (CEH) Learning Path
www.infosectrain.com | sales@infosectrain.com 02 Tools covered Offensive Cyber Security Engineer SUBLIST3r XSS-LOADER sqlmap
www.infosectrain.com | sales@infosectrain.com 03 What are the career benefits of this training program? In order to land into a good job as an Offensive Security Engineer analyst must have a 360-degree view of the cybersecurity domains that comprise a wide vari- ety of components and technology. We have bundled all the Skill Sets into this Offensive Cyber Security Engineer’s program. What skills will you learn? At the end of this Master Certificate in Cyber Security Program, you will be equipped with the following skillsets: Pre-Requisite • Offensive Security Engineering course • Prior knowledge of Basic Networking Protocols, OS fundamental, Linux basics is recommended. Master advanced hacking concepts to manage information security efficiently. Writing your own custom codes. Understanding the windows and Linux environment more closely. Understand the corporate infrastructure at a different level Design security architecture and framework for a secure IT operation.
www.infosectrain.com | sales@infosectrain.com 04 Security Fundamentals : Eccouncil CEH / CEH (Practical) This course would be covering the essentials of security, touching base on se- curity terminologies, various attack methodologies and techniques used by offenders/hackers in the real world. Advancing forward, it also covers in-depth, various aspects of the cybersecurity field. The course also provides hands-on experience on various industrial tools used for these purposes. Module 01: Introduction to Ethical Hacking Module 02: Footprinting and Reconnaissance Module 03: Scanning Networks Module 04: Enumeration Module 05: Vulnerability Analysis Module 06: System Hacking Module 07: Malware Threats Module 08: Sniffing Module 09: Social Engineering Module 10: Denial-of-Service Module 11: Session Hijacking Module 12: Evading IDS, Firewalls, and Honeypots Module 13: Hacking Web Servers Module 14: Hacking Web Applications Module 15: SQL Injection Module 16: Hacking Wireless Networks Module 17: Hacking Mobile Platforms Module 18: IoT Hacking Module 19: Cloud Computing Module 20: Cryptography CEH YEAR 2020
www.infosectrain.com | sales@infosectrain.com 05 Advanced Pentest : InfosecTrain APT This is an advanced level course designed by experts for InfosecTrain. The course imparts a very high level of understanding of various components of infrastruc- ture, including OS, IDS/IPS, firewalls, etc., determining vulnerabilities in these systems and using them to break into a secured system without being dis- covered. The course also focuses on providing an understanding and usage of a variety of tools. • Understanding the target audience • Rules of engagement • Communication escalation path • Resources and requirements Domain 1: Planning and Scoping 1.1 Explain the importance of planning for an engagement. - Confidentiality of findings - Known vs. unknown • Budget • Impact analysis and remediation timelines • Disclaimers • Technical constraints • Support resources - Point-in-time assessment - Comprehensiveness - WSDL/WADL - SOAP project file - XSD - Sample application requests A PT Advanced Penetration Testing
www.infosectrain.com | sales@infosectrain.com 06 - SOW - MSA - NDA - SDK documentation - Swagger document - Architectural diagrams • Contracts - Obtain signature from proper signing authority - Third-party provider authorization when necessary • Written authorization Advanced pentest: InfosecTrain APT Domain 1: Planning and Scoping - Export restrictions - Local and national government restrictions - Corporate policies • Environmental differences 1.2 Explain key legal concepts. 1.3 Explain the importance of scoping an engagement properly. - Red team • Types of assessment - Goals-based/objectives-based - Compliance-based - Supply chain • Special scoping considerations - Premerger • Threat actors - Adversary tier - APT - Script kiddies - Hacktivist - Insider threat - Capabilities - Intent - Threat models - Supply chain • Target selection - Targets - Internal - On-site vs. off-site - External - First-party vs. third-party hosted - Physical - Users - SSIDs - Applications - Considerations - White-listed vs. black-listed - Security exceptions
www.infosectrain.com | sales@infosectrain.com 07 1.4 Explain the key aspects of compliance-based assessments. • Risk acceptance • Tolerance to impact • Scheduling • Scope creep • Strategy - Black box vs. white box vs. gray box - IPS/WAF whitelist - NAC - Certificate pinning - Company’s policies • Compliance-based assessments, limitations, and caveats - Rules to complete assessment - Password policies - Data isolation - Key management - Limitations - Limited network access - Limited storage access • Clearly defined objectives based on regulations Advanced pentest: InfosecTrain APT Domain 1: Planning and Scoping
www.infosectrain.com | sales@infosectrain.com 08 • Scanning • Enumeration - Hosts - Networks - Domains - Users - Groups - Network shares • Eavesdropping - RF communication monitoring • Packet crafting • Packet inspection • Fingerprinting • Cryptography - Certificate inspection - Web pages - Applications - Services - Tokens - Social networking sites Domain 2: Information Gathering and Vulnerability Identification 2.1 Given a scenario, conduct information gathering using appropriate techniques. 2.2 Given a scenario, perform a vulnerability scan. - Sources of research - CERT - NIST - JPCERT - CAPEC - Full disclosure - CVE - CWE • Decompilation • Debugging • Open Source Intelligence Gathering - Sniffing - Wired - Wireless • Credentialed vs. non-credentialed • Types of scans - Discovery scan - Full scan - Stealth scan - Compliance scan • Container security • Application scan - Dynamic vs. static analysis Advanced pentest: InfosecTrain APT Domain 2: Information gathering and vulnerability identification
www.infosectrain.com | sales@infosectrain.com 09 • Considerations of vulnerability scanning - Time to run scans - Protocols used - Network topology - Bandwidth limitations - Query throttling - Fragile systems/non-traditional assets • Asset categorization • Adjudication • Prioritization of vulnerabilities • Common themes 2.3 Given a scenario, analyze vulnerability scan results. - False positives - Vulnerabilities - Observations - Lack of best practices • Map vulnerabilities to potential exploits • Prioritize activities in preparation for penetration test • Describe common techniques to complete attack 2.4 Explain the process of leveraging information to prepare for exploitation. - Cross-compiling code - Exploit modification - Exploit chaining - Proof-of-concept development (exploit development) - Social engineering - Credential brute forcing - Dictionary attacks - Rainbow tables - Deception • ICS • SCADA • Mobile • IoT • Embedded • Point-of-sale system • Biometrics • Application containers • RTOS 2.5 Explain weaknesses related to specialized systems. Advanced pentest: InfosecTrain APT Domain 2: Information gathering and vulnerability identification
www.infosectrain.com | sales@infosectrain.com 10 • Phishing - Spear phishing - SMS phishing - Voice phishing - Whaling Domain 3: Attacks and Exploits 3.1 Compare and contrast social engineering attacks. • Elicitation • Interrogation • Impersonation • Shoulder surfing • USB key drop • Motivation techniques - Business email compromise • Name resolution exploits • SMB exploits • SNMP exploits • SMTP exploits • FTP exploits • DNS cache poisoning • Pass the hash • Man-in-the-middle • DoS/stress test • NAC bypass • VLAN hopping - NETBIOS name service - ARP spoofing - Replay - Relay - SSL stripping - Downgrade - LLMNR 3.2 Given a scenario, exploit network-based vulnerabilities. - Authority - Scarcity - Social proof - Urgency - Likeness - Fear Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
www.infosectrain.com | sales@infosectrain.com 11 • Cross-site request forgery (CSRF/XSRF) • Clickjacking • Security misconfiguration • File inclusion - Local - Remote • Unsecure code practices - Comments in source code - Lack of error handling - Overly verbose error handling - Hard-coded credentials - Race conditions - Unauthorized use of functions/unprotected APIs - Hidden elements - Sensitive information in the DOM - Lack of code signing - Directory traversal - Cookie manipulation • OS vulnerabilities - Windows - Mac OS - Linux - Android - iOS 3.5 Given a scenario, exploit local host vulnerabilities. • Authorization - Parameter pollution - Insecure direct object reference • Cross-site scripting (XSS) - Stored/persistent - Reflected - DOM 3.3 Given a scenario, exploit wireless and RF-based vulnerabilities. • Injections - SQL - HTML - Command - Code • Authentication - Credential brute forcing - Session hijacking - Redirect - Default credentials - Weak credentials - Kerberos exploits Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
www.infosectrain.com | sales@infosectrain.com 12 • Default account settings • Sandbox escape - Shell upgrade - VM - Container • Physical device security - Cold boot attack - JTAG debug - Serial console - Windows-specific - Cpassword - Clear text credentials in LDAP - Kerberoasting - Credentials in LSASS - Unattended installation - Unquoted service paths - Writable services - Unsecure file/folder permissions - Keylogger - Scheduled tasks - Kernel exploits • Piggybacking/tailgating • Fence jumping • Dumpster diving • Lock picking • Lock bypass • Egress sensor • Badge cloning 3.6 Summarize physical security attacks related to facilities. • Lateral movement - RPC/DCOM - PsExec - WMI - Scheduled tasks - PS remoting/WinRM - SMB • Persistence - Scheduled jobs - Scheduled tasks - Daemons - Back doors - Trojan - New user creation 3.7 Given a scenario, perform post-exploitation techniques. • Unsecure service and protocol configurations • Privilege escalation - Linux-specific - SUID/SGID programs - Unsecure SUDO - Ret2libc - Sticky bits - SAM database - DLL hijacking - Exploitable services Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
www.infosectrain.com | sales@infosectrain.com 13 - RDP - Apple Remote Desktop - VNC - X-server forwarding - Telnet - SSH - RSH/Rlogin • Covering your tracks Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
www.infosectrain.com | sales@infosectrain.com 14 • SYN scan (-sS) vs. full connect scan (-sT) • Port selection (-p) • Service identification (-sV) • OS fingerprinting (-O) • Disabling ping (-Pn) • Target input file (-iL) • Timing (-T) • Output parameters 4.1 Given a scenario, use Nmap to conduct information gathering exercises. • Use cases - Reconnaissance - Enumeration -oA -oN -oG -oX 4.2 Compare and contrast various use cases of tools. (**The intent of this objective is NOT to test specific vendor feature sets.) Domain 4: Penetration Testing Tools - Vulnerability scanning - Credential attacks - Offline password cracking - Brute-forcing services - Persistence - Configuration compliance - Evasion - Decompilation - Forensics - Debugging - Software assurance - Fuzzing - SAST - DAST - WinDBG - IDA - Software assurance - Findbugs/findsecbugs - Peach - Dynamo - AFL - SonarQube - YASCA - OSINT • Tools - Scanners - Nikto - OpenVAS - SQLmap - Nessus - Credential testing tools - Hashcat - Shodan - Maltego - Recon-NG - Censys - Wireless - Aircrack-NG - Kismet - WiFite Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
www.infosectrain.com | sales@infosectrain.com 15 - Hping - Mobile tools - Androzer - APKX - APK studio - MISC - Searchsploit - Powersploit - Responder - Impacket - Empire - Metasploit framework - Medusa - Hydra - Cewl - John the Ripper - Cain and Abel - Mimikatz - Patator - Dirbuster - W3AF - Debuggers - OLLYDBG - Immunity debugger - GDB - Whois - Nslookup - Foca - Theharvester - Web proxies - OWASP ZAP - Burp Suite - Social engineering tools - SET - BeEF - Remote access tools - SSH - NCAT - NETCAT - Proxychains - Networking tools - Wireshark • Password cracking • Pass the hash • Setting up a bind shell • Getting a reverse shell • Proxying a connection • Uploading a web shell • Injections 4.3 Given a scenario, analyze tool output or data related to a penetration test. Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
www.infosectrain.com | sales@infosectrain.com 16 • Logic • Common operations • Error handling • Arrays • Encoding/decoding • Substitutions • Variables 4.4 Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell). - Looping - Flow control - String operations - Comparisons • I/O - File vs. terminal vs. network Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
www.infosectrain.com | sales@infosectrain.com 17 • Course Introduction and Overview • Active Directory Overview • Physical, Logical Active Directory Components • Building Active Directory Lab 5.1 Active Directory Pentest • Introduction • LLMNR Poisoning Overview • Capturing NTLMv2 Hashes with Responder • Password Cracking with Hashcat • LLMNR Poisoning Defenses 5.2 Attacking Active Directory • Introduction • Pass the Hash / Password Overview • Cracking NTLM Hashes with Hashcat • Pass the Hash Attacks • Kerberoasting Overview • Kerberoasting Walkthrough • Kerberoasting Mitigation • Mimikatz Overview • Credential Dumping with Mimikatz 5.3 Post-Compromise Attacks Domain 5: Active Directory Pentest Advanced pentest: InfosecTrain APT Domain 5: Active directory pentest
www.infosectrain.com | sales@infosectrain.com 18 6.1 Given a scenario, use report writing and handling best practices. • Normalization of data • Written report of findings and remediation Domain 6: Reporting and Communication • Post-engagement cleanup • Client acceptance • Lessons learned • Follow-up actions/retest • Attestation of findings 6.2 Explain post-report delivery activities. - Removing shells - Removing tester-created credentials - Removing tools • Solutions 6.3 Given a scenario, recommend mitigation strategies for discovered vulnerabilities. - People - Process - Technology • Findings - Shared local administrator credentials - Weak password complexity - Plain text passwords - No multifactor authentication - SQL injection - Unnecessary open services • Risk appetite • Storage time for report • Secure handling and disposition of reports - Executive summary - Methodology - Findings and remediation - Metrics and measures - Risk rating - Conclusion Advanced pentest: InfosecTrain APT Domain 6: Reporting and communication
www.infosectrain.com | sales@infosectrain.com 19 • Remediation - Randomize credentials/LAPS - Minimum password requirements/password filters - Encrypt the passwords - Implement multifactor authentication - Sanitize user input/parameterize queries - System hardening • Communication path • Communication triggers 6.4 Explain the importance of communication during the penetration testing process. - Critical findings - Stages - Indicators of prior compromise • Reasons for communication • Goal reprioritization - Situational awareness - De-escalation - De-confliction Advanced pentest: InfosecTrain APT Domain 6: Reporting and communication
www.infosectrain.com | sales@infosectrain.com 20 • Introduction to Mitre ATT&CK - MITRE ATT&CK – Cyber Attack Lifecycle - Intro to attack.mitre.org - Pyramid of pain • Playing with Mitre - MITRE’s ATT&CK Matrix - MITRE’s ATT&CK Navigator • Testing with Caldera - Getting Started with Caldera - Automating Adversary Emulation • Atomic Red Team Test for MITRE-ATT&CK - Starting with Atomic Red Team - Running Test based on Mitre Framework This penetration testing course is specific to Active Directory. It focuses on strengthening the AD fundamental concepts. The course further provides an understanding and hands-on of various attacks performed on active directories along with post-compromise enumeration, attack and exploitation techniques. MITRE ATT&CK Red Teaming
www.infosectrain.com | sales@infosectrain.com 21 Linux Stack Smashing • Introduction to the basics of Linux stack overflow vulnerabilities and the require debugging toolset • Linux fundamentals • stack overflow exploitation • Linux exploit mitigations related to stack overflow exploitation • Understanding Return Oriented Programming • Learning how to write Linux shellcode from scratch, including cases such as Egghunting, encoding, etc. Exploit Development : Customized EXPLOIT DEVELOPMENT
www.infosectrain.com | sales@infosectrain.com 22 • Understanding Standard and regulatory framework • Fundamental principles of information security • Information Security Management System (ISMS) • Understanding Audit Principals • Understanding Onsite Audit Activities • Closing an Audit ISO 27001 Fundamental /PCI-DSS
sales@infosectrain.com | www.infosectrain.com

Recommended

Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Comptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident responseComptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident response
ShivamSharma909
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cybersecurity Hands-On Training
Cybersecurity Hands-On TrainingCybersecurity Hands-On Training
Cybersecurity Hands-On Training
Tonex
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
Mohammed Adam
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 

Recommended

Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Comptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident responseComptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident response
ShivamSharma909
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cybersecurity Hands-On Training
Cybersecurity Hands-On TrainingCybersecurity Hands-On Training
Cybersecurity Hands-On Training
Tonex
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
Mohammed Adam
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
Jisc
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue Team
EC-Council
 
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
Andris Soroka
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Edureka!
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and CertificationTonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Bryan Len
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
WAJAHAT IQBAL
 
Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0
grp362
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)
Rogerio Ferraz
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
OurCrowd
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
A. Shamel
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
Marneil Sanchez
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Tonex
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
backdoor
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
ShivamSharma909
 

More Related Content

What's hot

An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
Jisc
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue Team
EC-Council
 
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
Andris Soroka
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Edureka!
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and CertificationTonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Bryan Len
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
WAJAHAT IQBAL
 
Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0
grp362
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)
Rogerio Ferraz
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
OurCrowd
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
A. Shamel
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
Marneil Sanchez
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Tonex
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
backdoor
 

What's hot (20)

An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue Team
 
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and CertificationTonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0Isa Chapters Cyber is Hard presentation v1.0
Isa Chapters Cyber is Hard presentation v1.0
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
 
Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)
 
Topic11
Topic11Topic11
Topic11
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
 

Similar to Offensive cyber security engineer

Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
ShivamSharma909
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
Priyanka Aash
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
New Horizons Computer Learning Centers / 5PE
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
Using Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security ProblemsUsing Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security Problems
kiansahafi
 
Mobile application security and threat modeling
Mobile application security and threat modelingMobile application security and threat modeling
Mobile application security and threat modeling
Shantanu Mitra
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
EduclentMegasoftel
 
How to measure your security response readiness?
How to measure your security response readiness?How to measure your security response readiness?
How to measure your security response readiness?
Tomasz Jakubowski
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
Flaskdata.io
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web Applications
Alert Logic
 
Solving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric IndustrySolving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric Industry
Dragos, Inc.
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
Alert Logic
 
ThreatModeling.ppt
ThreatModeling.pptThreatModeling.ppt
ThreatModeling.ppt
tashon2
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
Alert Logic
 

Similar to Offensive cyber security engineer (20)

Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Using Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security ProblemsUsing Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security Problems
 
Mobile application security and threat modeling
Mobile application security and threat modelingMobile application security and threat modeling
Mobile application security and threat modeling
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
How to measure your security response readiness?
How to measure your security response readiness?How to measure your security response readiness?
How to measure your security response readiness?
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web Applications
 
Solving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric IndustrySolving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric Industry
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
ThreatModeling.ppt
ThreatModeling.pptThreatModeling.ppt
ThreatModeling.ppt
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
 

More from ShivamSharma909

Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdf
ShivamSharma909
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
ShivamSharma909
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
ShivamSharma909
 
Top 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfTop 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdf
ShivamSharma909
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
ShivamSharma909
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
ShivamSharma909
 
Why cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitWhy cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fit
ShivamSharma909
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
ShivamSharma909
 
Top 20 azure interview questions
Top 20 azure interview questionsTop 20 azure interview questions
Top 20 azure interview questions
ShivamSharma909
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
ShivamSharma909
 
EC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystEC-Council Certified SOC Analyst
EC-Council Certified SOC Analyst
ShivamSharma909
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
ShivamSharma909
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
ShivamSharma909
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
ShivamSharma909
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
ShivamSharma909
 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
ShivamSharma909
 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
ShivamSharma909
 
Domain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingDomain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical Hacking
ShivamSharma909
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
ShivamSharma909
 

More from ShivamSharma909 (20)

Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
 
CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdf
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
 
Top 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfTop 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdf
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
 
Why cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitWhy cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fit
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
 
Top 20 azure interview questions
Top 20 azure interview questionsTop 20 azure interview questions
Top 20 azure interview questions
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
 
EC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystEC-Council Certified SOC Analyst
EC-Council Certified SOC Analyst
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
 
Domain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingDomain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical Hacking
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
 

Recently uploaded

RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem studentsRHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
Himanshu Rai
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Diana Rendina
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
adhitya5119
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
Celine George
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
Celine George
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
Celine George
 
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
Nguyen Thanh Tu Collection
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
Celine George
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
NgcHiNguyn25
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Denish Jangid
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
 
A Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdfA Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdf
Jean Carlos Nunes Paixão
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
iammrhaywood
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Fajar Baskoro
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
Colégio Santa Teresinha
 

Recently uploaded (20)

RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem studentsRHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
 
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 9 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2024-2025 - ...
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
 
A Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdfA Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdf
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
 

Offensive cyber security engineer

  • 1. www.infosectrain.com | sales@infosectrain.com OFFENSIVE CYBER SECURITY ENGINEER TRAINING PROGRAM 120 hrs of instructor-led Live Online training Exam voucher included for EC-Council CEH Make you ready for face-off Extra Doubt clearing sessions Hands on lab
  • 2. www.infosectrain.com | sales@infosectrain.com 01 Offensive Cyber Security Expert MITRE ATT&CK ISO 27001 Fundamental/PCI-DSS Job Interview Preparation You start here Advanced Penetration Testing Exploit Development Basics (Python Shell Script) Review entire job skill set Certified Ethical Hacker (CEH) Learning Path
  • 3. www.infosectrain.com | sales@infosectrain.com 02 Tools covered Offensive Cyber Security Engineer SUBLIST3r XSS-LOADER sqlmap
  • 4. www.infosectrain.com | sales@infosectrain.com 03 What are the career benefits of this training program? In order to land into a good job as an Offensive Security Engineer analyst must have a 360-degree view of the cybersecurity domains that comprise a wide vari- ety of components and technology. We have bundled all the Skill Sets into this Offensive Cyber Security Engineer’s program. What skills will you learn? At the end of this Master Certificate in Cyber Security Program, you will be equipped with the following skillsets: Pre-Requisite • Offensive Security Engineering course • Prior knowledge of Basic Networking Protocols, OS fundamental, Linux basics is recommended. Master advanced hacking concepts to manage information security efficiently. Writing your own custom codes. Understanding the windows and Linux environment more closely. Understand the corporate infrastructure at a different level Design security architecture and framework for a secure IT operation.
  • 5. www.infosectrain.com | sales@infosectrain.com 04 Security Fundamentals : Eccouncil CEH / CEH (Practical) This course would be covering the essentials of security, touching base on se- curity terminologies, various attack methodologies and techniques used by offenders/hackers in the real world. Advancing forward, it also covers in-depth, various aspects of the cybersecurity field. The course also provides hands-on experience on various industrial tools used for these purposes. Module 01: Introduction to Ethical Hacking Module 02: Footprinting and Reconnaissance Module 03: Scanning Networks Module 04: Enumeration Module 05: Vulnerability Analysis Module 06: System Hacking Module 07: Malware Threats Module 08: Sniffing Module 09: Social Engineering Module 10: Denial-of-Service Module 11: Session Hijacking Module 12: Evading IDS, Firewalls, and Honeypots Module 13: Hacking Web Servers Module 14: Hacking Web Applications Module 15: SQL Injection Module 16: Hacking Wireless Networks Module 17: Hacking Mobile Platforms Module 18: IoT Hacking Module 19: Cloud Computing Module 20: Cryptography CEH YEAR 2020
  • 6. www.infosectrain.com | sales@infosectrain.com 05 Advanced Pentest : InfosecTrain APT This is an advanced level course designed by experts for InfosecTrain. The course imparts a very high level of understanding of various components of infrastruc- ture, including OS, IDS/IPS, firewalls, etc., determining vulnerabilities in these systems and using them to break into a secured system without being dis- covered. The course also focuses on providing an understanding and usage of a variety of tools. • Understanding the target audience • Rules of engagement • Communication escalation path • Resources and requirements Domain 1: Planning and Scoping 1.1 Explain the importance of planning for an engagement. - Confidentiality of findings - Known vs. unknown • Budget • Impact analysis and remediation timelines • Disclaimers • Technical constraints • Support resources - Point-in-time assessment - Comprehensiveness - WSDL/WADL - SOAP project file - XSD - Sample application requests A PT Advanced Penetration Testing
  • 7. www.infosectrain.com | sales@infosectrain.com 06 - SOW - MSA - NDA - SDK documentation - Swagger document - Architectural diagrams • Contracts - Obtain signature from proper signing authority - Third-party provider authorization when necessary • Written authorization Advanced pentest: InfosecTrain APT Domain 1: Planning and Scoping - Export restrictions - Local and national government restrictions - Corporate policies • Environmental differences 1.2 Explain key legal concepts. 1.3 Explain the importance of scoping an engagement properly. - Red team • Types of assessment - Goals-based/objectives-based - Compliance-based - Supply chain • Special scoping considerations - Premerger • Threat actors - Adversary tier - APT - Script kiddies - Hacktivist - Insider threat - Capabilities - Intent - Threat models - Supply chain • Target selection - Targets - Internal - On-site vs. off-site - External - First-party vs. third-party hosted - Physical - Users - SSIDs - Applications - Considerations - White-listed vs. black-listed - Security exceptions
  • 8. www.infosectrain.com | sales@infosectrain.com 07 1.4 Explain the key aspects of compliance-based assessments. • Risk acceptance • Tolerance to impact • Scheduling • Scope creep • Strategy - Black box vs. white box vs. gray box - IPS/WAF whitelist - NAC - Certificate pinning - Company’s policies • Compliance-based assessments, limitations, and caveats - Rules to complete assessment - Password policies - Data isolation - Key management - Limitations - Limited network access - Limited storage access • Clearly defined objectives based on regulations Advanced pentest: InfosecTrain APT Domain 1: Planning and Scoping
  • 9. www.infosectrain.com | sales@infosectrain.com 08 • Scanning • Enumeration - Hosts - Networks - Domains - Users - Groups - Network shares • Eavesdropping - RF communication monitoring • Packet crafting • Packet inspection • Fingerprinting • Cryptography - Certificate inspection - Web pages - Applications - Services - Tokens - Social networking sites Domain 2: Information Gathering and Vulnerability Identification 2.1 Given a scenario, conduct information gathering using appropriate techniques. 2.2 Given a scenario, perform a vulnerability scan. - Sources of research - CERT - NIST - JPCERT - CAPEC - Full disclosure - CVE - CWE • Decompilation • Debugging • Open Source Intelligence Gathering - Sniffing - Wired - Wireless • Credentialed vs. non-credentialed • Types of scans - Discovery scan - Full scan - Stealth scan - Compliance scan • Container security • Application scan - Dynamic vs. static analysis Advanced pentest: InfosecTrain APT Domain 2: Information gathering and vulnerability identification
  • 10. www.infosectrain.com | sales@infosectrain.com 09 • Considerations of vulnerability scanning - Time to run scans - Protocols used - Network topology - Bandwidth limitations - Query throttling - Fragile systems/non-traditional assets • Asset categorization • Adjudication • Prioritization of vulnerabilities • Common themes 2.3 Given a scenario, analyze vulnerability scan results. - False positives - Vulnerabilities - Observations - Lack of best practices • Map vulnerabilities to potential exploits • Prioritize activities in preparation for penetration test • Describe common techniques to complete attack 2.4 Explain the process of leveraging information to prepare for exploitation. - Cross-compiling code - Exploit modification - Exploit chaining - Proof-of-concept development (exploit development) - Social engineering - Credential brute forcing - Dictionary attacks - Rainbow tables - Deception • ICS • SCADA • Mobile • IoT • Embedded • Point-of-sale system • Biometrics • Application containers • RTOS 2.5 Explain weaknesses related to specialized systems. Advanced pentest: InfosecTrain APT Domain 2: Information gathering and vulnerability identification
  • 11. www.infosectrain.com | sales@infosectrain.com 10 • Phishing - Spear phishing - SMS phishing - Voice phishing - Whaling Domain 3: Attacks and Exploits 3.1 Compare and contrast social engineering attacks. • Elicitation • Interrogation • Impersonation • Shoulder surfing • USB key drop • Motivation techniques - Business email compromise • Name resolution exploits • SMB exploits • SNMP exploits • SMTP exploits • FTP exploits • DNS cache poisoning • Pass the hash • Man-in-the-middle • DoS/stress test • NAC bypass • VLAN hopping - NETBIOS name service - ARP spoofing - Replay - Relay - SSL stripping - Downgrade - LLMNR 3.2 Given a scenario, exploit network-based vulnerabilities. - Authority - Scarcity - Social proof - Urgency - Likeness - Fear Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
  • 12. www.infosectrain.com | sales@infosectrain.com 11 • Cross-site request forgery (CSRF/XSRF) • Clickjacking • Security misconfiguration • File inclusion - Local - Remote • Unsecure code practices - Comments in source code - Lack of error handling - Overly verbose error handling - Hard-coded credentials - Race conditions - Unauthorized use of functions/unprotected APIs - Hidden elements - Sensitive information in the DOM - Lack of code signing - Directory traversal - Cookie manipulation • OS vulnerabilities - Windows - Mac OS - Linux - Android - iOS 3.5 Given a scenario, exploit local host vulnerabilities. • Authorization - Parameter pollution - Insecure direct object reference • Cross-site scripting (XSS) - Stored/persistent - Reflected - DOM 3.3 Given a scenario, exploit wireless and RF-based vulnerabilities. • Injections - SQL - HTML - Command - Code • Authentication - Credential brute forcing - Session hijacking - Redirect - Default credentials - Weak credentials - Kerberos exploits Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
  • 13. www.infosectrain.com | sales@infosectrain.com 12 • Default account settings • Sandbox escape - Shell upgrade - VM - Container • Physical device security - Cold boot attack - JTAG debug - Serial console - Windows-specific - Cpassword - Clear text credentials in LDAP - Kerberoasting - Credentials in LSASS - Unattended installation - Unquoted service paths - Writable services - Unsecure file/folder permissions - Keylogger - Scheduled tasks - Kernel exploits • Piggybacking/tailgating • Fence jumping • Dumpster diving • Lock picking • Lock bypass • Egress sensor • Badge cloning 3.6 Summarize physical security attacks related to facilities. • Lateral movement - RPC/DCOM - PsExec - WMI - Scheduled tasks - PS remoting/WinRM - SMB • Persistence - Scheduled jobs - Scheduled tasks - Daemons - Back doors - Trojan - New user creation 3.7 Given a scenario, perform post-exploitation techniques. • Unsecure service and protocol configurations • Privilege escalation - Linux-specific - SUID/SGID programs - Unsecure SUDO - Ret2libc - Sticky bits - SAM database - DLL hijacking - Exploitable services Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
  • 14. www.infosectrain.com | sales@infosectrain.com 13 - RDP - Apple Remote Desktop - VNC - X-server forwarding - Telnet - SSH - RSH/Rlogin • Covering your tracks Advanced pentest: InfosecTrain APT Domain 3: Attacks and Exploits
  • 15. www.infosectrain.com | sales@infosectrain.com 14 • SYN scan (-sS) vs. full connect scan (-sT) • Port selection (-p) • Service identification (-sV) • OS fingerprinting (-O) • Disabling ping (-Pn) • Target input file (-iL) • Timing (-T) • Output parameters 4.1 Given a scenario, use Nmap to conduct information gathering exercises. • Use cases - Reconnaissance - Enumeration -oA -oN -oG -oX 4.2 Compare and contrast various use cases of tools. (**The intent of this objective is NOT to test specific vendor feature sets.) Domain 4: Penetration Testing Tools - Vulnerability scanning - Credential attacks - Offline password cracking - Brute-forcing services - Persistence - Configuration compliance - Evasion - Decompilation - Forensics - Debugging - Software assurance - Fuzzing - SAST - DAST - WinDBG - IDA - Software assurance - Findbugs/findsecbugs - Peach - Dynamo - AFL - SonarQube - YASCA - OSINT • Tools - Scanners - Nikto - OpenVAS - SQLmap - Nessus - Credential testing tools - Hashcat - Shodan - Maltego - Recon-NG - Censys - Wireless - Aircrack-NG - Kismet - WiFite Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
  • 16. www.infosectrain.com | sales@infosectrain.com 15 - Hping - Mobile tools - Androzer - APKX - APK studio - MISC - Searchsploit - Powersploit - Responder - Impacket - Empire - Metasploit framework - Medusa - Hydra - Cewl - John the Ripper - Cain and Abel - Mimikatz - Patator - Dirbuster - W3AF - Debuggers - OLLYDBG - Immunity debugger - GDB - Whois - Nslookup - Foca - Theharvester - Web proxies - OWASP ZAP - Burp Suite - Social engineering tools - SET - BeEF - Remote access tools - SSH - NCAT - NETCAT - Proxychains - Networking tools - Wireshark • Password cracking • Pass the hash • Setting up a bind shell • Getting a reverse shell • Proxying a connection • Uploading a web shell • Injections 4.3 Given a scenario, analyze tool output or data related to a penetration test. Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
  • 17. www.infosectrain.com | sales@infosectrain.com 16 • Logic • Common operations • Error handling • Arrays • Encoding/decoding • Substitutions • Variables 4.4 Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell). - Looping - Flow control - String operations - Comparisons • I/O - File vs. terminal vs. network Advanced pentest: InfosecTrain APT Domain 4: Penetration testing tools
  • 18. www.infosectrain.com | sales@infosectrain.com 17 • Course Introduction and Overview • Active Directory Overview • Physical, Logical Active Directory Components • Building Active Directory Lab 5.1 Active Directory Pentest • Introduction • LLMNR Poisoning Overview • Capturing NTLMv2 Hashes with Responder • Password Cracking with Hashcat • LLMNR Poisoning Defenses 5.2 Attacking Active Directory • Introduction • Pass the Hash / Password Overview • Cracking NTLM Hashes with Hashcat • Pass the Hash Attacks • Kerberoasting Overview • Kerberoasting Walkthrough • Kerberoasting Mitigation • Mimikatz Overview • Credential Dumping with Mimikatz 5.3 Post-Compromise Attacks Domain 5: Active Directory Pentest Advanced pentest: InfosecTrain APT Domain 5: Active directory pentest
  • 19. www.infosectrain.com | sales@infosectrain.com 18 6.1 Given a scenario, use report writing and handling best practices. • Normalization of data • Written report of findings and remediation Domain 6: Reporting and Communication • Post-engagement cleanup • Client acceptance • Lessons learned • Follow-up actions/retest • Attestation of findings 6.2 Explain post-report delivery activities. - Removing shells - Removing tester-created credentials - Removing tools • Solutions 6.3 Given a scenario, recommend mitigation strategies for discovered vulnerabilities. - People - Process - Technology • Findings - Shared local administrator credentials - Weak password complexity - Plain text passwords - No multifactor authentication - SQL injection - Unnecessary open services • Risk appetite • Storage time for report • Secure handling and disposition of reports - Executive summary - Methodology - Findings and remediation - Metrics and measures - Risk rating - Conclusion Advanced pentest: InfosecTrain APT Domain 6: Reporting and communication
  • 20. www.infosectrain.com | sales@infosectrain.com 19 • Remediation - Randomize credentials/LAPS - Minimum password requirements/password filters - Encrypt the passwords - Implement multifactor authentication - Sanitize user input/parameterize queries - System hardening • Communication path • Communication triggers 6.4 Explain the importance of communication during the penetration testing process. - Critical findings - Stages - Indicators of prior compromise • Reasons for communication • Goal reprioritization - Situational awareness - De-escalation - De-confliction Advanced pentest: InfosecTrain APT Domain 6: Reporting and communication
  • 21. www.infosectrain.com | sales@infosectrain.com 20 • Introduction to Mitre ATT&CK - MITRE ATT&CK – Cyber Attack Lifecycle - Intro to attack.mitre.org - Pyramid of pain • Playing with Mitre - MITRE’s ATT&CK Matrix - MITRE’s ATT&CK Navigator • Testing with Caldera - Getting Started with Caldera - Automating Adversary Emulation • Atomic Red Team Test for MITRE-ATT&CK - Starting with Atomic Red Team - Running Test based on Mitre Framework This penetration testing course is specific to Active Directory. It focuses on strengthening the AD fundamental concepts. The course further provides an understanding and hands-on of various attacks performed on active directories along with post-compromise enumeration, attack and exploitation techniques. MITRE ATT&CK Red Teaming
  • 22. www.infosectrain.com | sales@infosectrain.com 21 Linux Stack Smashing • Introduction to the basics of Linux stack overflow vulnerabilities and the require debugging toolset • Linux fundamentals • stack overflow exploitation • Linux exploit mitigations related to stack overflow exploitation • Understanding Return Oriented Programming • Learning how to write Linux shellcode from scratch, including cases such as Egghunting, encoding, etc. Exploit Development : Customized EXPLOIT DEVELOPMENT
  • 23. www.infosectrain.com | sales@infosectrain.com 22 • Understanding Standard and regulatory framework • Fundamental principles of information security • Information Security Management System (ISMS) • Understanding Audit Principals • Understanding Onsite Audit Activities • Closing an Audit ISO 27001 Fundamental /PCI-DSS