Ethical Hacking/Complete RED TEAM OPERATIONS in Practical

Focused View

Ajay Ravichandran,Pooja Somu

14:44:29

44 View

1. Introduction(Red Team Operations)

1. Introduction to the course.mp4

13:45

2. Disclaimer.mp4

01:26

2. LOLBin for Red Teamers and Threat Hunters

1. What Is LOLBin .mp4

03:27

2. Abusing Rundll32.exe.mp4

05:10

3. Abusing Certutil.exe.mp4

08:12

4. Abusing BITSAdmin.exe.mp4

10:57

5. Abusing Conhost.exe.mp4

04:53

6. Abusing MSHTA.exe.mp4

07:07

7. Abusing Reg.exe.mp4

06:11

8. Abusing Wscript.exe.mp4

04:07

9. Abusing PowerShell.exe.mp4

05:40

10. Abusing WMIC.exe.mp4

06:43

11. Abusing Rclone and Vssadmin.mp4

08:38

12. Attack flow using LOLBin.mp4

04:47

3. Working with Windows Processes

1. Overview about Process and Threads.mp4

07:37

2. Overview about DLLs and APIs.mp4

16:09

3. Process Creation Step by Step.mp4

07:46

4. Process chain for Malwares.mp4

05:55

4. MITRE ATT&CK framework discussion

1. MITRE ATT&CK framework and its Origin.mp4

46:08

5. Open source intelligence (OSINT) for Red and Blue Teamers

1. Comprehensive exploration of OSINT for Red and Blue Teamers.mp4

40:13

6. Persistence techniques for Red and Blue Teamers

1. Persistence Registry Run Keys.mp4

11:01

2. Persistence Startup Folder.mp4

06:20

3. Persistence Windows Management Instrumentation (WMI).mp4

16:56

4. Persistence Scheduled tasks.mp4

10:55

5. Persistence - Services.mp4

13:36

7. Investigating defensive mechanisms and methods to evade antivirus and EDR

1. Exploring research on static, dynamic, and heuristic engines.mp4

29:03

2. Process Injection Dll Injection Process Hollowing attacks.mp4

21:45

3. DLL Hijacking.mp4

17:09

4. Refining the obfuscation technique through the method of renaming.mp4

04:05

5. Control flow Obfuscation.mp4

04:30

6. Hooking and Unhooking.mp4

11:24

7. Understanding AMSI Overview and Methods to Bypass.mp4

18:58

8. Red + Blue Team Operation - Initial Access Phase

1. Developing Shellcode for Process Injection Techniques..mp4

05:17

2. Process Injection Code Overview.mp4

05:57

3. Gaining Initial Access via Process Injection Techniques..mp4

08:30

4. Investigating Reverse Connection.mp4

03:04

5. Leveraging External Remote Services for Initial Access..mp4

08:15

6. Gaining Initial Access via Phishing Tactics..mp4

04:54

7. Leveraging Public-Facing Applications for Initial Access..mp4

13:15

8. Utilizing Supply Chain Attacks for Initial Access..mp4

02:45

9. Red + Blue Team Operation - Defence Evasion Phase

1. Disabling Windows Defender Protection..mp4

12:21

2. Configuring Exclusions in Windows Defender..mp4

07:34

3. Bypassing Windows Defender and EDR with an Anti-Rootkit Tool..mp4

08:29

4. Using DISM to Deactivate Windows Defender..mp4

02:42

10. Red + Blue Team Operation - Post Exploitation Phase

1. Exploration of Cobalt Strike and Reversing Encoded Compressed Obfuscated Script.mp4

20:34

2. Payload Delivery Utilizing bitsadmin.exe..mp4

04:15

3. Elimination of Indicators - Time Stomping Attack.mp4

09:10

4. Execution through Command and Scripting Interpreter.mp4

06:05

11. Red + Blue Team Operation - Persistence phase

1. Adding a Cobalt Strike Payload in the Run Key Registry..mp4

05:50

2. Placing the Payload in the Start-up Folder..mp4

04:29

3. Adopting a Threat Actors Perspective for Scheduled Task Placement.mp4

09:02

4. Create an account to maintain access.mp4

06:25

5. Manipulate user accounts to maintain access.mp4

06:30

6. Enable and Disable the account.mp4

06:26

12. Red + Blue Team Operation - Privilege Escalation

1. UAC Bypass and Elevate from Medium to High Integrity..mp4

14:18

2. Utilizing the LUA Registry Key for UAC Deactivation..mp4

05:28

3. UAC token Duplication Attack.mp4

12:13

4. Comprehensive Exploration of Windows Named Pipes..mp4

11:39

5. Named Pipe Impersonation Attack.mp4

06:53

6. Elevate Privilege through Service Control Manager.mp4

21:03

7. Exploiting vulnerabilities to elevate the Privilege.mp4

09:09

8. Unquoted Service Paths misconfiguration.mp4

16:18

9. Hunting password files in a target machine.mp4

07:40

13. Red + Blue Team Operation - Credential Access

1. What is LSASS.exe.mp4

05:46

2. Obtaining credentials via the WDigest protocol..mp4

10:48

3. Extracting data from lsass.exe process and retrieving confidential information.mp4

12:37

4. Diverse Approaches for Extracting Data from the lsass.exe Process.mp4

14:28

5. NTLM Password cracking.mp4

09:29

6. Stealing Browser login datas.mp4

06:45

7. Credential Access through SAM and SYSTEM Hives.mp4

09:18

14. Red + Blue Team Operation - Lateral Movement

1. RDP enable Via Registry.mp4

06:03

2. Modify System firewall to enable the RDP Connections.mp4

02:09

3.1 Impacket libraries.html

3.2 windows-admin-shares.html

3. Laterally Move Through Impacket.mp4

13:20

4. Investigation and IR plan for a lateral movement.mp4

04:03

15. Red + Blue Team Operation - Exfiltration

1. Exfiltrating Confidential Information.mp4

14:43

2. Exfiltration through third party Application.mp4

07:00

3. The Stealbit Exfiltration Tool.mp4

02:54

16. Red + Blue Team Operation - Impact

1. Deleting Shadow copies from the Machine.mp4

06:54

2. Modify Boot Status policies.mp4

04:27

3. Deleting Event Logs from the target Machine.mp4

03:05

4. Executing Ransomware Binary to the Target Machine.mp4

08:00

5. IR plan for a Ransomware Attack.mp4

09:52

17. Blue Team Operations - Investigation

1. Investigating 4624 and 4625 Events.mp4

14:43

2. Investigating 7045 and 7034 Events.mp4

05:00

3. Investigating Scheduled task creation Events.mp4

02:33

4. Investigating SMB and RDP Activity.mp4

02:44

5. Investigating SRUM Data.mp4

10:04

6. Investigating Browser History.mp4

04:18

18. History of Ransomwares

1. Akira Ransomware.mp4

15:41

2. Ryuk Ransomware.mp4

13:33

3. Lockbit Ransomware.mp4

12:48

19. Conclusion

1. Red + Blue Teamers - Course Conclusion.mp4

04:21

Description

Start from 0 & learn both topics Red team and Blue team. The only course you can learn about how TA hack organization

What You'll Learn?

90+ Red Team and Blue Team videos in practical
Start from 0 up to a high-Advanced level.
Learn how to abuse LOLBAS to defense evasion(Practical)
Learn about Windows processes(Practical)
Learn about MITRE ATT&CK framework and how to use OSINT for a real time attacks(Practical)
Learn how to create persistence in Windows(Practical)
Learn how to use various attack tools
Learn how to evade defense mechanism(Practical)
Learn complete attack pattern Initial Access to Impact(Practical)
Learn how to do a threat Analysis(Practical)
Learn about the history of ransomwares
Learn Red Teaming and Blue Teaming Activities
Learn how threat actors will hack organization computers

Who is this for?

Anyone who wants to know about Red Teaming/Blue Teaming Activities

Any who wants to enter into the emerging field of Threat Analyst/Red teamer/Cyber security Engineer

Students who has strong desire to learn and progress in cybersecurity

All security engineers/professionals wanting to learn advanced offensive tactics

What You Need to Know?

Strong desire to learn and progress in cybersecurity

No Linux, programming or cybersecurity/hacking knowledge required.

Optional: A PC, Mac, or Linux computer with up to 100 GB of free disk space to set up your FREE virtual lab

No experience needed. Learn from scratch.

More details

Description
Welcome to the "Red Team Operations-Initial Access to Ransomware Deployment".Â In this course, you will Start as a beginner with no previous knowledge, & by the end of the course, you will be at the beginner to Advanced level in Red Teaming activities. This course is full of practical sessions and you will see all the attacks in real-time
We have started our course with the basic section on LOLBAS and how threat actors will use LOLBAS for their attacks. This course is highly practical

The course is divided into a number of sections, each section covers Red and Blue team skills. By the end of the course, you will have a strong foundation in Red and Blue teaming activities. How TA will compromise the environment, Real-time Attacks How Threat actors deploy Ransomware in organizations
The course is divided into 18 sections
LOLBin for Red Teamers andÂ Threat Hunters
Working with Windows Processes
MITRE ATT&CK framework discussion
Open source intelligence (OSINT) for Red and Blue Teamers
Persistence techniques for Red and Blue Teamers
Investigating defensive mechanisms and methods to evade antivirus and EDR
Red + Blue Team Operation - Initial Access Phase
Red + Blue Team Operation - Defense Evasion Phase
Red + Blue Team Operation - Post Exploitation Phase
Red + Blue Team Operation - Persistence phase
Red + Blue Team Operation - Privilege Escalation
Red + Blue Team Operation - Credential Access
Red + Blue Team Operation - Lateral Movement
Red + Blue Team Operation - Exfiltration
Red + Blue Team Operation - Impact
Blue Team Operations - Investigation
History of Ransomwares
At the end of each section, you will learn how to detect, prevent, and secure systems and yourself from the discussed attacks.
With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 8 hours.

Notes:
This course is created for educational purposes only, all the attacks are launched in my own lab
Who this course is for:
Anyone who wants to know about Red Teaming/Blue Teaming Activities
Any who wants to enter into the emerging field of Threat Analyst/Red teamer/Cyber security Engineer
Students who has strong desire to learn and progress in cybersecurity
All security engineers/professionals wanting to learn advanced offensive tactics

User Reviews

Rating

average 0

Total votes0

Focused display

Currently working in the MDR Threat Analyst team, analyzing events. Threat hunts and trying to automate the problematic part using pythonPrior experience includes VMware Carbon Black, Microsoft Defender ATP (EDRs), and Qradar.Familiar with analyzing malware executables, maldocx, malicious PowerShell scripts, malicious Visual Basic scripts, malicious DLL's, curl and golang based malicious executables, and ransomware using peview, pstudio, procmon, dnspy, scdbg, oledump, wireshark, cutter, x64 and 32 dbg tools, and mobsfAlso doing some Python automation with the modules selenium, etc. I'm not a professional coder, but I'll keep pushing myself to learn and automate tedious and time-consuming tasks in a simple way.Also, I spend time every day learning about new threats and other cybersecurity platforms such as Nessus, Qualys, Red Team tools such as Cobalt Strike, and so on. My weekend plans include performing some pen testing in the Real web Application. Reporting bugs and performing malware analysisFurthermore, Doing some Windows forensics activities like investigating 'BAM, shellbags, userassist, Registry analysis, MFT, USN Journal, $J, Amcache, Shimcache, Memory Analysis etc. with different forensics toolsResearching and programming about EDR/AV evasion methods like API hooking, unhooking, event tracing API, module stomping, etc., to test how the EDRs are defending against APTs and how efficient EDR is in the security world.PROFESSIONAL IN CATCHING THE PEN TEST made by the customer while investigating the alerts. So Got a nick name as Pentest Catcher

Pooja Somu

Instructor's Courses

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.