Hacker Tools, Techniques, and Incident Handling (SEC504) Online Training

Focused View

Erik Choron

28:45:36

201 View

1. Incident Response

1. Incident Response .mp4

01:27

2. Incident Handling Process .mp4

07:55

3. Preparing for the Incident .mp4

05:29

4. Event Detection .mp4

06:35

5. Eradicate and Recover .mp4

06:06

6. Writing Everything Up .mp4

08:17

7. When is it a Legal Problem .mp4

05:57

8. Interfacing With Law Enforcement .mp4

05:30

2. Digital Investigations

1. Digital Investigations .mp4

02:44

2. Identify Digital Evidence .mp4

07:11

3. Understanding the Disc .mp4

07:47

4. Basics of Coding .mp4

07:49

5. Network Devices .mp4

07:18

6. Operating Systems .mp4

08:03

7. Reading Materials .mp4

04:44

3. Live Examination

1. Live Examination -2.mp4

01:17

2. Approaching the System .mp4

06:29

3. Working with FTK .mp4

10:01

4. Working with EnCase .mp4

04:23

5. Watching the System Talk .mp4

08:43

6. Cloning a System .mp4

11:00

7. Moving to the Next Step .mp4

04:44

4. Network Investigations

1. Network Investigations .mp4

01:44

2. Session Monitoring .mp4

08:57

3. Too Many Connections .mp4

10:16

4. Knowing the Boundaries .mp4

06:45

5. Packet Reading Basics .mp4

11:12

6. Network Analysis WITH SSLTLS .mp4

06:51

5. Memory Investigations

1. Memory Investigations .mp4

02:18

2. How RAM Operates .mp4

08:31

3. Volatile Memory .mp4

09:35

4. Extracting the Memory .mp4

09:26

5. Volatility .mp4

10:06

6. Comparing to the System .mp4

05:09

memory investigations.zip

6. Malware Investigations

1. Malware Investigations .mp4

00:47

2. Know the Enemy .mp4

06:04

3. Malware Alert! .mp4

06:01

4. Finding the Malware .mp4

09:25

5. The Hunt Begins .mp4

07:56

6. Whats in the Payload .mp4

05:40

7. Find the Evidence on the Network .mp4

09:45

8. Report the Findings .mp4

02:28

7. Cloud Investigations

1. Cloud Investigations .mp4

02:18

2. Identifying the Different Clouds .mp4

07:04

3. Specializing Those Clouds .mp4

05:01

4. Where is the cloud .mp4

09:45

5. Where are we going .mp4

09:21

6. Understand the flow .mp4

07:48

7. Tool Usage .mp4

05:32

8. Federal Rules of Evidence

1. Federal Rules of Evidence .mp4

06:11

2. Daubert Standard .mp4

12:31

3. Rule 702 .mp4

06:00

4. Rule 701 .mp4

05:26

5. Rule 901 .mp4

06:14

6. Rule 902 .mp4

05:50

7. Tying it all together.mp4

04:29

9. MITRE ATTAndCK Framework Introduction

1. MITRE ATTAndCK Framework Introduction .mp4

01:03

2. Damage Assessment .mp4

08:40

3. Enter the Matrix .mp4

09:23

4. Organizational Assessment .mp4

10:43

5. Whose Fault is it .mp4

09:01

6. Moving to Contain .mp4

09:20

10. Open-Source Intelligence

1. Open-Source Intelligence.mp4

02:12

2. Open-Source Legality .mp4

05:37

3. Public Records .mp4

08:32

4. Publications and Other Print .mp4

09:47

5. Walking Around the Neighborhood .mp4

05:26

6. The Google .mp4

06:17

7. Time Traveling .mp4

05:08

8. Technical Recon .mp4

07:40

11. DNS Interrogation

1. DNS Interrogation .mp4

00:38

2. What is DNS .mp4

07:22

3. DNS records .mp4

05:41

4. Hijacking DNS .mp4

10:30

5. Crafting DNS Packets .mp4

06:04

6. Verify the DNS .mp4

07:00

7. Zone Transfers .mp4

04:33

8. DNS Defenses .mp4

06:00

12. Website Reconnaissance

1. Website Reconnaissance .mp4

03:17

2. Understand the Structure .mp4

09:34

3. HTML Basics .mp4

09:38

4. Behind the Scenes .mp4

07:45

5. Crawling Around .mp4

09:18

6. Network Signatures .mp4

05:39

13. Network and Host Scanning with Nmap

1. Network and Host Scanning with Nmap .mp4

05:14

2. Types of Scans .mp4

10:22

3. What the Scans Look Like .mp4

10:08

4. Dusting for Prints .mp4

11:00

5. Whats Under the Mask .mp4

08:38

14. Enumerating Shadow Cloud Targets

1. Enumerating Shadow Cloud Targets .mp4

03:56

2. Shadow Components .mp4

11:53

3. Scanning for Clouds .mp4

12:07

4. Finding the Key Master .mp4

10:38

5. Great Cloud Attacks in History .mp4

07:51

15. Server Message Block (SMB) Sessions

1. Server Message Block (SMB) Sessions .mp4

00:46

2. What is SMB .mp4

06:25

3. SMB Security Features .mp4

11:07

4. Using SMB .mp4

08:44

5. SMB Defense .mp4

06:53

6. Exploiting SMB .mp4

13:07

16. Defense Spotlight DeepBlueCLI

1. DeepBlueCLI .mp4

01:15

2. Installing DeepBlueCLI .mp4

06:24

3. Using DeepBlueCLI .mp4

08:41

4. Using DeepBlueCLI For Tidbits .mp4

10:22

5. The Alternatives .mp4

09:36

6. Breaking Some Events .mp4

09:33

dfns sptlght dpblecli.zip

17. Password Attacks

1. Password Attacks .mp4

02:54

2. What to Attack .mp4

10:03

3. When to Attack .mp4

07:01

4. Where to Attack .mp4

10:14

5. Why (How) to Attack .mp4

07:23

6. Crossing the Rainbow Bridge .mp4

11:21

7. Rainbow Addendum .mp4

05:01

18. Microsoft 365 Attacks

1. Microsoft 365 Attacks .mp4

03:19

2. Out with the old .mp4

11:28

3. Phishing is Still an Issue .mp4

06:41

4. If We Cant Play No One Can .mp4

09:40

5. Crossing the Different Sites .mp4

08:06

6. Pivoting and Traffic Analysis .mp4

08:59

19. Understanding Password Hashes

1. Understanding Password Hashes .mp4

00:58

2. What is Hashing .mp4

06:08

3. Which Hash to Pick .mp4

07:36

4. Hash Collisions .mp4

06:45

5. Is Hashing Enough .mp4

08:34

6. Building Some Known Hashes .mp4

08:43

7. Custom Hash Tables .mp4

09:02

20. Password Attack Examples

1. Password Attack Exercise .mp4

01:34

2. Hiren (boot disc) .mp4

10:30

3. Salting our Passwords .mp4

09:48

4. Hashcat .mp4

08:25

5. John the Ripper .mp4

10:23

6. Network Device Cracking .mp4

10:47

21. Cloud Spotlight - Insecure Storage

1. Cloud Spotlight Insecure Storage .mp4

02:13

2. The Harm in Sharing Too Much .mp4

06:05

3. Default Storage in Windows .mp4

12:52

4. File Sharing in Windows Server .mp4

09:43

5. POSIX-based File Permissions .mp4

08:06

6. Sharing on a Web Server in IIS .mp4

07:52

22. Multi-Purpose Netcat

1. Multi-purpose Netcat .mp4

02:51

2. What is Netcat .mp4

08:13

3. Making Someone Use Netcat .mp4

11:33

4. What Does Netcat Look Like on the Network .mp4

10:12

5. Command Access .mp4

09:48

6. Covering the Tracks .mp4

10:15

23. Metasploit Framework

1. Metasploit Framework .mp4

05:33

2. Metasploit on Kali .mp4

11:37

3. Systems Without Metasploit .mp4

11:27

4. How to Prep the Target .mp4

06:43

5. Other Metasploit Add-Ins .mp4

05:51

6. Options Outside of Metasploit .mp4

05:29

24. Drive-By Attacks

1. Drive-By Attacks .mp4

01:35

2. How a Drive-By Attack is Planned .mp4

11:40

3. Usual Suspects .mp4

09:17

4. Turning the Sandbox into a Honeypot .mp4

13:15

5. Analyze an Attack to Build Against it .mp4

07:34

6. Using Those Results to Help .mp4

04:51

drv by ttcks.zip

25. Defense Spotlight System Resource Usage Monitor

1. System Resource Usage Monitor .mp4

01:09

2. Windows Resource Monitor .mp4

14:50

3. Windows Process IDs .mp4

10:53

4. POSIX-Based Resource Monitors .mp4

06:29

5. POSIX-Based Process IDs .mp4

08:49

6. Sledding Season .mp4

09:31

7. Making a NOP Sled .mp4

04:38

dfns sg mntr.zip

26. Command Injection

1. Command Injection .mp4

01:07

2. The Good .mp4

08:30

3. The Bad .mp4

13:35

4. And The Ugly .mp4

11:18

5. Where to Command Inject .mp4

08:40

6. More Detailed Hunting .mp4

06:44

cmmnd njctn.zip

27. Cross-Site Scripting (XSS)

1. Cross-Site Scripting (XSS) .mp4

02:01

2. Common Weak Points .mp4

10:08

3. Directory Browsing .mp4

07:02

4. Using a Site as Our Own .mp4

09:57

5. Third-party Protection .mp4

11:24

6. XSS Review .mp4

05:56

28. Cloud Spotlight - SSRF and IMDS Attacks

1. Cloud Spotlight SSRF IMDS and SQL Injection Attacks .mp4

01:55

2. WebGoat .mp4

07:39

3. Server-Side Request Forgery (SSRF) .mp4

08:57

4. Cloud Instance Metadata Services Attack .mp4

08:46

5. SQL Injection .mp4

12:47

6. Famous for the Wrong Reasons .mp4

05:46

29. Endpoint Security Bypass

1. Endpoint Security Bypass .mp4

02:50

2. Bypassing Through Websites .mp4

11:26

3. Piggybacking Off Trusted Applications .mp4

08:53

4. Its a Phony! .mp4

06:41

5. Doing the Research .mp4

06:25

6. Damage the Security .mp4

11:14

7. Keep Updated .mp4

02:03

30. Pivoting and Lateral Movement

1. Pivoting and Lateral Movement .mp4

02:15

2. Whats the Point .mp4

08:42

3. Digging on the Initial System .mp4

10:46

4. Im Not Done With You Yet! .mp4

08:52

5. Persistence .mp4

11:10

6. Internal Threats .mp4

05:47

pvtng ltrl mvmnt.zip

31. Hijacking Attacks

1. Hijacking Attacks .mp4

01:26

2. Predictability .mp4

09:22

3. Hijacks on the Client Side .mp4

07:59

4. Man-in-the-Middle .mp4

06:34

5. Man-in-the-Browser .mp4

09:30

6. Sending a Care Package .mp4

09:28

7. Back to the Classics .mp4

04:18

32. Covering Tracks

1. Covering Tracks .mp4

02:39

2. Why Cover Your Tracks .mp4

05:26

3. Event Logs .mp4

12:14

4. Network Traffic .mp4

14:22

5. It Wasnt Me! .mp4

06:33

6. Destroy the Evidence .mp4

06:28

33. Establishing Persistence

1. Establishing Persistence .mp4

02:03

2. What is Establishing Persistence.mp4

10:05

3. Applying Open-Source Intelligence .mp4

08:09

4. Reconnaissance Information-Gathering .mp4

12:28

5. Post-Exploitation .mp4

05:05

6. Cloud Post-Exploitation .mp4

08:23

34. Data Collection

1. Data Collection .mp4

01:41

2. Importance .mp4

08:13

3. Choosing and Configuring Exploits .mp4

11:48

4. Delivering Those Exploits .mp4

09:16

5. Real Intelligence Threat Analytics .mp4

10:32

6. Where to go From Here .mp4

07:10

35. Attacking Windows Active Directory

1. Attacking Windows Active Directory .mp4

01:05

2. Knowing Active Directory .mp4

09:01

3. Target Discovery and Enumeration .mp4

09:26

4. Asset Compromise .mp4

10:53

5. Internal Attacker Compromise Attribution .mp4

07:22

6. Known Active Directory Attacks .mp4

04:33

7. Email Compromises .mp4

06:02

36. Password Spray Guessing and Credential Stuffing Attacks

1. Password Spray Guessing and Credential Stuffing Attacks .mp4

01:06

2. Password Spraying .mp4

10:00

3. Password Guessing .mp4

11:21

4. Credential Stuffing .mp4

08:38

5. Using the Same Thing Over and Over .mp4

09:18

6. Time for Reviewing .mp4

05:43

Description

This intermediate SEC504 training prepares learners to detect and respond to threats that your company will inevitably face in the digital realm, deploying a dynamic response according to the attack.

It's a cliche to claim that the best defense is a strong offense, but in the case of digital security it's a cliche that's as true as it's ever been. One of the most fundamental skills a security administrator can gain is an understanding of the tools that hostile actors use to penetrate networks and extract valuable information.

More details

This training on hacker tools, techniques and incident handling is about recognizing the strengths and limitations of tools that will be deployed against you and your network so that you can prevent them before they occur, stop them when they do, and understand what happened afterward.

After finishing the videos in this SEC504 training, you'll know how to detect and respond to threats that your company will inevitably face in the digital realm, deploying a dynamic response according to the attack.

For anyone who leads an IT team, this Cyber Security training can be used to onboard new security admins, curated into individual or team training plans, or as a Cyber Security reference resource.

SEC504: What You Need to Know

This SEC504 training has videos that cover cybersecurity tools, techniques, and topics including:

Minimizing loss to your company and organization after a digital attack
Building necessary protections to prevent and identify digital attacks
Applying dynamic approaches to incident response to slow, mitigate, prevent, or respond to attacks on the fly
Extracting useful information after an attack and generating useful reports

Who Should Take SEC504 Training?

This SEC504 training is considered associate-level Cyber Security training, which means it was designed for security admins. This incident response skills course is designed for security admins with three to five years of experience with cybersecurity tools and techniques.

New or aspiring security admins. Taking a course like this in hacker tools, techniques, and incident handling is a little bit like taking cooking classes from Gordon Ramsey before you've moved past Mac 'n Cheese in your cooking ability. You'll learn a ton, but a lot of what you'll learn is a way of thinking about cybersecurity that can eventually be applied to your career.

Experienced security admins. A security administrator with about five years of experience is the perfect audience for this course in hacker tools, techniques, and incident handling. At that point in your career, you're leaving behind the rote button-clicking and report-running of an early-career and approaching the dynamic, threat anticipation of a security engineer. Use this course to launch yourself into a more exciting and fulfilling cybersecurity career.

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Network Security

Erik Choron

Instructor's Courses

Online training allows for the flexibility to learn or better a skill within a timeline and remote environment — that doesn't take away from work or family.

Erik brings over 20 years of IT experience to his training. He holds nearly 20 IT certifications, the majority of which focus on cybersecurity. Prior to joining CBT Nuggets, he served as a First Sergeant in the U.S. Army. His interest in tech and eventually IT was spurred after receiving a 486 computer from his grandfather and learning Basic and Pascal. When Erik isn't creating training videos, he enjoys spending time with his family, going to professional wrestling events, and doing mechanical work.

Certifications: Certifications: Certified Ethical Hacker, GIAC Continuous Monitoring Certification (GMON), GIAC Systems and Network Auditor (GSNA), GIAC Critical Controls Certification (GCCC),GIAC Certified Intrusion Analyst (GCIA) - Gold, GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials (GSEC), Microsoft MCSA: Server 2012, CompTIA Security+, CompTIA Cloud+, CompTIA A+, PMI® Project Management Professional (PMP)

Areas of expertise: Digital forensics and cyber defense

CBT Nuggets

View courses CBT Nuggets

CBT Nuggets is renowned for providing innovative training that's informative, meaningful, and engaging. We provide a variety of training, primarily in IT, project management, and office productivity topics. Our comprehensive library contains thousands of training videos ranging from Cisco networking to Microsoft Word. Whether you want to pass a certification exam, increase your skills, or simply learn new things, we've got you covered! All of our training is delivered through high-quality online streaming video. Subscribers can train 24 hours a day, seven days a week, from the convenience of a computer or mobile device. CBT Nuggets trainers are the rock stars of training, renowned for their expertise, industry-wide credibility, and engaging personalities. They enable CBT Nuggets to deliver accurate, up-to-date training, using a laid-back whiteboard presentation style. There are no scripts, EVER. Our trainers love to teach, and it shows! CEO and founder Dan Charbonneau was a Microsoft trainer when he began recording CBT Nuggets' very first training videos back in the 1990s. He wanted to help provide large organizations, small teams and individuals with comprehensive and budget-conscious training, and he realized it couldn't be done in a classroom. From the CBT Nuggets World Headquarters in Eugene, Oregon, Dan and his team promise each video will be informative, comprehensive, accurate, and fun to watch.