Adversarial Attacks & Detections - SOLD OUT!
This session is SOLD OUT! Please consider our next date offering August 26 – 27, 2021.
Trainer: Ben Mauch
Skill Level: All
This course will focus on attacks used in the wild and how to create specific detections to identify early Indicators of Compromise (IoC). The students will set up an ELK (Elasticsearch, Log Stash, Kibana) instance and then run attacks on a lab system. The students will then create rules to detect the attack in ELK. The students will set up their ELK system for a final lab where a simulated attack will occur on their systems and they have to detect and defend against the attacks. This course will focus on the MITRE ATT&CK framework as well as several attacks which do not leverage a vulnerability. These attacks include weak credential harvest, lateral credential spray, SPN queries, and more. The students will have a better understanding of early IoCs and how to identify these threats within their environment; regardless of the initial attack vector.
This course qualifies for 14 hours of CPE credit hours.
- Introduction to Defense / ELK
- Introduction to Linux
- Drive-by Attacks (Initial Access)
- Weak Credential Brute-Force & Password Recovery
- Getting Your First Shell
- Getting Credentials with Mimikatz
- Get Domain Information
- Brute-Force Attacks
- Password Cracking
- Lateral Movement
- Getting Domain Admin
- Command Obfuscation
- Magic Unicorn / nps_payload
- Creating Paths of Least Resistance (PoLRBear Project)
- Final Lab
- Learn both offensive and defensive techniques
- Improve your understanding of detection capabilities
- Identify key Indicators of Compromise (IoCs)
- Learn the latest in attack techniques
Who Should Take This Course:
- Penetration Testers
- Threat Hunters
- Security Operations
- Anyone looking to strengthen their offensive and defensive knowledge
- A lab environment with Ubuntu image for attacking the simulated environment.
- Hands on experience performing attacks as well as detecting the attacks
- All presentation slides and a course handout with all of the commands.
- Internet Connection
- Web Browser to access Student Lab
- Web Camera
- Headphones and Mic