Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Cyber Threat Hunting Analyst - SOC Operations - Basic To Advance Level
1. Lab Setup
1. Download VMWare Workstation Pro (2:53)
1.1 VMWare Workstation Pro Trial
2. Install VMWare Workstation Pro (2:34)
3. Download Kali Linux VM (1:52)
4. Install Kali Linux VM (5:32)
5. Configure Kali Linux VM pimpmykali.sh (5:52)
6. Configure Kali Linux VM TMUX (7:32)
7. Configure Kali Linux VM Odds and Ends (7:09)
2. Malicious PCAP Acquisition
1. Active Countermeasures Malware of the Day (3:35)
2. Malware Traffic Analysis (2:04)
3. Tools and resources
1. Wireshark (2:52)
2. tshark (1:25)
3. tcpdump (1:12)
4. ngrep (2:26)
5. capinfos (3:30)
6. RITA Installing MongoDB (5:16)
7. RITA Building RITA from Source (4:20)
8. zeek (11:28)
9. Using zeek + Rita to find Evil! (9:49)
4. Threat Hunting Concepts
1. Understanding the New Adversary (5:16)
2. The Broken Threat Hunting Mindset (5:37)
3. The Modern Threat Hunting Mindset (9:51)
4. Beaconing Basics (4:31)
5. Beaconing DNS (5:59)
6. Beaconing CDN (5:17)
7. Beaconing Detection Timing (5:03)
8. Beaconing Detection Session Size Analysis (5:51)
5. The Methodical Guide to Effective Threat Hunting
1. Finding Beacons Long and Cumulative Connections (20:00)
2. Finding Beacons Business Need Analysis (Part 1) (9:37)
3. Finding Beacons Business Need Analysis (Part 2) (10:01)
4. Finding Beacons Business Need Analysis (Part 3) (10:14)
5. Finding Beacons Business Need Analysis (Part 4) (15:43)
6. Finding Beacons Unexpected app on Standard Port (11:23)
7. Finding Beacons Unexpected Protocol Behavior (2:28)
8. Finding Beacons Destination IP Reputation Check (2:36)
9. Finding Beacons Internal Endpoint Investigation (4:47)
6. Proofs Detecting False Negatives
1. Suricata Capabilities + Installation! (8:41)
2. Suricata vs RITA Zeus Malware (12:14)
3. Suricata vs RITA Powershell Empire (7:44)
7. The Ultimate Learning Environment Detection Lab
1. How to setup the Detection Lab in Windows (2:09)
10. Domain Controller Setup (6:42)
11. Windows Event Forwarder Setup (7:04)
12. Windows 10 Endpoint Setup (1:31)
2. What you will build! (6:40)
3. Installing Vagrant Desktop (1:40)
4. Installing the Vagrant VMWare Plugin (1:35)
5. Installing the Vagrant VMWare Utility (2:00)
6. Downloading the DetectionLab (2:29)
7. Prepping the DetectionLab (7:24)
8. Setting up the VMWare Network (2:50)
9. Logger Setup (4:34)
8. Threat Hunting Hands on Practice
1. Threat Hunting with Splunk + Zeek (28:00)
2. Threat Hunting with Splunk + Sysmon (14:03)
3. Threat Hunting with OS Query + Fleet (9:52)
4. Threat Hunting with Velociraptor (10:53)
5. Purple Team Scenario Mimikatz (11:33)
6. Purple Team Scenario Meterpreter + MSFVenom + Process Injection + Velociraptor! (17:53)
7. Adversary Emulation Atomic Red Team + MITRE ATT&CK (19:23)
8. Adversary Emulation Purple Sharp (5:33)
9. Adversary Emulation Sysmon Simulator (5:51)
10. Adversary Emulation Caldera (32:51)
11. Adversary Emulation Prelude Operator (10:28)
12. Enhanced Lab Realism Bad Blood + Microsoft ATA + Bloodhound! (29:10)
13. Splunk Boss of the SOC (BOTS) (4:24)
14. Bonus! Adversary Tooling The C2 Matrix! (5:53)
Teach online with
12. Windows 10 Endpoint Setup
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock