SEC699 Advanced Purple Team Tactics | C8195C11E8337995C536343B8DBE7DBA66432743

SEC699 Advanced Purple Team Tactics

Name	SEC699 - Advanced Purple Team Tactics	DOWNLOAD Copy Link
Total Size	6.9 GB
Total Files	786
Last Seen	2024-07-23 00:35
Hash	C8195C11E8337995C536343B8DBE7DBA66432743

/PDF 2021/
SEC699 - Book 1 (2021).pdf	16.6 MB
SEC699 - Book 2 (2021).pdf	11.8 MB
SEC699 - Book 3 (2021).pdf	17.3 MB
SEC699 - Book 4 (2021).pdf	15.1 MB
SEC699 - Book 5 (2021).pdf	8.5 MB
SEC699 - Book 6 (2021).pdf	4.9 MB
SEC699 - Workbook Sections 1-3 (2021).pdf	74.8 MB
SEC699 - Workbook Sections 4 & 5 (2021).pdf	80.9 MB
/USB 2021/
SEC699-disk1.vmdk	4.5 GB
SEC699.mf	0.2 KB
SEC699.ovf	8.5 KB
/.../1. Adversary Emulation for Breach Prevention Detection/1. Course objectives/
1. Adversary Emulation for Breach Prevention Detection.mp4	16.4 MB
2. Course Roadmap.mp4	26.3 MB
3. What Is SEC699.mp4	6.5 MB
4. Goal of the Course.mp4	7.9 MB
5. Courseware Structure.mp4	10.1 MB
/.../2. Building our lab environment/
1. Course Roadmap.mp4	425.8 KB
2. Building Our SEC699 Lab Environment Author Preparation.mp4	6.2 MB
3. Building Our SEC699 Lab Environment Student Work.mp4	7.4 MB
4. Building Our SEC699 Lab Environment managesh Script.mp4	4.7 MB
5. Building Our SEC699 Lab Environment Expected Steps.mp4	9.9 MB
6. Automated Lab Deployment Using Terraform.mp4	3.7 MB
7. Terraform State Files.mp4	3.1 MB
8. Introduction to Ansible.mp4	2.4 MB
9. Ansible Terminology.mp4	4.0 MB
10. Ansible Connectivity to Systems.mp4	2.6 MB
11. Ansible Inventory.mp4	2.9 MB
12. Ansible Playbooks.mp4	4.9 MB
13. Ansible Roles.mp4	2.1 MB
14. Ansible Vault.mp4	3.2 MB
/.../3. Introducing the lab architecture/
1. Course Roadmap 1.mp4	579.8 KB
2. The Overall Lab Architecture.mp4	11.2 MB
3. CommandoVM as the Main Lab Machine.mp4	4.4 MB
4. CommandoVM Updating Packages.mp4	1.6 MB
5. Key Users on the Target Systems.mp4	4.5 MB
6. Some Other Initiatives.mp4	2.5 MB
7. Course Roadmap 2.mp4	21.6 MB
8. Exercise Getting to Know the Lab Environment.mp4	35.0 MB
/.../4. Purple teaming organization/
1. Course Roadmap 1.mp4	3.5 MB
2. Defining Adversary Emulation.mp4	5.5 MB
3. Penetration Test vs Adversary Emulation.mp4	6.7 MB
4. Red Team vs Purple Team.mp4	6.7 MB
5. What is MITRE ATTCK 1.mp4	1.3 MB
6. What is MITRE ATTCK 2.mp4	2.1 MB
7. What Details are Available for a Technique 1.mp4	1.1 MB
8. What Details are Available for a Technique 2.mp4	605.7 KB
9. What Details are Available for a Subtechnique 1.mp4	1.1 MB
10. What Details are Available for a Subtechnique 2.mp4	816.1 KB
11. Leveraging MITRE ATTCK.mp4	10.8 MB
12. Some Common ATTCK Pitfalls.mp4	8.2 MB
13. What Techniques Should We Prioritize.mp4	7.9 MB
14. Building an Adversary Emulation Plan.mp4	5.2 MB
15. Adversary Emulation Plans.mp4	1.3 MB
16. Example of an Emulation Plan.mp4	2.0 MB
17. Details to Include in the Emulation Plan.mp4	2.8 MB
18. Executing a Purple Team Exercise.mp4	8.3 MB
19. Introducing VECTR Purple Team FollowUp 1.mp4	3.4 MB
20. Introducing VECTR Purple Team FollowUp 2.mp4	532.2 KB
21. Introducing VECTR Purple Team FollowUp 3.mp4	1.1 MB
22. Introducing VECTR Purple Team FollowUp 4.mp4	1.0 MB
23. Introducing VECTR Purple Team FollowUp 5.mp4	952.3 KB
24. Introducing VECTR Purple Team FollowUp 6.mp4	830.7 KB
25. Introducing VECTR Purple Team FollowUp 7.mp4	1.3 MB
26. Course Roadmap 2.mp4	2.5 MB
27. Exercise Introduction to VECTR .mp4	6.1 MB
/.../5. Building a stack for detection/
1. Course Roadmap.mp4	6.0 MB
2. Key Detection Components.mp4	2.0 MB
3. Introducing Elastic.mp4	3.0 MB
4. Elastic Common Schema ECS.mp4	4.7 MB
5. Alerting on Elastic Elastic SIEM.mp4	1.8 MB
6. Alerting on Elastic ElastAlert.mp4	2.7 MB
7. SIGMA 1.mp4	1.8 MB
8. SIGMA 2.mp4	228.1 KB
9. An Example SIGMA Rule.mp4	3.8 MB
10. SIGMA Field Mapping.mp4	6.2 MB
11. Converting SIGMA Rules.mp4	4.2 MB
12. Sources for SIGMA Rules Florian Roths Repository.mp4	1.8 MB
13. Sources for SIGMA Rules SOCPrime TDM.mp4	5.1 MB
14. TheHive.mp4	4.0 MB
15. TheHive Tasks.mp4	947.2 KB
16. Putting the Pieces Together.mp4	1.4 MB
17. Jupyter Notebooks.mp4	1.5 MB
18. Jupyter Notebooks for Threat Hunting.mp4	4.6 MB
19. An AllinOne Setup HELK.mp4	1.3 MB
20. Velociraptor EDR.mp4	1.7 MB
21. Velociraptor EDR Filesystem Access.mp4	560.9 KB
22. Velociraptor EDR Artifacts.mp4	863.9 KB
23. Velociraptor EDR Custom Artifacts 1.mp4	838.6 KB
24. Velociraptor EDR Custom Artifacts 2.mp4	726.5 KB
25. Velociraptor EDR Executing Commands.mp4	4.8 MB
/.../6. Assessing detection coverage/
1. Course Roadmap.mp4	2.5 MB
2. A Word on Detection Coverage.mp4	5.7 MB
3. Windows Event Log Configuration.mp4	3.3 MB
4. Introducing Sysmon.mp4	2.0 MB
5. Sysmon Event Types.mp4	6.4 MB
6. Sysmon Olaf Hartong Configuration.mp4	3.1 MB
7. Digging a Bit Deeper Introducing ETW.mp4	2.9 MB
8. Zooming in on ETW Providers.mp4	2.6 MB
9. Zooming in on ETW Providers Some Interesting Kernel Providers.mp4	2.4 MB
10. Zooming in on ETW Providers Querying a Provider.mp4	1.6 MB
11. Zooming in on ETW Providers Identifying Processes Linked to Providers.mp4	3.1 MB
12. Launching a Trace Session Builtin CMD 1.mp4	4.5 MB
13. Launching a Trace Session Builtin CMD 2.mp4	1.4 MB
14. Other Trace Tools Pywintrace.mp4	1.4 MB
15. Launching a Trace Session SilkETW.mp4	3.0 MB
16. Introducing DeTTECT.mp4	2.2 MB
17. Assessing Data Source Visibility Coverage Using DeTTECT.mp4	826.6 KB
18. Assessing Detection Coverage Using DeTTECT 1.mp4	1.1 MB
19. Assessing Detection Coverage Using DeTTECT 2.mp4	1.6 MB
20. Identifying Gaps and Prioritizing Through DeTTECT.mp4	1.8 MB
21. Putting it All Together Atomic Threat Coverage.mp4	9.7 MB
/.../7. Rulebased versus anomalybased detection/
1. Course Roadmap 1.mp4	2.3 MB
2. RuleBased Detection.mp4	1.9 MB
3. RuleBased Detection Good vs Bad Rules 1.mp4	8.1 MB
4. RuleBased Detection Good vs Bad Rules 2.mp4	6.4 MB
5. AnomalyBased Detection.mp4	3.8 MB
6. AnomalyBased Detection Missing Malicious Activity.mp4	1.5 MB
7. AnomalyBased Detection False Positives.mp4	811.9 KB
8. AnomalyBased Detection Data Aggregation.mp4	1.4 MB
9. AnomalyBased Detection PowerShellexe Analysis.mp4	609.5 KB
10. AnomalyBased Detection Introducing eeoutliers 1.mp4	2.6 MB
11. AnomalyBased Detection Introducing eeoutliers 2.mp4	1.1 MB
12. AnomalyBased Detection Introducing eeoutliers 3.mp4	2.6 MB
13. AnomalyBased Detection Introducing eeoutliers 4.mp4	616.1 KB
14. AnomalyBased Detection Introducing eeoutliers 5.mp4	1.0 MB
15. AnomalyBased Detection Introducing eeoutliers 6.mp4	1.7 MB
16. AnomalyBased Detection Introducing eeoutliers 7.mp4	259.1 KB
17. EEOutliers Result in Elasticsearch.mp4	2.2 MB
18. Course Roadmap 2.mp4	2.4 MB
19. Exercise Preparing our Elastic and SIGMA stack.mp4	563.2 KB
/.../8. Building a stack for adversary emulation/
1. Course Roadmap 1.mp4	762.1 KB
2. Our Emulation Stack.mp4	5.9 MB
3. Atomic Red Team.mp4	1.9 MB
4. Uber Metta.mp4	1.6 MB
5. Infection Monkey.mp4	1.0 MB
6. Infection Monkey Example 1.mp4	655.8 KB
7. Infection Monkey Example 2.mp4	599.0 KB
8. Infection Monkey Example 3.mp4	1.3 MB
9. Infection Monkey Example 4.mp4	1.7 MB
10. Infection Monkey Example 5.mp4	466.5 KB
11. Infection Monkey Example 6.mp4	572.4 KB
12. MITRE Caldera.mp4	2.7 MB
13. Metasploit.mp4	340.8 KB
14. Purple Team AttCK Automation.mp4	2.7 MB
15. Covenant.mp4	2.2 MB
16. Covenant Creating a Listener.mp4	412.8 KB
17. Covenant Creating a Launcher.mp4	836.9 KB
18. Covenant Grunts.mp4	577.6 KB
19. Covenant Tasks.mp4	1.0 MB
20. Covenant API.mp4	1.2 MB
21. Faction C2.mp4	580.6 KB
22. Faction C2 Payloads and Agents.mp4	949.7 KB
23. Sliver.mp4	2.2 MB
24. Sliver Mitigating the Pyramid of Pains Bottom.mp4	253.6 KB
25. Sliver Advanced Identification.mp4	522.7 KB
26. Sliver Catching the Blue Team.mp4	1.9 MB
27. Introducing Shad0w.mp4	3.2 MB
28. The Golden Age of C2 Introducing the C2 Matrix.mp4	2.3 MB
29. Course Roadmap 2.mp4	2.3 MB
30. Exercise Preparing Adversary Emulation Stack.mp4	882.5 KB
/.../9. Automated emulation using MITRE Caldera/
1. Course Roadmap 1.mp4	2.1 MB
2. What is MITRE Caldera.mp4	4.1 MB
3. MITRE Caldera Sandcat.mp4	761.2 KB
4. MITRE Caldera Chain.mp4	749.4 KB
5. MITRE Caldera Chain Interface Walkthrough Groups.mp4	1.3 MB
6. MITRE Caldera Chain Interface Walkthrough Facts.mp4	1.9 MB
7. MITRE Caldera Chain Interface Walkthrough Abilities.mp4	1.5 MB
8. MITRE Caldera Chain Interface Walkthrough Adversaries.mp4	1.1 MB
9. MITRE Caldera Chain Interface Walkthrough Operations.mp4	1.8 MB
10. MITRE Caldera Chain Interface Walkthrough Reports.mp4	603.6 KB
11. MITRE Calderas Abilities.mp4	1.7 MB
12. MITRE Calderas Adversaries 1.mp4	1.6 MB
13. MITRE Calderas Phases.mp4	243.9 KB
14. MITRE Calderas Adversaries 2.mp4	372.4 KB
15. MITRE Calderas Infected Hosts.mp4	1.2 MB
16. MITRE Calderas Groups 1.mp4	464.3 KB
17. MITRE Calderas Groups 2.mp4	464.1 KB
18. MITRE Calderas Operations 1.mp4	1.5 MB
19. MITRE Calderas Operations 2.mp4	524.7 KB
20. MITRE Calderas Operations 3.mp4	425.5 KB
21. MITRE Calderas Variables.mp4	1.2 MB
22. Course Roadmap 2.mp4	2.8 MB
23. Exercise Caldera.mp4	501.1 KB
24. Course Resources and Contact Information.mp4	4.8 MB
/.../1. Techniques Covered in Section 2/
1. Initial Intrusion Strategies Emulation Detection.mp4	2.5 MB
2. Techniques Well Cover Today 1.mp4	4.6 MB
3. Techniques Well Cover Today 2.mp4	4.8 MB
4. Techniques Well Cover Today 3.mp4	3.8 MB
/.../2. Traditional Attack Strategies Defenses/
1. Course Roadmap.mp4	346.8 KB
2. How Are Payloads Being Delivered.mp4	6.2 MB
3. Gaining an Initial Foothold Is Getting Harder.mp4	2.6 MB
4. Modern Endpoint Security Products.mp4	3.8 MB
5. ATTCK Evaluations.mp4	1.0 MB
6. Getting an Initial Foothold Current Strategies.mp4	4.8 MB
7. Modern Credential Phishing Attacks Oauth Attacks.mp4	4.4 MB
8. Modern Credential Phishing Attacks Oauth Attacks Examples.mp4	3.2 MB
9. Getting an Initial Foothold Key Detection Strategies.mp4	3.7 MB
10. Getting an Initial Foothold Example SIGMA Rules 1.mp4	2.5 MB
11. Getting an Initial Foothold Example SIGMA Rules 2.mp4	3.3 MB
/.../3. AntiMalware Scanning Interface AMSI/
1. Course Roadmap.mp4	2.8 MB
2. Introducing AMSI Anti Malware Scan Interface.mp4	2.3 MB
3. Practical example AMSI integration with VBA.mp4	2.9 MB
4. So How Does AMSIDLL Work in Detail.mp4	1.4 MB
5. What Do the Exported Functions Do.mp4	6.6 MB
6. AMSI Bypass Strategies Patching amsiscanbuffer.mp4	6.8 MB
7. AMSI Bypass Strategies RastaMouse AMSI Bypass.mp4	4.8 MB
8. AMSI Bypass Strategies RastaMouse AMSI Bypass in Action.mp4	2.6 MB
9. AMSI Bypass Strategies Patching AmsiContext.mp4	1.6 MB
10. AMSI Bypass Strategies Patching AmsiContext 1.mp4	3.4 MB
11. AMSI Bypass Strategies Patching AmsiContext 2.mp4	2.6 MB
12. AMSI Bypass Strategies Introducing AmsiFail.mp4	8.3 MB
/.../4. Office Macro Obfuscation Techniques/
1. Course Roadmap 1.mp4	372.9 KB
2. Macro Obfuscation Strategies VBA Purging vs Stomping.mp4	9.5 MB
3. A VBA Stomping Tool EvilClippy 1.mp4	1.6 MB
4. A VBA Stomping Tool EvilClippy 2.mp4	1.2 MB
5. Macro Obfuscation Strategies Excel 40 Macros.mp4	4.3 MB
6. Course Roadmap 2.mp4	2.3 MB
7. Exercise VBA Stomping Purging AMSI Bypasses.mp4	606.8 KB
/.../5. Application Execution Control/
1. Course Roadmap 1.mp4	2.5 MB
2. Application Execution Control.mp4	1.8 MB
3. Application Execution Control Bypass Techniques.mp4	2.9 MB
4. Get Current Applocker Configuration.mp4	1.4 MB
5. Bypass Strategy 1 Leverage AppLocker Default Rules 1.mp4	2.4 MB
6. Bypass Strategy 1 Leverage AppLocker Default Rules 2.mp4	2.4 MB
7. Bypass Strategy 2 Leverage Builtin Windows Commands.mp4	3.5 MB
8. Bypass Strategy 2 Leveraging InstallUtilexe 1.mp4	2.6 MB
9. Bypass Strategy 2 Leveraging InstallUtilexe 2.mp4	1.3 MB
10. Bypass Strategy 2 Leveraging InstallUtilexe 3.mp4	3.1 MB
11. Bypass Strategy 2 MicrosoftWorkflowCompilerexe 1.mp4	1.6 MB
12. Bypass Strategy 2 MicrosoftWorkflowCompilerexe 2.mp4	924.0 KB
13. Bypass Strategy 2 MicrosoftWorkflowCompilerexe 3.mp4	1.9 MB
14. Bypass Strategy 2 MicrosoftWorkflowCompilerexe 4.mp4	1.1 MB
15. Bypass Strategy 2 MicrosoftWorkflowCompilerexe 5.mp4	2.1 MB
16. Bypass Strategy 2 Leveraging Rundll32exe.mp4	766.1 KB
17. Bypass Strategy 2 Other Creative Ideas.mp4	1.8 MB
18. Applocker Bypass Example SIGMA Rules.mp4	5.1 MB
19. Course Roadmap 2.mp4	3.4 MB
20. Exercise Bypassing Application Execution Control.mp4	492.3 KB
/.../6. ExploitGuard Attack Surface Reduction Rules/
1. Course Roadmap 1.mp4	2.8 MB
2. Exploit Guard.mp4	3.7 MB
3. How Does Exploit Guard Work.mp4	3.1 MB
4. Disable Win32k System Calls.mp4	1.9 MB
5. Do Not Allow Child Processes.mp4	494.8 KB
6. Validate Image Dependency.mp4	802.7 KB
7. Code Integrity Guard Formerly Attack Surface Reduction.mp4	1.5 MB
8. Attack Surface Reduction Rules.mp4	6.5 MB
9. Attack Surface Reduction Rules Group Policies.mp4	2.0 MB
10. Attack Surface Reduction Rules Bypass.mp4	1.7 MB
11. Attack Surface Reduction Rules Example 1 1.mp4	1.3 MB
12. Attack Surface Reduction Rules Example 1 2.mp4	896.6 KB
13. Attack Surface Reduction Rules Example 1 3.mp4	1.9 MB
14. Attack Surface Reduction Rules Example 1 4.mp4	2.9 MB
15. Attack Surface Reduction Rules Example 1 5.mp4	2.4 MB
16. Attack Surface Reduction Rules Example 1 6.mp4	655.7 KB
17. Attack Surface Reduction Rules Example 1 7.mp4	1.2 MB
18. Attack Surface Reduction Rules Example 1 8.mp4	3.6 MB
19. Attack Surface Reduction Rules Example 1 9.mp4	618.3 KB
20. Attack Surface Reduction Rules Example 1 10.mp4	773.4 KB
21. Attack Surface Reduction Rules Example 1 11.mp4	2.5 MB
22. Attack Surface Reduction Rules Example 2 1.mp4	1.6 MB
23. Attack Surface Reduction Rules Example 2 2.mp4	1.3 MB
24. Attack Surface Reduction Rules Example 2 3.mp4	339.5 KB
25. Attack Surface Reduction Rules Example 3 1.mp4	2.2 MB
26. Attack Surface Reduction Rules Example 3 2.mp4	1.1 MB
27. Attack Surface Reduction Rules Example 4 1.mp4	1.6 MB
28. Attack Surface Reduction Rules Example 4 2.mp4	2.3 MB
29. Course Roadmap 2.mp4	3.5 MB
30. Exercise Bypassing Attack Surface Reduction.mp4	229.9 KB
/.../7. Zooming in on Windows Internals/
1. Course Roadmap.mp4	3.4 MB
2. Operating Systems Rings.mp4	2.0 MB
3. Key Process Terminology.mp4	1.6 MB
4. Introducing the WIN32 API.mp4	5.2 MB
5. Introducing the WIN32 API Example Abuse Case.mp4	1.5 MB
6. Introducing the WIN32 API VirtualAlloc.mp4	1.7 MB
7. Introducing the WIN32 API Writeprocessmemory CreateRemoteThread.mp4	1.9 MB
8. EDR Windows API Hooking.mp4	2.6 MB
9. Identifying Hooks.mp4	4.6 MB
/.../8. Bypassing Security Products Through Process Shenanigans/
1. Course Roadmap.mp4	308.4 KB
2. Tricking Modern Endpoint Security Products.mp4	3.7 MB
3. ParentChild Relationship Spoofing T1134004.mp4	2.8 MB
4. Spoofing CommandLine Arguments 1.mp4	2.4 MB
5. Spoofing CommandLine Arguments 2.mp4	658.8 KB
6. Spoofing CommandLine Arguments 3.mp4	5.7 MB
7. Parentchild and Commandline Spoofing in VBA.mp4	1.6 MB
8. Process Injection.mp4	6.5 MB
9. Reflective DLL Injection.mp4	4.6 MB
10. A Primer on NET.mp4	3.9 MB
11. An Example Cobalt Strikes ExecuteAssembly and spawnto.mp4	9.2 MB
12. Process Hollowing.mp4	2.5 MB
13. Process Hollowing Detection Memory Analysis.mp4	4.8 MB
14. Injection and NET Assemblies.mp4	4.7 MB
15. Flexible Injection.mp4	3.2 MB
16. Introducing Donut.mp4	4.3 MB
17. Injecting Shellcode with DonutTest Part 1.mp4	2.9 MB
18. Injecting Shellcode with DonutTest Part 2.mp4	3.1 MB
19. Donut Shellcode and PPID Spoofing Part 1.mp4	2.1 MB
20. Donut Shellcode and PPID Spoofing Part 2.mp4	2.7 MB
21. Process Hollowing with Donut Shellcode and TikiTorch 1.mp4	3.3 MB
22. Process Hollowing with Donut Shellcode and TikiTorch 2.mp4	3.9 MB
23. API Unhooking.mp4	3.5 MB
24. API Unhooking Hookception.mp4	1.9 MB
25. System Calls and Windows APIs.mp4	3.2 MB
26. Identifying the Right System Calls.mp4	2.0 MB
27. Direct System Calls Using Visual Studio Step 1.mp4	4.5 MB
28. Direct System Calls Using Visual Studio Step 2.mp4	992.1 KB
29. Another Approach Manual Mapping 1.mp4	1.5 MB
30. Another Approach Manual Mapping 2.mp4	2.8 MB
31. Another Approach Manual Mapping DInvoke.mp4	3.5 MB
32. Another Approach Manual Mapping Comparison.mp4	2.8 MB
33. Prevent AV EDR Injection.mp4	3.5 MB
34. Prevent AV EDR Injection Manipulating ProcThreadAttributes 1.mp4	1.6 MB
35. Prevent AV EDR Injection Manipulating ProcThreadAttributes 2.mp4	2.6 MB
36. Prevent AV EDR Injection Manipulating ProcThreadAttributes 3.mp4	1.8 MB
37. Prevent AV EDR Injection Manipulating ProcThreadAttributes 4.mp4	2.3 MB
38. Prevent AV EDR Injection Debugger Tricks 1.mp4	3.3 MB
39. Prevent AV EDR Injection Debugger Tricks 2.mp4	1.8 MB
/.../9. Hunting for These Shenanigans/
1. Course Roadmap 1.mp4	3.5 MB
2. Process Injection Detection.mp4	1.5 MB
3. A Concrete Example Reflective DLL Injection.mp4	2.7 MB
4. A Practical Example SYSMONX.mp4	1.9 MB
5. Sysmon vs Process Tampering.mp4	2.1 MB
6. Summarizing Prevention Detection.mp4	10.8 MB
7. Course Roadmap 2.mp4	5.3 MB
8. Exercise Bypassing Modern Security Products.mp4	215.7 KB
/.../2. Initial Intrusion Strategies Emulation Detection/10. Conclusions/
1. Course Roadmap.mp4	369.4 KB
2. Conclusions For This Section Prevention.mp4	2.5 MB
3. Conclusions For This Section Detection.mp4	3.8 MB
4. Course Resources and Contact Information.mp4	3.2 MB
/.../1. Techniques Covered in Section 3/
1. Lateral Movement Emulation Detection.mp4	2.4 MB
2. Techniques Well Cover Today 1.mp4	5.4 MB
3. Techniques Well Cover Today 2.mp4	5.0 MB
4. Privilege Escalation and Lateral Movement Objectives.mp4	6.1 MB
5. Local Administrator Perks Silencing Sysmon Unloading 1.mp4	5.1 MB
6. Local Administrator Perks Silencing Sysmon Unloading 2.mp4	2.3 MB
7. Local Administrator Perks Silencing Sysmon Unloading 3.mp4	3.1 MB
8. Local Administrator Perks Silencing Sysmon Unloading 4.mp4	2.7 MB
9. Local Administrator Perks Silencing Sysmon Hooking 1.mp4	1.7 MB
10. Local Administrator Perks Silencing Sysmon Hooking 2.mp4	1.3 MB
11. Local Administrator Perks Silencing Sysmon Hooking 3.mp4	1.3 MB
12. Local Administrator Perks Silencing Sysmon Hooking 4.mp4	2.5 MB
13. Local Administrator Perks Silencing Sysmon Hooking 5.mp4	2.2 MB
14. Local Administrator Perks Silencing Sysmon Hooking 6.mp4	1.9 MB
/.../3. Lateral Movement Emulation Detection/2. Bloodhound Enumeration/
1. Course Roadmap 1.mp4	405.4 KB
2. Introducing BloodHound.mp4	6.8 MB
3. How Does BloodHound Collect Data.mp4	6.4 MB
4. Collecting Data.mp4	2.2 MB
5. Can You Really Enumerate Sessions without Privileges.mp4	1.8 MB
6. BloodHound in Action Graph Interface.mp4	1.5 MB
7. BloodHound Basic Queries.mp4	3.3 MB
8. New Attack Primitives in BloodHound 30 and 40.mp4	7.0 MB
9. BloodHound Advanced Queries.mp4	7.0 MB
10. BloodHound Cypher Queries 1.mp4	3.5 MB
11. BloodHound Cypher Queries 2.mp4	2.6 MB
12. Practice with BadBlood.mp4	3.3 MB
13. BloodHound Prevention Hardening systems.mp4	2.3 MB
14. BloodHound Prevention Tiered Admin Model.mp4	2.9 MB
15. BloodHound Detection Example Sigma Rule.mp4	2.6 MB
16. Summarizing Prevention Detection.mp4	7.7 MB
17. A Creative Idea CanaryServer.mp4	1.0 MB
18. A Creative Idea Fooling the hound.mp4	2.3 MB
19. Course Roadmap 2.mp4	2.3 MB
20. Exercise Analyzing BloodHound Attack Chains.mp4	414.8 KB
/.../3. LSASS Credential Stealing Techniques/
1. Course Roadmap 1.mp4	3.0 MB
2. LSASS Credential Stealing Techniques.mp4	1.9 MB
3. What Is LSASS.mp4	2.0 MB
4. LSASS Windows Authentication Packages.mp4	1.3 MB
5. LSASS Windows Security Support Providers 1.mp4	3.0 MB
6. LSASS Windows Security Support Providers 2.mp4	644.5 KB
7. LSASS Windows Security Support Providers 3.mp4	3.9 MB
8. LSASS Dumping Tools.mp4	5.7 MB
9. LSASS Dumping MimiKatz.mp4	1.9 MB
10. LSASS Dumping MimiKatz LSASSrelated Modules.mp4	7.9 MB
11. LSASS Dumping MimiKatz Zoom in on lsadump.mp4	9.6 MB
12. LSASS Dumping MimiKatz Zoom in on sekurlsa.mp4	3.9 MB
13. LSASS Dumping MimiKatz Working Offline.mp4	6.2 MB
14. LSASS Dumping MimiKatz Zoom in on miscmemssp.mp4	1.6 MB
15. LSASS Dumping Task Manager.mp4	1.4 MB
16. LSASS Dumping ProcDump.mp4	2.9 MB
17. LSASS Dumping SharpDump.mp4	1.4 MB
18. LSASS Dumping Dumpert.mp4	1.2 MB
19. Preventing LSASS Dumping Protected Processes 1.mp4	2.0 MB
20. Preventing LSASS Dumping Protected Processes 2.mp4	2.3 MB
21. Preventing LSASS Dumping CredentialGuard.mp4	2.9 MB
22. LSASS Dumping Main Detection Strategies.mp4	3.9 MB
23. LSASS Dumping Detecting the Tools Example SIGMA Rules 1.mp4	1.6 MB
24. LSASS Dumping Detecting the Tools Example SIGMA Rules 2.mp4	2.3 MB
25. LSASS Dumping Detecting the Tools.mp4	3.1 MB
26. LSASS Dumping Detecting the Techniques Sysmon Event ID 7.mp4	3.3 MB
27. What Is This Imphash You Speak Of.mp4	6.7 MB
28. LSASS Dumping Detecting the Techniques Example SIGMA.mp4	2.6 MB
29. LSASS Dumping Detecting the Techniques Sysmon Event ID 8.mp4	2.0 MB
30. LSASS Dumping Detecting the Techniques Example SIGMA 1.mp4	1.9 MB
31. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 1.mp4	3.7 MB
32. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 2.mp4	887.2 KB
33. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 3.mp4	960.7 KB
34. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 4.mp4	961.0 KB
35. LSASS Dumping Detecting the Techniques Example SIGMA 2.mp4	1.2 MB
36. LSASS Dumping Detecting the Techniques Example SIGMA 3.mp4	3.5 MB
37. LSASS Dumping Process Access Masks.mp4	2.8 MB
38. LSASS Dumping Detecting the Techniques Process Access Rights 1.mp4	574.4 KB
39. LSASS Dumping Detecting the Techniques Process Access Rights 2.mp4	675.7 KB
40. LSASS Dumping Detecting the Techniques Process Access Rights 3.mp4	4.2 MB
41. LSASS Dumping Detection Mimikatz OpenProcess.mp4	2.1 MB
42. LSASS Dumping Mimikatz Process Access Masks.mp4	4.7 MB
43. LSASS Dumping Detecting the Techniques Process Access Rights.mp4	3.1 MB
44. LSASS Dumping Detecting the Techniques Mimikatz Driver.mp4	1.8 MB
45. LSASS Dumping Detecting the Techniques Example SIGMA 4.mp4	3.9 MB
46. Summarizing Prevention Detection.mp4	6.9 MB
47. Course Roadmap 2.mp4	2.6 MB
48. Exercise Stealing Credentials from LSASS.mp4	524.2 KB
/.../4. Stealing Credentials without Touching LSASS/
1. Course Roadmap 1.mp4	4.6 MB
2. Stealing Credentials without Touching LSASS.mp4	9.7 MB
3. Dumping NTDSDIT.mp4	3.4 MB
4. Extracting Hashes from NTDSDIT.mp4	2.4 MB
5. Extracting Hashes from NTDSDIT Error.mp4	1.3 MB
6. Extracting Hashes from NTDSDIT Example SIGMA.mp4	3.8 MB
7. Extracting Hashes Using DCSync.mp4	4.0 MB
8. Extracting Hashes Using DCSync Example.mp4	1.2 MB
9. Extracting Hashes Using DCSync Example SIGMA.mp4	2.7 MB
10. Introducing the Internal Monologue Attack.mp4	4.6 MB
11. How Does Internal Monologue Work 1.mp4	3.6 MB
12. How Does Internal Monologue Work 2.mp4	2.1 MB
13. Cracking NTLMv1.mp4	1.3 MB
14. How Does Internal Monologue Work LM Authentication Levels.mp4	2.6 MB
15. How Does Internal Monologue Work Two Other Settings.mp4	2.7 MB
16. Internal Monologue Example SIGMA.mp4	2.9 MB
17. Summarizing Prevention Detection.mp4	4.2 MB
18. Course Roadmap 2.mp4	234.2 KB
19. Exercise Internal Monologue in NTLMv1 Downgrades.mp4	450.6 KB
/.../5. Stealing NTLMv2 ChallengeResponse/
1. Course Roadmap 1.mp4	2.3 MB
2. Quick Recap NTLM Authentication.mp4	5.4 MB
3. Quick Recap Responder 1.mp4	4.0 MB
4. Quick Recap Responder 2.mp4	1.9 MB
5. Quick Recap Responder 3.mp4	7.3 MB
6. Capturing NTLM Challenge Responses Using Office.mp4	2.8 MB
7. Capturing NTLM Challenge Responses Using Office Step 1.mp4	630.1 KB
8. Capturing NTLM Challenge Responses Using Office Step 2.mp4	479.8 KB
9. Capturing NTLM Challenge Responses Using Office Step 3.mp4	435.3 KB
10. Capturing NTLM Challenge Responses Using Office Step 4.mp4	1.8 MB
11. Capturing NTLM Challenge Responses Using IPV6.mp4	2.5 MB
12. Abusing IPv6 Configuration with MiTM6.mp4	6.0 MB
13. IPv6 Ntlmrelayx and LDAPS 1.mp4	6.1 MB
14. IPv6 Ntlmrelayx and LDAPS 2.mp4	769.4 KB
15. IPv6 Ntlmrelayx and WPAD.mp4	5.5 MB
16. IPv6 Ntlmrelayx and WPAD after MS16077.mp4	3.0 MB
17. Mitigating IPv6 and WPAD Attacks.mp4	4.5 MB
18. Detecting LLMNR NBTNS Attacks.mp4	1.4 MB
19. Summarizing Prevention Detection.mp4	8.7 MB
20. Course Roadmap 2.mp4	2.2 MB
21. Exercise Creative NTLMv2 ChallengeResponse Stealing.mp4	935.8 KB
/.../3. Lateral Movement Emulation Detection/6. Kerberos Refresh/
1. Course Roadmap.mp4	1.2 MB
2. A Kerberos Refresh.mp4	9.0 MB
3. A Kerberos Refresh Encryption Types.mp4	9.5 MB
4. A Kerberos Refresh Encryption Keys.mp4	5.3 MB
5. A Kerberos Refresh Authentication Flow AQREQ.mp4	6.5 MB
6. A Kerberos Refresh Authentication Flow TGT.mp4	5.2 MB
7. A Kerberos Refresh Authentication Flow Service Ticket .mp4	5.5 MB
8. A Kerberos Refresh Authentication Flow PAC Validation.mp4	6.0 MB
9. WellKnown Kerberos Attacks 1.mp4	19.5 MB
10. WellKnown Kerberos Attacks 2.mp4	37.7 MB
11. Kerberos Tools Rubeus.mp4	1.3 MB
12. Classic Kerberos Attacks Example SIGMA.mp4	2.3 MB
13. Rubeus Example SIGMA.mp4	2.1 MB
/.../7. Unconstrained Delegation Attacks/
1. Course Roadmap 1.mp4	2.1 MB
2. Kerberos Delegation.mp4	4.5 MB
3. Unconstrained Delegation.mp4	3.8 MB
4. Service Ticket in Unconstrained Delegation.mp4	640.7 KB
5. Attacking Unconstrained Delegation.mp4	6.6 MB
6. Attacking Unconstrained Delegation Step 1.mp4	1.8 MB
7. Attacking Unconstrained Delegation Step 2.mp4	811.4 KB
8. Attacking Unconstrained Delegation Step 3 1.mp4	5.4 MB
9. Attacking Unconstrained Delegation Step 3 2.mp4	1.6 MB
10. Attacking Unconstrained Delegation Step 3 3.mp4	1.3 MB
11. Attacking Kerberos Unconstrained Delegation Step 4.mp4	951.2 KB
12. Attacking Kerberos Unconstrained Delegation Step 5 1.mp4	796.5 KB
13. Attacking Kerberos Unconstrained Delegation Step 5 2.mp4	1.2 MB
14. Krbrelayx An Unconstrained Delegation Attack Toolkit.mp4	3.1 MB
15. Course Roadmap 2.mp4	5.9 MB
16. Exercise Unconstrained Delegation Attacks.mp4	459.7 KB
/.../8. ResourceBased Constrained Delegation/
1. Course Roadmap 1.mp4	594.6 KB
2. Traditional Constrained Delegation.mp4	13.7 MB
3. Constrained Delegation S4U2PROXY.mp4	4.5 MB
4. Constrained Delegation S4U2Proxy Flow.mp4	2.2 MB
5. Constrained Delegation S4U2SELF S4U2PROXY.mp4	1.7 MB
6. Constrained Delegation S4U2SELF S4U2PROXY Abuse Flow.mp4	2.4 MB
7. Abusing Constrained Delegation S4U2PROXY S4U2SELF 1.mp4	5.4 MB
8. Abusing Constrained Delegation S4U2PROXY S4U2SELF 2.mp4	765.3 KB
9. Abusing Constrained Delegation S4U2PROXY S4U2SELF 3.mp4	889.6 KB
10. Abusing Constrained Delegation S4U2PROXY S4U2SELF 4.mp4	1.5 MB
11. Resourcebased Constrained Delegation.mp4	4.5 MB
12. ResourceBased Constrained Delegation Abuse Flow.mp4	2.5 MB
13. Abusing Resourcebased Constrained Delegation 1.mp4	1.7 MB
14. Abusing Resourcebased constrained Delegation 2.mp4	805.0 KB
15. Abusing Resourcebased constrained Delegation 3.mp4	2.0 MB
16. Abusing Resourcebased constrained Delegation 4.mp4	544.0 KB
17. Abusing Resourcebased constrained Delegation 5.mp4	993.2 KB
18. Abusing Resourcebased constrained Delegation 6.mp4	1.1 MB
19. Abusing Resourcebased constrained Delegation 7.mp4	1.3 MB
20. Abusing Resourcebased constrained Delegation 8.mp4	1.2 MB
21. Abusing Resourcebased constrained Delegation 9.mp4	1.9 MB
22. IPv6 Ntlmrelayx and Delegation.mp4	7.9 MB
23. Summarizing Prevention.mp4	7.8 MB
24. Summarizing Detection.mp4	4.0 MB
25. Course Roadmap 2.mp4	2.7 MB
26. Exercise ResourceBased Constrained Delegation Attacks.mp4	286.3 KB
/.../3. Lateral Movement Emulation Detection/9. Conclusions/
1. Course Roadmap.mp4	321.6 KB
2. Conclusions for this Section Detection 1.mp4	7.2 MB
3. Conclusions for this Section Detection 2.mp4	7.8 MB
4. Course Resources and Contact Information.mp4	2.8 MB
/.../1. Techniques Covered in Section 4/
1. Persistence Emulation Detection.mp4	2.6 MB
2. Techniques Well Cover Today 1.mp4	877.4 KB
3. Techniques Well Cover Today 2.mp4	3.0 MB
4. Techniques Well Cover Today 3.mp4	3.6 MB
/.../2. Breaking Domain Forest Trusts/
1. Course Roadmap 1.mp4	2.0 MB
2. A Domain Trust Refresh.mp4	6.5 MB
3. Trust Properties.mp4	6.1 MB
4. Types of Trust.mp4	8.4 MB
5. Example Trust Configuration.mp4	3.0 MB
6. The Concept of Trust Paths.mp4	1.6 MB
7. How Does Authentication Work Over a Trust NTLM.mp4	3.8 MB
8. How Does Authentication Work Over a Trust Kerberos 1.mp4	2.1 MB
9. How Does Authentication Work Over a Trust Kerberos 2.mp4	2.9 MB
10. How Does Authentication Work Over a Trust Kerberos 3.mp4	2.0 MB
11. Example of a Shortcut Trust Configuration.mp4	1.1 MB
12. Attacking Domains in the Same Forest.mp4	3.2 MB
13. Pivoting Domain Trusts.mp4	3.8 MB
14. Pivoting Domain Trusts Enter the Trustpocalypse.mp4	9.3 MB
15. Pivoting Forest Trusts.mp4	5.0 MB
16. Pivoting Forest Trusts ReEnter the Printer Bug.mp4	10.2 MB
17. Summarizing Prevention Detection.mp4	6.0 MB
18. Recognizing the Experts.mp4	2.0 MB
19. Course Roadmap 2.mp4	2.8 MB
20. Exercise Pivoting Between Domains Forests.mp4	581.6 KB
/.../3. COM Object Hijacking/
1. Course Roadmap 1.mp4	580.1 KB
2. COM Object Hijacking.mp4	7.8 MB
3. COM Object Hijacking Strategies Phantom COM Objects 1.mp4	1.9 MB
4. COM Object Hijacking Strategies Phantom COM Objects 2.mp4	751.5 KB
5. COM Object Hijacking Strategies COM Search Order Hijacking 1.mp4	3.1 MB
6. COM Object Hijacking Strategies COM Search Order Hijacking 2.mp4	1.3 MB
7. COM Object Hijacking Strategies COM Search Order Hijacking 3.mp4	1.2 MB
8. COM Object Hijacking Strategies COM Search Order Hijacking 4.mp4	1.8 MB
9. COM Object Hijacking Strategies COM Search Order Hijacking 5.mp4	978.0 KB
10. COM Object Hijacking Strategies COM Search Order Hijacking 6.mp4	908.7 KB
11. COM Object Hijacking Strategies COM Object Linking 1.mp4	1.0 MB
12. COM Object Hijacking Strategies COM Object Linking 2.mp4	583.0 KB
13. COM Object Hijacking Strategies COM Object Linking 3.mp4	239.5 KB
14. Summarizing Prevention Detection.mp4	10.6 MB
15. Course Roadmap 2.mp4	4.0 MB
16. Exercise COM Object Hijacking.mp4	322.5 KB
/.../4. Persistence Emulation Detection/4. WMI Persistence/
1. Course Roadmap 1.mp4	347.9 KB
2. WMI Persistence.mp4	3.3 MB
3. Components of a WMI Event Subscription.mp4	7.4 MB
4. Creating an Example WMI Event Subscription.mp4	4.4 MB
5. Creating an Example WMI Event Subscription MOF.mp4	3.0 MB
6. Detecting WMI Persistence Sysmon WMI Events.mp4	1.5 MB
7. Detecting WMI Persistence Sysmon Process Creation.mp4	2.7 MB
8. Detecting WMI Persistence AutoRuns.mp4	1.8 MB
9. Detecting WMI Persistence OSQuery.mp4	1.1 MB
10. Detecting WMI Persistence Example SIGMA Rules 1.mp4	1.7 MB
11. Detecting WMI Persistence Example SIGMA Rules 2.mp4	2.8 MB
12. Detecting WMI Persistence Example SIGMA Rules 3.mp4	3.7 MB
13. Summarizing Prevention Detection.mp4	7.3 MB
14. Course Roadmap 2.mp4	554.5 KB
15. Exercise WMI Persistence.mp4	271.4 KB
/.../5. AppCert AppInit Netsh Helper DLL/
1. Course Roadmap 1.mp4	2.7 MB
2. AppCertDLLs Persistence 1.mp4	1.6 MB
3. AppCertDLLs Persistence 2.mp4	886.7 KB
4. AppInitDLLs Persistence 1.mp4	2.3 MB
5. AppInitDLLs Persistence 2.mp4	2.0 MB
6. Authentication Packages and Security Support Providers.mp4	2.8 MB
7. Netsh Helper DLLs.mp4	2.4 MB
8. Demonstrating the Netsh Helper DLL PoC.mp4	1.8 MB
9. Detecting These Mechanisms.mp4	2.4 MB
10. Detecting Netsh Persistence Example SIGMA Rules.mp4	2.5 MB
11. Detecting AppCert Persistence Example SIGMA Rules.mp4	924.9 KB
12. Detecting AppInit Persistence Example SIGMA Rules.mp4	704.0 KB
13. Summarizing Prevention Detection.mp4	8.7 MB
14. Course Roadmap 2.mp4	2.1 MB
15. Exercise Implementing Netsh Helper DLL.mp4	428.3 KB
/.../6. Office Template Library Tricks/
1. Course Roadmap 1.mp4	2.3 MB
2. Office Persistence.mp4	1.3 MB
3. The Default Template in Microsoft Word.mp4	1.5 MB
4. Infecting the Default Template.mp4	1.5 MB
5. Creating a New Office Document.mp4	892.4 KB
6. Opening our Office Document.mp4	720.5 KB
7. Hardening the Trust Center Settings.mp4	726.9 KB
8. Microsoft Office AddIns Enumerate Trusted Locations.mp4	3.2 MB
9. Microsoft Office AddIns Preparing an AddIn.mp4	2.4 MB
10. Microsoft Office AddIns Installing the AddIn.mp4	961.7 KB
11. Microsoft Office AddIns Opening Excel.mp4	877.1 KB
12. Preventing AddIn Persistence.mp4	1.6 MB
13. Detecting AddIn Persistence.mp4	1.2 MB
14. Detecting AppCert Persistence Example SIGMA Rules.mp4	1.6 MB
15. Summarizing Prevention Detection.mp4	3.3 MB
16. Course Roadmap 2.mp4	2.2 MB
17. Exercise Office Persistence.mp4	457.7 KB
/.../4. Persistence Emulation Detection/7. Application Shimming/
1. Course Roadmap 1.mp4	534.9 KB
2. Application Shimming.mp4	7.0 MB
3. Step 1 Installing the Application Compatibility Toolkit.mp4	2.0 MB
4. Step 2 Creating an Application Fix 1.mp4	733.7 KB
5. Beyond injecting DLLs.mp4	3.0 MB
6. Step 2 Creating an Application Fix 2.mp4	2.9 MB
7. Step 3 Saving and Installing the SDB Database.mp4	1.6 MB
8. Step 4 Testing the Persistence Mechanism.mp4	802.4 KB
9. Detecting Application Shimming Example SIGMA RUle.mp4	1.9 MB
10. Detecting the Persistence Mechanism Programs and Features.mp4	1.6 MB
11. Detecting the Persistence Mechanism Registry.mp4	1.1 MB
12. Detecting the Persistence Mechanism OSQuery.mp4	653.1 KB
13. Avoiding Detection.mp4	2.0 MB
14. Summarizing Prevention Detection.mp4	3.8 MB
15. Course Roadmap 2.mp4	3.0 MB
16. Exercise Application Shimming.mp4	697.9 KB
/.../8. Stealth AD Persistence Manipulation/
1. Course Roadmap 1.mp4	2.7 MB
2. Account Manipulation ATTCK T1098.mp4	6.9 MB
3. But What are Security Descriptors.mp4	3.1 MB
4. Security Descriptor Ownership DACL.mp4	5.2 MB
5. Security Descriptor Access Control Entry ACE.mp4	582.7 KB
6. Security Descriptor Reviewing The ACE Access Mask 1.mp4	637.2 KB
7. Security Descriptor Reviewing The ACE Access Mask 2.mp4	1.7 MB
8. Security Descriptor Reviewing The ACE Access Mask 3.mp4	398.8 KB
9. Security Descriptor Reviewing The ACE Access Mask 4.mp4	477.9 KB
10. Security Descriptor Reviewing The ACE Access Mask 5.mp4	603.6 KB
11. Security Descriptor Reviewing The ACE Access Mask 6.mp4	853.8 KB
12. Security Descriptor Reviewing The ACE Access Mask 7.mp4	525.3 KB
13. Security Descriptor Reviewing The ACE Access Mask 8.mp4	423.7 KB
14. Security Descriptor Reviewing The ACE Access Mask 9.mp4	205.7 KB
15. Security Descriptor Reviewing The ACE Access Mask 10.mp4	596.9 KB
16. Security Descriptor Reviewing The ACE Access Mask 11.mp4	1.3 MB
17. Security Descriptor Reviewing The ACE Access Mask 12.mp4	230.1 KB
18. Security Descriptor Reviewing The ACE Access Mask 13.mp4	297.3 KB
19. Security Descriptor Reviewing The ACE Access Mask 14.mp4	206.8 KB
20. Security Descriptor Reviewing The ACE Access Mask 15.mp4	176.4 KB
21. Security Descriptor Reviewing The ACE Access Mask 16.mp4	216.0 KB
22. Security Descriptor Reviewing The ACE Access Mask 17.mp4	216.0 KB
23. Security Descriptor Reviewing The ACE Access Mask 18.mp4	550.4 KB
24. How are the ACEs Evaluated.mp4	1.1 MB
25. Security Descriptor WriteDacl and WriteOwner.mp4	676.2 KB
26. Security Descriptor Persistence STAGE 1 Recon 1.mp4	761.9 KB
27. Security Descriptor Persistence STAGE 1 Recon 2.mp4	1.4 MB
28. Security Descriptor Persistence STAGE 1 Recon 3.mp4	424.2 KB
29. Security Descriptor Persistence STAGE 1 Recon 4.mp4	796.7 KB
30. Security Descriptor Persistence STAGE 2 Choosing tactics 1.mp4	1.8 MB
31. Security Descriptor Persistence STAGE 2 Choosing tactics 2.mp4	2.0 MB
32. Security Descriptor Persistence STAGE 2 Choosing tactics 3.mp4	625.7 KB
33. Security Descriptor Persistence STAGE 2 Choosing tactics 4.mp4	930.4 KB
34. Security Descriptor Persistence STAGE 2 Choosing tactics 5.mp4	1.6 MB
35. Security Descriptor Persistence STAGE 2 Choosing tactics 6.mp4	836.2 KB
36. Security Descriptor Persistence STAGE 3 Being Obscure 1.mp4	2.4 MB
37. Security Descriptor Persistence STAGE 3 Being Obscure 2.mp4	1.2 MB
38. Security Descriptor Persistence STAGE 3 Being Obscure 3.mp4	981.7 KB
39. Security Descriptor Persistence STAGE 3 Being Obscure 4.mp4	992.4 KB
40. Security Descriptor Persistence STAGE 3 Being Obscure 5.mp4	1.2 MB
41. Summarizing Prevention Detection.mp4	6.6 MB
42. Course Roadmap 2.mp4	2.3 MB
43. Exercise Stealth AD Persistence.mp4	2.2 MB
/.../4. Persistence Emulation Detection/9. Conclusions/
1. Course Roadmap 1.mp4	239.2 KB
2. Conclusions for This Section Prevention.mp4	4.9 MB
3. Conclusions for This Section Detection 1.mp4	5.8 MB
4. Conclusions for This Section Detection 2.mp4	6.8 MB
5. Conclusions for This Section Detection Autoruns 1.mp4	3.7 MB
6. Conclusions for This Section Detection Autoruns 2.mp4	4.1 MB
7. Introducing Palantirs Autoruns to WinEventLog .mp4	4.8 MB
8. Conclusions for This Section Detection OSQuery.mp4	3.0 MB
9. Course Resources and Contact Information.mp4	3.6 MB
/.../1. Azure AD Structure and Management/
1. Azure AD Emulation Plans.mp4	1.8 MB
2. Course Roadmap 1.mp4	3.5 MB
3. Course Roadmap 2.mp4	328.7 KB
4. What Is Azure Active Directory .mp4	2.2 MB
5. Azure Active Directory QuickStart.mp4	452.3 KB
6. A Quick Word on Azure AD Licensing.mp4	1.8 MB
7. Azure AD vs Active Directory.mp4	5.3 MB
8. Azure AD Fundamentals Directory Structure .mp4	4.1 MB
9. Azure AD Fundamentals Management Interfaces.mp4	1.6 MB
10. Azure AD Fundamentals SelfService Password Reset.mp4	1.2 MB
11. Azure AD Fundamentals Smart Lockout.mp4	1.8 MB
12. Azure AD Fundamentals Password Protection.mp4	2.6 MB
13. Azure AD Fundamentals Administrative Roles.mp4	2.8 MB
14. Azure AD Attack Strategies Reconnaissance.mp4	3.4 MB
15. Azure AD Attack Strategies Password Spraying.mp4	2.6 MB
16. Azure AD Attack Strategies Password Spraying Tools.mp4	1.2 MB
17. Azure AD Attack Strategies Password Reuse Attacks.mp4	1.1 MB
/.../2. Azure AD Hybrid Authentication/
1. Course Roadmap.mp4	2.1 MB
2. Azure AD Identity Models.mp4	6.3 MB
3. Introducing Azure AD Connect.mp4	1.0 MB
4. Recommended Architecture for Azure AD Connect.mp4	3.7 MB
5. Configuring Azure AD Connect 1.mp4	599.7 KB
6. Configuring Azure AD Connect 2.mp4	728.5 KB
7. Azure AD Connect Authentication Methods.mp4	6.2 MB
8. Password Hash Synchronization PHS.mp4	1.8 MB
9. PassThrough Authentication PTA.mp4	2.8 MB
10. Active Directory Federation Services.mp4	2.3 MB
11. Seamless Single SignOn.mp4	3.6 MB
12. Seamless Single SignOn Detailed Flow.mp4	2.4 MB
13. Attacking Seamless SSO User Impersonation with AZUREADSSO Account 1.mp4	5.0 MB
14. Attacking Seamless SSO User impersonation with AZUREADSSO Account 2.mp4	3.2 MB
/.../3. Azure AD Authentication Methods/
1. Course Roadmap.mp4	538.7 KB
2. Azure AD Enterprise Applications.mp4	3.2 MB
3. Azure AD Enterprise Applications Registering an App.mp4	1.5 MB
4. Azure AD Enterprise Applications Authentication Protocols.mp4	3.9 MB
5. Another Interesting Tool EWS Cracker Bypassing MFA.mp4	2.5 MB
/.../4. Azure AD Conditional Access/
1. Course Roadmap.mp4	593.5 KB
2. Introducing Azure AD Conditional Access.mp4	4.8 MB
3. Azure AD Conditional Access Blocking Legacy Authentication 1.mp4	2.0 MB
4. Azure AD Conditional Access Blocking Legacy Authentication 2.mp4	826.3 KB
5. Azure AD Conditional Access Blocking Legacy Authentication 3.mp4	1.3 MB
6. Azure AD Conditional Access Blocking Legacy Authentication 4.mp4	1.1 MB
7. Azure AD Conditional Access Commonly Used Policies.mp4	3.1 MB
/.../5. Introduction to Azure Identities/
1. Course Roadmap.mp4	269.9 KB
2. Azure AD MultiFactor Authentication.mp4	3.8 MB
3. Microsoft Graph Security API.mp4	2.9 MB
4. Azure Role Based Access Control RBAC.mp4	1.1 MB
5. Azure Role Based Access Control RBAC Configuration.mp4	622.6 KB
6. Azure Managed Identities.mp4	1.4 MB
7. Azure Managed Identities A Look at Access Tokens.mp4	2.8 MB
8. Introducing the Identity Secure Score.mp4	1.8 MB
9. Azure AD Identity Protection.mp4	2.6 MB
10. Azure AD Identity Protection Dashboard.mp4	1.7 MB
11. Introducing Privileged Identity Management PIM.mp4	1.7 MB
/.../6. Azure AD Security Logging/
1. Course Roadmap.mp4	374.6 KB
2. Logging in Azure AD.mp4	4.2 MB
3. An Example of an Azure AD Risk Detection Investigation 1.mp4	941.0 KB
4. An Example of an Azure AD Risk Detection Investigation 2.mp4	1.2 MB
5. Advanced Detection Capabilities Defender for Endpoint.mp4	1.4 MB
6. Advanced Detection Capabilities Defender for Identity.mp4	2.7 MB
7. Advanced Detection Capabilities Azure Sentinel.mp4	341.3 KB
8. Advanced Detection Capabilities Azure Sentinel Example Rules.mp4	562.9 KB
/.../7. APT28 Emulation Plan/
1. Course Roadmap 1.mp4	395.5 KB
2. APT28 Introduction and Common Techniques.mp4	5.1 MB
3. Definition of the APT28 Emulation Plan.mp4	1.2 MB
4. Phase 1 Initial Access Technique T1566001 Spearphishing Attachment.mp4	5.9 MB
5. Phase 1 Execution Technique T1218011 Rundll32.mp4	1.7 MB
6. Phase 1 Defense Evasion Technique T1055012 Process Hollowing.mp4	3.4 MB
7. Phase 2 Persistence Technique T1053 Scheduled Tasks.mp4	3.2 MB
8. Phase 2 Privilege Escalation Technique T1558003 Kerberoasting.mp4	3.4 MB
9. Phase 2 Lateral Movement Technique T1047 WMI.mp4	3.9 MB
10. Phase 3 Exfiltration Technique T1041 Exfil over CC.mp4	2.6 MB
11. Course Roadmap 2.mp4	3.0 MB
12. Exercise Manual Execution of APT28 Emulation Plan.mp4	504.7 KB
/.../8. APT34 Emulation Plan/
1. Course Roadmap 1.mp4	305.3 KB
2. APT34 Introduction and Common Techniques.mp4	4.2 MB
3. Definition of the APT34 Emulation Plan.mp4	2.8 MB
4. Phase 1 Execution Technique T1566002 Spearphishing Link.mp4	1.9 MB
5. Phase 1 Execution Technique T1059001 PowerShell.mp4	6.3 MB
6. Phase 2 Discovery Technique T1087 Account Discovery.mp4	1.3 MB
7. Phase 2 Discovery Technique T1187 Forced Authentication.mp4	1.6 MB
8. Phase 2 Discovery Technique T1550003 PassTheTicket.mp4	3.1 MB
9. Phase 2 Discovery Technique T1550002 PassTheHash.mp4	2.2 MB
10. Phase 2 Credential Access Technique T1003 Credential Dumping.mp4	4.2 MB
11. Phase 3 Persistence Technique T1543003 New Service.mp4	1.7 MB
12. Phase 3 Defense Evasion Technique T1564001 Hidden Files.mp4	1.4 MB
13. Course Roadmap 2.mp4	1.9 MB
14. Exercise Manual Execution of APT34 Emulation Plan.mp4	518.0 KB
/.../9. Turla Emulation Plan/
1. Course Roadmap 1.mp4	280.3 KB
2. TURLA Introduction and Common Techniques.mp4	3.3 MB
3. Definition of the Turla Emulation Plan.mp4	1.7 MB
4. Phase 1 Execution Technique T1059 Scripting.mp4	2.6 MB
5. Phase 2 Persistence Technique T1546015 COM Hijacking.mp4	1.9 MB
6. Phase 2 Privilege Escalation Technique T1003 Credential Dumping.mp4	4.9 MB
7. Phase 2 Defense Evasion Technique T1562001 Disabling Security Tools.mp4	1.6 MB
8. Phase 3 Impact Technique T1490 Inhibit System Recovery.mp4	1.7 MB
9. Course Roadmap 2.mp4	2.1 MB
10. Exercise Manual Execution of Turla Emulation Plan.mp4	403.2 KB
11. Course Resources and Contact Information.mp4	3.3 MB
/.../1. Adversary Emulation Capstone/
1. Adversary Emulation Capstone.mp4	537.5 KB
2. Course Roadmap 1.mp4	4.7 MB
3. Course Roadmap 2.mp4	56.8 KB
4. Introduction.mp4	153.7 KB
5. Briefing and Introduction.mp4	123.1 KB
6. Example Organization.mp4	104.7 KB
7. Example Threat Actor.mp4	101.5 KB
8. How Can You Score Points.mp4	127.8 KB
9. What Does the Flag File Look Like.mp4	131.9 KB
10. What do the Crown Jewel Files Look Like.mp4	115.6 KB
11. Presentation to Prepare.mp4	143.3 KB
12. How Do You Get Started.mp4	107.1 KB
13. Rules of Engagement.mp4	127.4 KB
14. Questions.mp4	32.8 KB
15. Course Roadmap 3.mp4	61.5 KB
16. SEC699 CTF Introduction.mp4	5.6 MB
17. SEC699 CTF Scoreboard.mp4	4.7 MB
18. SEC699 CTF Scoreboard Registration.mp4	872.5 KB
19. Begin.mp4	716.3 KB
20. Solve.mp4	846.1 KB
21. SEC699 CTF WIKI httpsctfwikisec699org.mp4	4.4 MB
22. SEC699 CTF Tips.mp4	6.1 MB
23. Course Resources and Contact Information.mp4	8.1 MB
Total files 786