OS Exploits - IT Beveiliging / Security - Beveiliging - Informatiebeveiliging - Cyber Security - Security Engineer
Beschrijving
OS Exploits.
A key component in hardening security for you organization is understanding operating system exploits and how to remediate problems. In this Learning Kit, you will learn about common Microsoft and Linux exploits and tools and techniques to address these vulnerabilities. In this journey you will learn about intelligence gathering, learn about common exploits in Windows environments and associated services, how to issues with legacy software and techniques for post exploitation activities in a Windows system. Similarly for Linux environments, you will learn how to stage for exploit analysis, key vulnerabilities for Linux systems and daemons, penetration tools native to Linux to h…
Veelgestelde vragen
Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.
OS Exploits.
A key component in hardening security for you organization is understanding operating system exploits and how to remediate problems. In this Learning Kit, you will learn about common Microsoft and Linux exploits and tools and techniques to address these vulnerabilities. In this journey you will learn about intelligence gathering, learn about common exploits in Windows environments and associated services, how to issues with legacy software and techniques for post exploitation activities in a Windows system. Similarly for Linux environments, you will learn how to stage for exploit analysis, key vulnerabilities for Linux systems and daemons, penetration tools native to Linux to help identify vulnerabilities, and architectures with Linux to help deal with exploits. After completing this learning, you will be able to address vulnerabilities for both Linux and Windows environments.
Learning Kits are structured learning paths, mainly within the
Emerging Tech area. A Learning Kit keeps
the student working toward an overall goal, helping them to achieve
your career aspirations. Each part takes the student step by step
through a diverse set of topic areas. Learning Kits are
made up of required tracks, which contain all of the learning
resources available such as Assessments (Final Exams), Mentor,
Practice Labs and of course E learning. And all resources with a
365 days access from first activation.
This Learning Kit, with more than 14 hours of online content, is divided into the following tracks:
Course content
E-learning courses (14 hours +)
Windows Exploits and Forensics: Intelligence Gathering
Course: 1 Hour, 28 Minutes
- Course Overview
- The Open-source Intelligence (OSINT) Methodology
- Conducting an OSINT Investigation
- Social Engineering Target Identification
- Network Scanning for Open Ports
- Conducting an Nmap Scan
- Common Windows Services and Their Ports
- System Scanning and Enumeration Tools
- Conducting a Windows System Scan
- Standard Kali Tools
- Using Metasploitable: Common Commands and Issues
- Windows Exploit Discovery
- Course Summary
Windows Exploits and Forensics : Windows Environments
Course: 1 Hour, 32 Minutes
- Course Overview
- The Security Features and Controls on Windows Hosts
- Windows Server Operating System Types
- Intrusion Detection and Prevention in Windows
- The MITRE ATT&CK Framework and Windows Intrusions
- The Logging Features in Windows
- Viewing Event logging
- The Different Windows Account Types
- Using Windows Commands
- How Windows Permissions Work
- NT (New Technology) LAN Manager (NTLM) in Windows
- Cracking an NTLM Hash
- Using the Windows Registry
- Artifacts Found in Windows OS
- How Active Directory and Kerberos Work
- Course Summary
Windows Exploits and Forensics: SMB & PsExec
Course: 1 Hour, 6 Minutes
- Course Overview
- SMB Permissions and Defaults
- SMB Enumeration
- Enumerating SMB Shares
- Identifying Vulnerabilities in SMB
- SMB Attack Methods
- Conducting an SMB Brute Force Attack
- Conducting an SMB Denial of Service
- Exploiting a System Using SMB Reverse Shell
- How the PsExec Utility Works
- Executing Remote Commands with PsTools
- Executing a Pass the Hash Attack with Mimikatz
- A Background to the EternalBlue Exploit
- Using the EternalBlue Vulnerability to Attack
- Course Summary
Windows Exploits and Forensics: FTP, RDP, & Other Services
Course: 1 Hour, 13 Minutes
- Course Overview
- Windows Service Exploitation
- Enumerating Data from FTP
- FTP Attack Methods
- Conducting a Brute Force Attack on an FTP Server
- IIS with Windows and FTP Clients
- FTP/IIS Reverse Shell
- RDP in a Windows Environment
- RDP Attack Methods
- Enumerating Using RDP
- Exploiting an RDP system Using BlueKeep
- Working with WMI
- Exploiting WMI on a Windows-based System
- Course Summary
Windows Exploits and Forensics: Legacy Systems & Third Party Applications
Course: 58 Minutes
- Course Overview
- Common Attacks on Windows Hosts
- Common Attacks on Windows Servers
- Scanning for Potential Vulnerabilities
- Enumerating Data from Services
- Running an Exploit to Gain Credentials
- Running an Exploit to Gain a Reverse Shell
- Common Third-party Applications in Windows
- Finding Vulnerabilities for Third-party Applications
- Exploiting Third-party Applications in Windows
- Avoiding Honeypots
- Course Summary
Windows Exploits and Forensics: Post Exploitation
Course: 1 Hour, 24 Minutes
- Course Overview
- Privilege Escalation Methods
- Conducting a Basic Privilege Escalation
- Using the DLL Injection
- Pivot between Hosts
- Stealing User Credentials
- Using PowerView to Enumerate Information
- Using BloodHound to Gain Admin Privileges
- Cleanup Methods to Hide Your Tracks
- Cleaning up Post Attack
- APT and Configuration Methods
- Configuring APT after Exploitation
- Using the Nuclear Option to Clean up Post Attack
- Course Summary
Linux Exploits & Mitigation: Staging for Exploit Analysis
Course: 1 Hour, 5 Minutes
- Course Overview
- Leveraging Virtual Environments
- Setting up QEMU
- Launching Linux in QEMU
- Mounting Filesystems
- Compiling Linux Kernels
- Networking under QEMU
- Architectural Considerations
- Emulating Architectures in QEMU
- Saving Machine States
- Monitoring System Info
- Staging Vulnerabilities
- Protecting Staging Environments
- Course Summary
Linux Exploits & Mitigation: Program Essentials
Course: 1 Hour, 21 Minutes
- Course Overview
- Programming in Memory
- Running GDB
- Disassembling a Program
- Dumping Objects
- Protection Rings
- Kernel and Userland Separation
- The GNU C Library
- Using Syscalls with C
- Using Syscalls with Assembly
- Linux System Call Table
- Querying Implemented System Calls
- Executing Programs
- Segmenting Programs
- Course Summary
Linux Exploits & Mitigation: String Vulnerability Analysis
Course: 1 Hour, 10 Minutes
- Course Overview
- Exploiting Strings
- Formatting String Weaknesses
- Overflowing the String Buffer
- Compiling String Weaknesses
- Copying String Weaknesses
- Catching Input Vulnerabilities
- Generating String Weaknesses
- Checking Strings Safely
- Looping Over Strings Safely
- Executing Unsafe Strings
- Injecting Code in Strings
- Returning Strings Safely
- Course Summary
Linux Exploits & Mitigation: Memory and Pointer Vulnerabilities
Course: 1 Hour, 11 Minutes
- Course Overview
- Allocating Memory
- Overflowing the Heap
- Dangling Pointers
- Dereferencing NULL
- Exploiting the Heap
- Using After-free
- Overflowing the Stack
- Accessing Out-of-bounds
- Looping Off-by-one
- Corrupting Memory
- Executing Arbitrary Code
- Exploiting Out-of-bounds
- Course Summary
Linux Exploits & Mitigation: Penetration Tools
Course: 1 Hour
- Course Overview
- Exploring Metasploit Commands
- Running a Vulnerable Environment
- Exploiting a Vulnerable Web Service
- Scanning SMTP
- Exploiting Vulnerable File Sharing
- Uploading Injections
- Searching for Exploits
- Detecting Exploits
- Scanning with RouterSploit
- Inspecting Opcodes
- Converting Shellcode
- SQL Injection
- Course Summary
Linux Exploits & Mitigation: Linux Exploit Architecture
Course: 57 Minutes
- Course Overview
- Avoiding Kernel Race Conditions
- Executing Shellcode
- Out-of-order Execution
- Integer Vulnerabilities and Prevention
- Compiler Warnings for Security and Stability
- Stack Smashing Mitigations
- Use-after-free Consequences
- Spectre and Meltdown Vulnerabilities and Mitigation
- Write XOR Execute (W^X)
- Considerations and Mitigations to Vulnerabilities and Exploits
- Privilege Escalation Targets
- Processes and Tasks Exploits
- Course Summary
Assessment: OS Exploits
Will test your knowledge and application of the topics presented
throughout the OS Exploits courses.
Practice Lab: OS Exploits (estimated duration:
7 hours)
Perform OS exploits such as system event auditing, testing for RDP
vulnerabilities, constructing a MSFvenom injection payload,
and running a virtual environment. Then, debug and disassemble
a program, catch common vulnerabilities, and recognize the dangers
with pointers.
Specificaties
Taal: Engels
Kwalificaties van de Instructeur:
Gecertificeerd
Cursusformaat en Lengte: Lesvideo's met
ondertiteling, interactieve elementen en opdrachten en testen
Lesduur: 14 uur
Assesments: De assessment test uw kennis en
toepassingsvaardigheden van de onderwerpen uit het leertraject.
Deze is 365 dagen beschikbaar na activering.
Online Virtuele labs: Ontvang 12 maanden toegang
tot virtuele labs die overeenkomen met de traditionele
cursusconfiguratie. Actief voor 365 dagen na activering,
beschikbaarheid varieert per Training.
Online mentor: U heeft 24/7 toegang tot een online
mentor voor al uw specifieke technische vragen over het
studieonderwerp. De online mentor is 365 dagen beschikbaar na
activering, afhankelijk van de gekozen Learning Kit.
Voortgangsbewaking: Ja
Toegang tot Materiaal: 365 dagen
Technische Vereisten: Computer of mobiel apparaat,
Stabiele internetverbindingen Webbrowserzoals Chrome, Firefox,
Safari of Edge.
Support of Ondersteuning: Helpdesk en online
kennisbank 24/7
Certificering: Certificaat van deelname in PDF
formaat
Prijs en Kosten: Cursusprijs zonder extra
kosten
Annuleringsbeleid en Geld-Terug-Garantie: Wij
beoordelen dit per situatie
Award Winning E-learning: Ja
Tip! Zorg voor een rustige leeromgeving, tijd en
motivatie, audioapparatuur zoals een koptelefoon of luidsprekers
voor audio, accountinformatie zoals inloggegevens voor toegang tot
het e-learning platform.
Verrijk Uw Carrière met OEM's ICT Trainingen
Waarom kiezen voor
OEM?
Ervaring: Meer dan 20 jaar
expertise in ICT-trainingen.
Uitgebreide Selectie: Meer dan 1000 cursussen van
200 topmerken.
Hoge Tevredenheid: Beoordeeld met een 9.0 op
Springest.
Kwaliteitsgarantie: Gecertificeerde docenten en
award-winning E-learning.
Partnerschappen: Microsoft Partner, EC-Council
Partner, Certiport en Pearson VUE.
Blijf op de hoogte van nieuwe ervaringen
Deel je ervaring
Heb je ervaring met deze cursus? Deel je ervaring en help anderen kiezen. Als dank voor de moeite doneert Springest € 1,- aan Stichting Edukans.Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.