Sektor7 - Windows Persistence Course

(1 year ago)Sauron Wrote:

Welcome to Persistence in Windows course!
Real threat actors utilize various Tactics, Techniques and Procedures (aka TTPs). One of the tactic is Persistence - a way to survive a breached machine restart and preserve access to a target environment. There is a lot of focus on what methods adversaries use to exploit a particular vulnerability or how their C2 channels and infrastructure look like. Less often you find discussions about persistence. This course is aiming to change that.

You will learn almost 30 different persistence techniques working on Windows 10. Most of them were used by nation-state threat actors, like EquationGroup, Turla, APT29, ProjectSauron or malware, including Flame or Stuxnet.

As usual you will get not only full explanation of each technique with examples, but also a working code templates (written in C) and a complete development environment you can experiment with.
COURSE IN A NUTSHELL
You Will Learn
Knowledge about Windows persistence used by real threat actors, including nation-state adversaries
27 different techniques, including:
DLL Proxying
COM hijacking
Multiaction Tasks
Port Monitors
Time Providers
WMI Eventing
LSA-as-a-Persistence
and much more...

Target Audience
Ethical Hackers
Penetration Testers
Blue Teamers
Threat Hunters
All security engineers/professionals wanting to learn advanced offensive tactics

Requirements
Understanding of operating system architecture
Some experience with Windows OS
Basic knowledge about coding in C/C++
Computer with min. 4 GB of RAM + 30 GB of free disk space
VirtualBox 6.0+ installed
Strong will to learn and having fun

(1 year ago)Sauron Wrote:

Welcome to Persistence in Windows course!
Real threat actors utilize various Tactics, Techniques and Procedures (aka TTPs). One of the tactic is Persistence - a way to survive a breached machine restart and preserve access to a target environment. There is a lot of focus on what methods adversaries use to exploit a particular vulnerability or how their C2 channels and infrastructure look like. Less often you find discussions about persistence. This course is aiming to change that.

You will learn almost 30 different persistence techniques working on Windows 10. Most of them were used by nation-state threat actors, like EquationGroup, Turla, APT29, ProjectSauron or malware, including Flame or Stuxnet.

As usual you will get not only full explanation of each technique with examples, but also a working code templates (written in C) and a complete development environment you can experiment with.
COURSE IN A NUTSHELL
You Will Learn
Knowledge about Windows persistence used by real threat actors, including nation-state adversaries
27 different techniques, including:
DLL Proxying
COM hijacking
Multiaction Tasks
Port Monitors
Time Providers
WMI Eventing
LSA-as-a-Persistence
and much more...

Target Audience
Ethical Hackers
Penetration Testers
Blue Teamers
Threat Hunters
All security engineers/professionals wanting to learn advanced offensive tactics

Requirements
Understanding of operating system architecture
Some experience with Windows OS
Basic knowledge about coding in C/C++
Computer with min. 4 GB of RAM + 30 GB of free disk space
VirtualBox 6.0+ installed
Strong will to learn and having fun

(10 months ago)Palimos Wrote: Thank you thank you