Cyber Generalist to Forensic Specialist

Your organization's security posture is critical to its success-and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives-mislabeled security alerts-and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

In today's complex, stressful world, there is no substitute for risk management. By identifying and prioritizing risks, organizations focus resources where they are most needed with up-front planning. In this 15-video course, learners examine structured risk management frameworks, the importance of a risk register, and various risk treatments. Explore disaster recovery strategies, solutions that provide high availability, and cybersecurity insurance as a form of risk transference, before learning characteristics of a business continuity plan and business impact analysis (BIA). Proactively design an incident response plan and post-incident activities. Watch demonstrations of enabling Microsoft Azure storage account replication, how to register a Windows Server with Azure for backup, and how backups provide availability through recovery. Then learn to create a MySQL database read replica in a secondary geographical region. See why reviewing incident responses is the critical step in avoiding future incidents, or handling them better the next time. Post-incident activities include cloud storage replication, backing up to the cloud, system and data recovery, and database replicas. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Helping protect your company's valuable assets against malicious attacks by outsiders requires a seasoned understanding of modern-day cyber threats. This 21-video course prepares learners to thwart reconnaissance and surveillance attacks by hackers and ward off Wi-Fi vulnerabilities, by using the proper tools. First, examine the wide variety of possible modes of attack-from injection, overflow, and cross-site scripting to XML (extensible markup language), DoS, address resolution protocol (ARP) poisoning, and password compromises. Then develop valuable skills in counteracting web browser compromises and agility in the use of Kali Linux Wi-Fi tools. Learn OWASP's (Open Web Application Security Project) Top 10 vulnerabilities and ESAPI (Enterprise Security application programming interface) tools for each one, such as ZAP (Zed Attack Proxy), to test web application security. While you're learning, pause to meet the aptly-named John the Ripper, a free tool for cracking passwords on 15 platforms! The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Perhaps nothing is more frustrating for the average computer user-or his IT security staffer-than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious-using malware, bots, ransomware, viruses, and plain garden-variety scams-but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes-whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

In this course, you'll learn about centralized monitoring for on-premises and cloud solutions and how this results in the timely response to business disruptions and highlights indicators of compromise. You'll examine continuous monitoring, log types, cloud logging and auditing, centralized Linux logging, Windows event log filtering, and cloud alarms. You'll also learn about the OSI model, network traffic analysis, filtering captured network traffic, e-mail monitoring, honeypots, and SIEM. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Your organization's security posture is critical to its success-and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives-mislabeled security alerts-and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

In today's complex, stressful world, there is no substitute for risk management. By identifying and prioritizing risks, organizations focus resources where they are most needed with up-front planning. In this 15-video course, learners examine structured risk management frameworks, the importance of a risk register, and various risk treatments. Explore disaster recovery strategies, solutions that provide high availability, and cybersecurity insurance as a form of risk transference, before learning characteristics of a business continuity plan and business impact analysis (BIA). Proactively design an incident response plan and post-incident activities. Watch demonstrations of enabling Microsoft Azure storage account replication, how to register a Windows Server with Azure for backup, and how backups provide availability through recovery. Then learn to create a MySQL database read replica in a secondary geographical region. See why reviewing incident responses is the critical step in avoiding future incidents, or handling them better the next time. Post-incident activities include cloud storage replication, backing up to the cloud, system and data recovery, and database replicas. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Helping protect your company's valuable assets against malicious attacks by outsiders requires a seasoned understanding of modern-day cyber threats. This 21-video course prepares learners to thwart reconnaissance and surveillance attacks by hackers and ward off Wi-Fi vulnerabilities, by using the proper tools. First, examine the wide variety of possible modes of attack-from injection, overflow, and cross-site scripting to XML (extensible markup language), DoS, address resolution protocol (ARP) poisoning, and password compromises. Then develop valuable skills in counteracting web browser compromises and agility in the use of Kali Linux Wi-Fi tools. Learn OWASP's (Open Web Application Security Project) Top 10 vulnerabilities and ESAPI (Enterprise Security application programming interface) tools for each one, such as ZAP (Zed Attack Proxy), to test web application security. While you're learning, pause to meet the aptly-named John the Ripper, a free tool for cracking passwords on 15 platforms! The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Perhaps nothing is more frustrating for the average computer user-or his IT security staffer-than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious-using malware, bots, ransomware, viruses, and plain garden-variety scams-but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes-whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Cryptographers far from enemy lines have long helped win shooting wars by cracking enemy codes-and in the new world of cyber warfare, cryptography has become the first line of defense for hundreds of millions of civilians worldwide. In this 21-video course, you will learn just how cryptography and encryption protect sensitive data, both in transit and at rest. Learners are given important information about public key infrastructure (PKI) hierarchy and lifecycles; protection in UFS (Ultra Flash Storage) and Bitlocker; and on Linux and cloud storage. Learn about the hashing process, including how to generate file hashes for Linux and Windows. Then learn about using SSL (secure sockets layer) and TLS (Transport Layer Security) to secure network traffic, cloud certificate authority (CA) deployment, and certificate issuance. Next, learn how to configure custom encryption keys for cloud storage and how to configure a Microsoft IIS web site with a PKI certificate. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

These days, it's almost all about the cloud-public, private, hybrid, and community varieties-but how much do you really know about these mysterious unseen dimensions? As more and more organizations use or migrate on-premises IT systems and data into cloud environments, understanding the trendy concept has become both necessary and increasingly complex. In this 12-video course, learners are exposed to the basics of this new cloud world, including the four most popular cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as Code. First, you will learn the five primary characteristics of every cloud-resource pooling, self-provisioning, rapid elasticity, metered usage, and broad access. Then examine each characteristic in more detail: learn how to determine when to use a public, private, community, or hybrid cloud; how cloud service models delivered over a network are categorized. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

In this course, you'll learn about centralized monitoring for on-premises and cloud solutions and how this results in the timely response to business disruptions and highlights indicators of compromise. You'll examine continuous monitoring, log types, cloud logging and auditing, centralized Linux logging, Windows event log filtering, and cloud alarms. You'll also learn about the OSI model, network traffic analysis, filtering captured network traffic, e-mail monitoring, honeypots, and SIEM. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Identity and access management encompasses the management of on-premises and cloud-based users, groups, and roles. In this course, you'll learn how to assign only the required permissions to IAM security principles. You'll explore topics such as role creation, deploying Simple Active Directory in AWS, joining a cloud VM to a cloud-based directory service, and multifactor authentication. You'll also learn about identity federation and Windows and Linux file system permissions. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Managing network security involves planning the use of network devices, including cloud-based virtual network configurations. In this course, you'll learn about asset discovery and management, cloud resource tagging, network segmentation, and VPNs. You'll also examine cloud site-to-site VPN deployment, cloud networking, and cloud VPC deployment. Next, you'll learn about change management procedures, virtual desktop infrastructure, cloud VDI configuration and client connections, and firewalls. Lastly, explore network access control, RADIUS, and TACACS+. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Software developers must consider security at all phases of software development. In this course, you'll learn about software vulnerability testing and secure coding practices. You'll explore the software development life cycle, microservices and decoupling, application containerization, and common cloud developer services. In addition, you'll examine software and unit testing and reverse engineering for Android apps. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Data privacy regulations are at the forefront of protecting PII and PHI on-premises and in the cloud. In this course, you'll examine the meaning of common data privacy standards, including PII, PHI, HIPAA, GDPR, and PCI DSS. Then you'll move on to learn about server and cloud-based data classification and data loss prevention. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Digital forensics focuses on the proper gathering and handling of digital evidence. In this course, you'll learn about forensic hardware, software, and the chain of custody. In addition, you explore how to enable legal hold for an AWS S3 bucket, restore deleted files in Linux and Windows, and mount a Linux file system for examination. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Discover how vulnerability scanning can detect weaknesses while pen testing exploits weaknesses. Explore these activities along with how intrusion detection and prevention help secure networks, hosts, apps and data for organizations. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.

Discover how organizational security policies specify details for hardening organizational assets including patching, data masking and digital rights management. This course also covers baselines, secure disposal and IPsec. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.

Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.

Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.

To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain. Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.

This 12-video course examines the concept of ethics as it relates to digital forensics, including reasonable expectation of privacy, legal authorization, and the primary function of attorney-client privilege and confidentiality. The legalities surrounding digital forensics investigative techniques and standards for analyzing digital evidence are also covered. Begin with a look at the definition of what is considered a reasonable expectation of privacy. You will then learn to differentiate between legal authorization forms such as consent forms and warrants. Next, explore the primary function of attorney-client privilege and confidentiality, and recognize the legalities surrounding digital forensics investigative techniques. Delve into the need for ethics in digital forensics, and the best practices for ethics and forensics. Discover steps for regulating ethical behavior; recognize possible conflicts of interest and how to avoid them; and examine the importance of ongoing training for both investigators and management on the importance of ethics. The final tutorial in this course looks at different standards for analyzing digital evidence.

As a security operations person, you'll need to employ various Windows exploitation techniques to attack vulnerable target software and services. This course covers the various intelligence gathering techniques used for conducting offensive security operations against a Windows-based network to identify possible vulnerabilities. You'll start by examining open source intelligence (OSINT) gathering techniques and sources before conducting your own OSINT investigation. Next, you'll explore the use of social media and other tools for finding targets for social engineering exercises. You'll then examine common Windows services and their ports and tools for conducting basic enumeration. Moving along, you'll practice network scanning for open ports, scanning a Windows-based system, and enumerating data. Lastly, you'll explore various tools used in the Kali hacking environment, the use of Metasploitable, and common locations to find Windows exploits.

As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment. Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms. Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.

Analyzing kernel vulnerabilities requires an environment to carry out the reproduction of exploits. Being able to quickly and securely stage an operating system is essential. In this course, you'll explore virtual environments and stage systems using QEMU. You'll develop an approach to setting up virtual environments for the Linux kernel, complete with network support. You'll install Linux kernels by version and compile Linux kernels from scratch. Next, you'll investigate architectural considerations, emulate architectures in QEMU, and gather system info from your staging environment. Finally, you'll examine vulnerability considerations that might affect the virtual environment itself and identify safeguards for protecting your computing environments when carrying out exploit analysis. By the end of this course, you'll be able to launch an instance of Alpine Linux, configure networking options, and emulate an Alpine Linux ARM variant within a QEMU environment.

Navigating the space between userland and kernel and how it impacts how programs reside and execute inside of an operating system can lead to a better understanding of how it's exploited. Being able to debug, disassemble, and dump programs are essential to finding vulnerabilities. In this course, you'll investigate the structure of the Linux kernel, system calls, and program interfaces by running, debugging, and disassembling code. You'll explore how programs fit in memory and how they are protected and executed. You'll debug and disassemble code into its assembly for inspection. Next, you'll explore the GNU C implementation of the standard library and interface using syscalls and the Linux system call table. Finally, you'll explore how programs and scripts are executed and how they are segmented in memory.

Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.

To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain. Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.

This 12-video course examines the concept of ethics as it relates to digital forensics, including reasonable expectation of privacy, legal authorization, and the primary function of attorney-client privilege and confidentiality. The legalities surrounding digital forensics investigative techniques and standards for analyzing digital evidence are also covered. Begin with a look at the definition of what is considered a reasonable expectation of privacy. You will then learn to differentiate between legal authorization forms such as consent forms and warrants. Next, explore the primary function of attorney-client privilege and confidentiality, and recognize the legalities surrounding digital forensics investigative techniques. Delve into the need for ethics in digital forensics, and the best practices for ethics and forensics. Discover steps for regulating ethical behavior; recognize possible conflicts of interest and how to avoid them; and examine the importance of ongoing training for both investigators and management on the importance of ethics. The final tutorial in this course looks at different standards for analyzing digital evidence.

As a security operations person, you'll need to employ various Windows exploitation techniques to attack vulnerable target software and services. This course covers the various intelligence gathering techniques used for conducting offensive security operations against a Windows-based network to identify possible vulnerabilities. You'll start by examining open source intelligence (OSINT) gathering techniques and sources before conducting your own OSINT investigation. Next, you'll explore the use of social media and other tools for finding targets for social engineering exercises. You'll then examine common Windows services and their ports and tools for conducting basic enumeration. Moving along, you'll practice network scanning for open ports, scanning a Windows-based system, and enumerating data. Lastly, you'll explore various tools used in the Kali hacking environment, the use of Metasploitable, and common locations to find Windows exploits.

As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment. Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms. Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.

When carrying out security operations in a Windows environment, you need to know what kind of attacks, exploits, and vulnerabilities to look out for. This course covers two of the most common services used to attack a Windows-based network - SMB and PsExec - along with some popular attack methodologies. You'll start by examining SMB permissions and default settings. You'll then explore tools to enumerate SMB shares and data. Next, you'll investigate how to identify SMB vulnerabilities and recognize SMB attacks. You'll then conduct different SMB exploits, including brute force and denial of service attacks. You'll move on to outline how PsExec works and use it to execute remote commands. Finally, you'll practice exploiting PsExec using various tools, including the EternalBlue exploit.

To protect an operating system, you must first know how to exploit it. This course covers some of the standard Windows services that have known exploits available for them, which can be used in offensive security operations against a Windows environment. You'll start by enumerating data from a Windows-based FTP server before practicing methods used to attack FTP services. You'll then learn how to attack IIS-based systems. Next, you'll examine the RPD protocol and learn methods of attacking the Windows RDP service. Finally, you'll investigate how WMI works and learn to exploit WMI on a Windows-based machine. This course involves conducting brute force attacks, reverse shells, and using the BlueKeep security vulnerability.

When an organization uses systems that are no longer serviced and supported and therefore, do not receive security updates, they expose themselves to serious security attacks. To ensure a healthy network ecosystem, security operations personnel must be aware of the vulnerabilities these systems are exposed to. In this course, you'll explore how to conduct offensive security operations against legacy Windows-based systems. You'll learn to recognize older versions of Windows, identify common exploits for these older versions, and scan Server 2008 for vulnerabilities. You'll then learn how to enumerate Server 2008, exploit legacy systems, and gain a reverse shell on a legacy system. You'll then learn how to recognize common third-party applications and vulnerabilities and how to exploit them. Finally, you'll learn how to identify and avoid a honeypot.

As a penetration tester, it's vital that you are familiar with advanced methods of conducting offensive security operations against Windows environments. In this course, you'll learn to recognize common post exploitation activities within a Windows environment and how to configure an advanced persistent threat. You'll start by learning how to escalate privileges, use a DLL injection attack, pivot between systems, and crack user credentials. You'll then examine how to use PowerView to enumerate information and use BloodHound to 'walk the dog' and gain domain admin privileges. Finally, you'll learn how to clean up post attack to cover your tracks, create an advanced persistent threat, and use a ransomware attack to lock a system.

Analyzing kernel vulnerabilities requires an environment to carry out the reproduction of exploits. Being able to quickly and securely stage an operating system is essential. In this course, you'll explore virtual environments and stage systems using QEMU. You'll develop an approach to setting up virtual environments for the Linux kernel, complete with network support. You'll install Linux kernels by version and compile Linux kernels from scratch. Next, you'll investigate architectural considerations, emulate architectures in QEMU, and gather system info from your staging environment. Finally, you'll examine vulnerability considerations that might affect the virtual environment itself and identify safeguards for protecting your computing environments when carrying out exploit analysis. By the end of this course, you'll be able to launch an instance of Alpine Linux, configure networking options, and emulate an Alpine Linux ARM variant within a QEMU environment.

Navigating the space between userland and kernel and how it impacts how programs reside and execute inside of an operating system can lead to a better understanding of how it's exploited. Being able to debug, disassemble, and dump programs are essential to finding vulnerabilities. In this course, you'll investigate the structure of the Linux kernel, system calls, and program interfaces by running, debugging, and disassembling code. You'll explore how programs fit in memory and how they are protected and executed. You'll debug and disassemble code into its assembly for inspection. Next, you'll explore the GNU C implementation of the standard library and interface using syscalls and the Linux system call table. Finally, you'll explore how programs and scripts are executed and how they are segmented in memory.

String vulnerabilities are at the core of a wide range of exploits. Being able to recognize, debug, and fix unsafe string manipulation code is essential to avoiding vulnerabilities. In this course, you'll explore how string code can be written safely and how strings vulnerabilities are exploited. You'll look at the most common format string vulnerabilities in the C programming language and what it means to overflow a string buffer. You'll debug string exploits, including vulnerabilities introduced by common string output and manipulation functions. Next, you'll correct common errors, check strings for safety, loop over strings, and see what happens when unsafe strings are executed in a program. Finally, you'll describe how code can be injected via strings and how strings can be returned safely.

Memory and pointer vulnerabilities come from a number of common programmer mistakes. Being able to recognize, debug, and fix unsafe memory allocation and access errors is essential to avoiding vulnerabilities. In this course, you'll explore how memory and pointer vulnerabilities arise and how they lead to program errors and exploits. You'll look at how memory is allocated and accessed in a typical C program. You'll investigate what causes heap and stack overflows, use-after-free (UAF) vulnerabilities, and out-of-bounds access errors. In addition, you'll recognize dangling pointers, NULL dereferences, and off-by-one loops. Finally, you'll delve into how coding errors lead to corrupted memory and arbitrary code execution.

The baseline of security for any computer system is a defense against known exploits and attacks. In this course, you'll learn how to employ the core pentesting tools to help validate that your systems and software are secure against known attacks. You'll start by learning how to leverage the capabilities of Metasploit by using its basic commands, payloads, and options. You'll then explore Metasploitable, Commix, as well as Exploit Database, SearchSploit, and the Linux Exploit Suggester. Next, you'll learn how to use RouterSploit and ShellNoob to carry out tests. Finally, you'll examine how to use SQLMap to explore how SQL injection attacks are formed and how to protect against them.

Vulnerabilities vary by architecture and family of processor. Recognizing the processor implementations and the differences that lead to an exploit is essential. In this course, you'll explore different classes of vulnerabilities based on the computing environment. You'll learn about the architectural differences and system implementations that lead to race conditions, shellcode and out-of-order execution vulnerabilities. You'll explore mitigations and protections to prevent stack smashing, use-after-free, and integer vulnerabilities. Next, you'll examine contemporary exploits such as Spectre and Meltdown and mitigations provided by Write XOR Execute (W^X). Finally, you'll investigate protections to prevent privileged escalation and exploiting processes and tasks.