ATTACK TECHNIQUES FOR BEGINNERS
Advanced Projects
With
@sambowne
,
@djhardb
,
@infosecirvin
, and
@KaitlynGuru
.
Scoreboard
·
Submit Flags
Final Black Hat 2020 Class 1 Scores
Advanced Networking with Python
Elizabeth
VP 220: DNS
95
VP 230: Obfuscated HTTP
50
Advanced Cryptography with Python
Sam
VP 310: XOR
65
C 105: Two-Time Pad
85
VP 320: AES
55
C 106: The Rho Method
30
VP 330: Argon2 Hashes
47
C 401: RSA with Very Small Keys
30
C 402: Cracking a Short RSA Key
50
Android Emulator Setup
Sam
Mac or Linux
M 101: Genymotion
15
M 103: Burp
20
Windows
Do M 108 below first
M 104: BlueStacks
15
M 106: Burp and Nox
20
Any OS
M 105: Plaintext Login
15
M 107: GenieMD Broken SSL (Harvard & IBM)
15 + 40 extra
M 108: Kali Virtual Machine
15
Download Kali VM
Android Debug Bridge
Mac or Linux
M 201: ADB on Genymotion on a Mac
15
M 202: BlueStacks on a Mac
15 extra
Windows
M203: ADB & Nox on Windows
15
Any OS
M 208: WireGuard VPN
10
M 204: Equity Pandit
15 + 50 extra
M 207: ES Explorer Command Injection
10
Smali
M 401: Trojaning Progressive and Bank of America
20 + 20 extra
M 402: mAadhaar Code Modification
20
M 410: Exploiting an Android Phone with Metasploit
15 extra
Defending Linux Servers
IR 201: Splunk & Suricata
45
IR 202: Metasploit & Drupalgeddon
85
IR 308: osquery
15
Defending Windows
IR 301: Installing Splunk on a Windows Server
15
IR 330: Detecting Ransomware with Splunk and Sysmon
20
IR 303: Capturing a RAM from a Process
15
IR 304: VirusTotal & Wireshark
35
IR 305: PacketTotal
45
IR 306: Yara
40
IR 307: Prefetch Forensics
15
IR 340: GRR Rapid Response
25
IR 350: Zeek Interactive Tutorial
59
IR 351: Installing and Using Zeek
25
ATT&CK Matrix
Reference: ATT&CK Matrix for Enterprise
(show sub-techniques)
ATT 1: ATT&CK Tactics
10
ATT 2: ATT&CK Techniques for Tactics 1-3
10
ATT 3: ATT&CK Techniques for Tactics 4-6
10
ATT 4: ATT&CK Techniques for Tactics 7-9
10
ATT 5: ATT&CK Techniques for Tactics 10-12
10
ATT 6: ATT&CK Groups
10
ATT 7: ATT&CK Navigator
10
ATT 100: Caldera
25+
ATT 101: Caldera Operation
15
Burp, ZAP, & Postman
W 510: Intro to Burp
60
W 520: SAML
15
W 230: Manual Audit of Hackazon
20
W 530: Exploiting ECB Encryption
75
W 200: Google Cloud Linux Servers
15
ED 290: Desktop on a Cloud Linux Server
10
W 220: Zed Attack Proxy
20
W 300: Using an API with Postman
15
W 301: Using the Github API with Postman
10
Basic Defenses
W 10: Configuring an HTTPS Server
15
W 20: reCAPTCHA
15
W 30: CanaryTokens
5
Alternate Cyber Ranges
Sam
Cyber Range Planning
H 202: Kali Virtual Machine
15
H 220: Windows Virtual Machine
15
H 240: WireGuard VPN
15
ED 290: Desktop on a Cloud Linux Server
10
More Training
Workshops
Classes
Last updated 8-2-2020