TrustedSec - Webinar Series: Fundamentals of Post-Exploitation with Carlos Perez

 

Join us for this webinar series starting on Wednesday January 16th at 1:00 EST

 

Learn the basics of post-exploitation from advanced infosec professionals

Join Carlos Perez (@darkoperator) as he shares some of the post-exploitation methodology used by TrustedSec security consultants performed during actual attack simulations. Each of the four individual webinars will focus on specific aspects that will build upon each other to give a complete picture of the post-exploitation process. New tools will also be released during each individual webinar.

Some of the topics that will be covered, include:

During this series, Carlos will provide an inside look at his process, including…

Webinar 1: Wed, Jan 16, 2019 1:00 PM – 2:00 PM EST

During the first installment of the series, Carlos will cover what to do after a session is obtained and access has been gained to a host. This section will focus mainly on situational awareness to guarantee that a user’s actions will go unnoticed and how to gather initial information that will guide the toolset and tempo for the operation.

 

Webinar 2: Wed, Jan 30, 2019 1:00 PM – 2:00 PM EST

On this webinar Carlos will provide insight on how to further gather more information on the system. Focus will be placed on the purpose of the system and how it may fit in the network and business process. Lastly, he will show you the how to look for the indicators that will determine if this is a system that can stay in memory or if the user should persist.

 

Webinar 3: Wed, Feb 20, 2019 1:00 PM – 2:00 PM EST

During the third webinar, Carlos will cover the basics of network enumeration so as to find other hosts in the network and understand the network structure. He will also look at how to find information from users on the system and extract those out of the environment

 

Webinar 4: Wed, Mar 6, 2019 1:00 PM – 2:00 PM EST

On the final of this four-part series, Carlos will provide examples of the different way to collect credentials from the system and how some of the authentication technologies work so as to better abuse them. He’ll also walk-through how to leverage the information we have gathered so far in terms of controls, network environment and credentials to move laterally across the network. Finally,  Carlos will review some of the common techniques and their IOCs in addition to new ones.

 

Join us for this webinar series starting on Wednesday January 16th at 1:00 EST

The post Webinar Series: Fundamentals of Post-Exploitation with Carlos Perez appeared first on TrustedSec.



from TrustedSec https://www.trustedsec.com/2018/12/webinar-series-post-exploitation/

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more