Topics
Topics:
MITRE Attack - ICS individuals
Access Control
Security Policy - O.S. Protection (in a nutshell) - Principle of Least Privilege - Temporary Privilege Elevation - O.S. Access Control Essentials - Understanding Access Control - Access Control in Large Organizations - LDAP SSO
Hacking
Hacking Preamble - Simple Hacking Scenario - Hacking Lab - Reverse Shells
Malware
Infection Chains - Initial Access and Execution - Persistence and Privilege Escalation - Botnets - Initial Access: Supply Chain and Trust
Malware - Detection
Malware Detection - A quick look at AVs (antiviruses)
Threat Model
Threat Model - Understanding Threat Models
Passwords
Auth - NTLM Kerberos
Lateral Movement AD Abuse
Lateral Movement - Abuse of Access Rights in AD - AD Attack Examples
MFA
MFA: Multifactor Authentication - One-Time Passwords (OTP) - Security Keys - Push notifications - MFA: Summary of Limitations - Passwordless Login (Passkey) - Loss of Second Factor
Memory corruption
Memory corruption - Memory Management (in a nutshell) Part 1 - Memory Corruption Vulnerabilities - Memory Management (in a nutshell) Part 2 - Memory Corruption: Stack Smashing - Defending against Memory Corruption vulns
Vulnerabilities - IDOR
IDOR (Insecure Direct Object Ref.)
Vulnerabilities - Case Studies
Vulnerabilities: Important Case Studies
Vulnerabilities - Intro Exploit Injection
Vulnerabilities: Introduction - How to actually exploit?
Vulnerabilities - CWE CVE CVSS
What is the underlying mistake? (CWE) - How to identify them unambiguously? (CVE) - What is the risk of a given vuln? (CVSS) - Which software is more secure?
Vulnerabilities - Management
Vulnerability Lifecycle - Responsible disclosure and Zero-days - Patch Management - Vulnerability Management in Organizations - Software Dependencies
Vulnerabilities - Fundamental Issues
Why do vulnerabilities exist? - Cybersecurity Testing - "Shifting left"
Economic View
Automated Attacks - Attack Economics and Attack Categories - Strategic Framework: Defender Mindset - Understanding Cybersecurity
Defense Frameworks
Common Technical Issues and Defense Frameworks
Total number of slides: 1784
- MITRE Attack - ICS individuals : 112
- Access Control : 202
- Hacking : 127
- Malware : 132
- Malware - Detection : 46
- Threat Model : 28
- Passwords : 90
- Auth - NTLM Kerberos : 170
- Lateral Movement AD Abuse : 96
- MFA : 108
- Memory corruption : 163
- Vulnerabilities - IDOR : 46
- Vulnerabilities - Case Studies : 49
- Vulnerabilities - Intro Exploit Injection : 91
- Vulnerabilities - CWE CVE CVSS : 41
- Vulnerabilities - Management : 131
- Vulnerabilities - Fundamental Issues : 36
- Economic View : 64
- Defense Frameworks : 52