Skip to content

Topics

Hacking

Hacking Preamble - Hacking Scenario - Hacking Lab - Attacking an Organization

Access Control

Security Policy - O.S. Protection (in a nutshell) - Principle of Least Privilege - O.S. Access Control Essentials - Understanding Access Control - Access Control in Large Organizations - LDAP SSO

MITRE Attack - ICS individuals

Malware - Basic

Tactic: Initial Access - Tactic: Execution - Basic Malware Concepts - Tactic: Impact - Botnets

Malware - Detection

Malware Detection - A quick look at AVs (antiviruses)

Malware - Advanced InitialAccess

Initial Access: Advanced Techniques - Supply Chain Compromise

Threat Model

Threat Model - Understanding Threat Models

Passwords

Auth - NTLM Kerberos

Lateral Movement AD Abuse

Lateral Movement - Abuse of Access Rights in AD - AD Attack Examples

MFA

MFA: Multifactor Authentication - One-Time Passwords (OTP) - Security Keys - Push notifications - MFA: Summary of Limitations - Passwordless Login (Passkey) - Loss of Second Factor

Memory corruption

Memory corruption - Memory Management (in a nutshell) Part 1 - Memory Corruption Vulnerabilities - Memory Management (in a nutshell) Part 2 - Memory Corruption: Stack Smashing - Defending against Memory Corruption vulns

Vulnerabilities - IDOR

IDOR (Insecure Direct Object Ref.)

Vulnerabilities - Case Studies

Vulnerabilities: Important Case Studies

Vulnerabilities - Intro Exploit Injection

Vulnerabilities: Introduction - How to actually exploit?

Vulnerabilities - CWE CVE CVSS

What is the underlying mistake? (CWE) - How to identify them unambiguously? (CVE) - What is the risk of a given vuln? (CVSS) - Which software is more secure?

Vulnerabilities - Management

Vulnerability Lifecycle - Responsible disclosure and Zero-days - Patch Management - Vulnerability Management in Organizations - Software Dependencies

Vulnerabilities - Fundamental Issues

Why do vulnerabilities exist? - "Shifting left"

Defense

Automated Attacks - Common Technical Issues and Defense Frameworks - Attack Economics and Attack Categories - Strategic Framework: Defender Mindset - Understanding Cybersecurity

Total number of slides: 1761

  • Hacking : 103
  • Access Control : 180
  • MITRE Attack - ICS individuals : 96
  • Malware - Basic : 153
  • Malware - Detection : 39
  • Malware - Advanced InitialAccess : 22
  • Threat Model : 28
  • Passwords : 85
  • Auth - NTLM Kerberos : 167
  • Lateral Movement AD Abuse : 96
  • MFA : 107
  • Memory corruption : 163
  • Vulnerabilities - IDOR : 46
  • Vulnerabilities - Case Studies : 49
  • Vulnerabilities - Intro Exploit Injection : 91
  • Vulnerabilities - CWE CVE CVSS : 41
  • Vulnerabilities - Management : 121
  • Vulnerabilities - Fundamental Issues : 35
  • Defense : 139