Skip to content

Topics

Topics:

MITRE Attack - ICS individuals

Access Control

Security Policy - O.S. Protection (in a nutshell) - Principle of Least Privilege - Temporary Privilege Elevation - O.S. Access Control Essentials - Understanding Access Control - Access Control in Large Organizations - LDAP SSO

Hacking

Hacking Preamble - Simple Hacking Scenario - Hacking Lab - Reverse Shells

Malware

Infection Chains - Initial Access and Execution - Persistence and Privilege Escalation - Botnets - Initial Access: Supply Chain and Trust

Malware - Detection

Malware Detection - A quick look at AVs (antiviruses)

Threat Model

Threat Model - Understanding Threat Models

Passwords

Auth - NTLM Kerberos

Lateral Movement AD Abuse

Lateral Movement - Abuse of Access Rights in AD - AD Attack Examples

MFA

MFA: Multifactor Authentication - One-Time Passwords (OTP) - Security Keys - Push notifications - MFA: Summary of Limitations - Passwordless Login (Passkey) - Loss of Second Factor

Memory corruption

Memory corruption - Memory Management (in a nutshell) Part 1 - Memory Corruption Vulnerabilities - Memory Management (in a nutshell) Part 2 - Memory Corruption: Stack Smashing - Defending against Memory Corruption vulns

Vulnerabilities - IDOR

IDOR (Insecure Direct Object Ref.)

Vulnerabilities - Case Studies

Vulnerabilities: Important Case Studies

Vulnerabilities - Intro Exploit Injection

Vulnerabilities: Introduction - How to actually exploit?

Vulnerabilities - CWE CVE CVSS

What is the underlying mistake? (CWE) - How to identify them unambiguously? (CVE) - What is the risk of a given vuln? (CVSS) - Which software is more secure?

Vulnerabilities - Management

Vulnerability Lifecycle - Responsible disclosure and Zero-days - Patch Management - Vulnerability Management in Organizations - Software Dependencies

Vulnerabilities - Fundamental Issues

Why do vulnerabilities exist? - Cybersecurity Testing - "Shifting left"

Economic View

Automated Attacks - Attack Economics and Attack Categories - Strategic Framework: Defender Mindset - Understanding Cybersecurity

Defense Frameworks

Common Technical Issues and Defense Frameworks

Total number of slides: 1784

  • MITRE Attack - ICS individuals : 112
  • Access Control : 202
  • Hacking : 127
  • Malware : 132
  • Malware - Detection : 46
  • Threat Model : 28
  • Passwords : 90
  • Auth - NTLM Kerberos : 170
  • Lateral Movement AD Abuse : 96
  • MFA : 108
  • Memory corruption : 163
  • Vulnerabilities - IDOR : 46
  • Vulnerabilities - Case Studies : 49
  • Vulnerabilities - Intro Exploit Injection : 91
  • Vulnerabilities - CWE CVE CVSS : 41
  • Vulnerabilities - Management : 131
  • Vulnerabilities - Fundamental Issues : 36
  • Economic View : 64
  • Defense Frameworks : 52