•
•
•
•
The most hands-on Mobile Penetration testing course on the market
Bougioukas Dimitrios
- Director, IT Security Training Services @ eLearnSecurity
- Author & IT Security Research Lead @ eLearnSecurity
- Expert on EU CERT/CSIRT Technical Training (Incident
Response, Tactical Analytics, SOC 3.0 & SOAR) @ ENISA
Interests:
- Cyber Program Management / Transformation
- Advanced Adversary Simulation & Dark Ops
- Tactical & Strategic Threat Intel
- Purple Team Tactics
whoami
The most hands-on Mobile Penetration testing course on the market
1. Introduction to eLS
2. Malware Analysis Professional and Job Proficiency
+ Malware/Attack Families Detected by ELS Courses
3. Malware Analysis Professional – Topics Covered
4. Malware Analysis Professional – Lab Demo
Agenda
The most hands-on Mobile Penetration testing course on the market
1. Introduction to eLS
2. Malware Analysis Professional and Job Proficiency
+ Malware/Attack Families Detected by ELS Courses
3. Malware Analysis Professional – Topics Covered
4. Malware Analysis Professional – Lab Demo
Agenda
Percentage of companies
having experienced one or
more successful cyber attacks
Percentage of said cyber attacks
using evasive methods
Used by: …and 20,000+ IT Security professionals
worldwide
&
• Fortune 100/500 companies
• Government agencies
• Intelligence/Military units etc.
The most hands-on Mobile Penetration testing course on the market
✓ Create/Educate complete and up-to-date IT Security
Professionals!
✓ Provide applicable knowledge, tied to the current
threat landscape
❑ Constant monitoring of the threat landscape
❑ Frequent updates
❑ Lab-heavy courses
❑ Holistic & vendor-agnostic approach
The most hands-on Mobile Penetration testing course on the market
1. Introduction to eLS
2. Malware Analysis Professional and Job Proficiency
+ Malware/Attack Families Detected by ELS Courses
3. Malware Analysis Professional – Topics Covered
4. Malware Analysis Professional – Lab Demo
Agenda
Credit: Rajeev
Shukla
Forensic/Malware Analyst
Credit: Rajeev
Shukla
Forensic/Malware Analyst
▪ In-depth Network Traffic
& Flow Analysis
✓ Snort, Suricata, Bro
usage and signature
writing
✓ IR at scale through
GRR/Velociraptor
▪ Detecting all stages of
the Cyber Kill-chain
(from recon to
persistence incl. the
latest Kerberos attacks)
✓ Correlation of events
✓ ELK & Splunk usage
▪ Common protocol &
Endpoint analytics▪ Hunting for evasive
malware
✓ Webshells
✓ PowerShell
✓ .NET Malware
✓ Rootkits
✓ Encrypted C2 etc.
▪ Hunting in Memory
▪ Hunting at Scale
✓ Advanced ELK,
Splunk, Osquery &
Kollide usage
▪ Hunting for advanced
attacks
✓ AMSI bypasses, COM
Hijacking,
Kerberoasting, PPID
spoofing, Access
Token Theft, API
▪ Real-world malware
sample analysis,
debugging & reverse
engineering
✓ Ransomware, Botnets,
RATs, Downloaders,
Keyloggers, Process
Hollowing with TLS
callbacks etc.
✓ x86 & x64 malware
samples
✓ Windows API usage
for malicious purposes
✓ Manual unpacking
✓ Anti-reversing tricks
etc.
▪ Reverse Engineering of
Software
✓ Theory
✓ PE File Format
Analysis
✓ Patching
✓ Windows Registry
Manipulation
✓ File Manipulation
✓ Code Obfuscation
The most hands-on Mobile Penetration testing course on the market
1. Introduction to eLS
2. Malware Analysis Professional and Job Proficiency
+ Malware/Attack Families Detected by ELS Courses
3. Malware Analysis Professional – Topics Covered
4. Malware Analysis Professional – Lab Demo
Agenda
The most hands-on Mobile Penetration testing course on the market
1. Introduction to eLS
2. Malware Analysis Professional and Job Proficiency
+ Malware/Attack Families Detected by ELS Courses
3. Malware Analysis Professional – Topics Covered
4. Malware Analysis Professional – Lab Demo
Agenda
Congratulations!
Bad As You Want To Be – Adversary Emulation BasicsThursday May 28, 2020 @ 1:00 PM EDT
https://www.ethicalhacker.net/eh-net-tv/eh-net-live/webinar-bad-as-you-want-to-be-adversary-emulation-basics/
USA – Italy – Beyond…