Macbook, Wifi Pineapple, and USB Rubber Ducky Giveaway

We are hosting another giveaway – this time even bigger. We are giving away a Macbook, a Wifi Pineapple, and a USB Rubber Ducky! You’ve got to get in on this!

Macbook, Wifi Pineapple, and USB Rubber Ducky Giveaway

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.  
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!  

All new Advanced Threat Hunting with Splunk

When it comes to log analysis, Splunk is one the most popular enterprise-grade solutions in the field today. Also, it can pull logs from nearly any device in the network, and it can integrate with most of the popular security products on the market. Today, Splunk is a common tool for Cyber Threat Hunting/Hunt Teaming/Malware Hunting/Defensive Cyber Operations (DCO)/Cyber Threat Analysis and many other names.

As popular as Splunk is – surprisingly few people are comfortable performing security event analysis with it. We decided to develop a Hands-on Splunk course designed specifically for InfoSec Professionals who want to do HANDS-ON DEEP TECHNICAL SECURITY ANALYSIS with Splunk.

The course price is $200, but the first 5 signups get it for $100 – so signup now!
https://infosecaddicts.com/product/advanced-threat-hunting-with-splunk/

Class Syllabus

Module 1: Deploying Splunk, configuring logging and forwarding

  • Installing Splunk
  • Configuring logging in Windows and Linux
  • Setting up log forwarding
  • Understanding how Windows Event logging works

The course price is $200, but the first 5 signups get it for $100 – so signup now!
https://infosecaddicts.com/advanced-threat-hunting-with-splunk/

Module 2: Attacking Servers and Workstations

  • Learning attacker tools/tactics/procedures (TTPs)
  • Generating real world security events to analyze
  • Attacking Workstations
  • Attacking Application Servers
  • Learning what types of security events generate log events
  • Writing basic queries for common attacks
  • Analyzing PCAP files with Splunk

Module 3: Hunting with Splunk

  • Data-Centric vs End-Point Hunting
  • Understanding IOCs/IOAs
  • Indicators of Compromise (IOCs)
  • Indicators of Attack (IOAs)
  • Integrating data from popular security products
  • Writing complex queries
  • Detecting Zero-Day attacks

The course price is $200, but the first 5 signups get it for $100 – so signup now!
https://infosecaddicts.com/product/advanced-threat-hunting-with-splunk/

Who is this class for?

IT System Administrators, IT Security Professionals, SOC Analysts, First Responders, Incident Handlers, Intrusion Analysts, and also Malware Analysts.

Class pre-requisites

Students should be familiar with using Windows and Linux operating environments. They also should be able to troubleshoot general connectivity and setup issues.

They should be familiar with VMware Workstation and be able to create and configure virtual machines.

Students are recommended to have a high-level understanding of key programming concepts, such as variables, loops, and functions. However, no programming experience is necessary.

Students will be provided with detailed courseware, detailed lab manuals, and copy/paste notes. So,  even if the student is not very strong, technically they will be able to complete the lab exercises and take notes effectively.

Class Schedule & Delivery Method

This class is a completely self-paced course that will go live on Monday the 13th of August at midnight. You can access the course by clicking on the “My Courses” link in the top right corner of https://infosecaddicts.com

Students will receive

  • 24 hours of CPEs
  • Several virtual machines
  • Courseware slides
  • Lab manual

Videos:
Videos are in the actual course module lessons in the InfoSec Addicts website.

Support:

Students can request help via the support chat system in the site or via the email based trouble ticketing system (allow 24 hours for a response). Send all questions/concerns to [email protected]

Cost:

The course price is $200, but the first 5 signups get it for $100 – so signup now!
https://infosecaddicts.com/product/advanced-threat-hunting-with-splunk/

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.  
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!  

Ultimate Hacklab – Self Paced (SP)

Ultimate hacklab – Self Paced (SP) – prep for hacking challenge lab exams like OSCP, LPT, eCPPT, and soon even the new CEH is going to be a hacking challenge lab as well.

If you really want to know what it takes to pass hack lab challenge-based exams like OSCP, LPT, eCPPT then ultimate hacklab is for you and it’s only $200.

The InfoSec Addicts Ultimate hacklab – Self Paced (SP) – is the best way for you to practice the skills required for almost any hands-on lab-based penetration testing/ethical hacking certification.

The Ultimate hacklab – Self Paced (SP) – gives you the opportunity to follow along with a structured and very detailed training program, and/or make your way through the labs and ask for help whenever you get stuck. You can run almost any tool and try nearly attack in the environment.

The class is self-paced. You can sign-up ANYTIME, and start IMMEDIATELY.

The program outlines how to create your own lab environment or you can connect to the InfoSec Addicts lab environment with almost any platform (Windows, Mac OS X, Kali Linux, other Linux distros) to go through the lab exercises.

Class syllabus:

  • Module 1: Connecting via VPN to the lab network
    • Connecting to the VPN with Windows
    • Connecting to the VPN with Mac OS X
    • Connecting to the VPN with Linux
    • Connecting to the VPN with Kali
  • Module 2: Scanning
    • Nmap
    • Net-Discover
  • Module 3: Module X: Enumeration
    • nmap NSE
    • rpcinfo/showmount
    • nbtstat
    • enum4linux
  • Module 4: Brute-forcing
    • Hydra
    • Medussa
  • Module 5: Vulnerability Scanning
    • Nessus
    • OpenVas
  • Module 6: Attacking web servers/web apps
    • Manual XSS/SQL Injection/LFI/RFI
    • Nikto
    • Dirbuster
    • Burp Suite
    • w3af
    • Arachni
  • Module 7: Compiling/Modifying Exploit code
    • Compiling code in Windows
    • Compiling code in Linux
    • Finding offsets
    • Changing out shellcode
  • Module 8: Client-Side Exploitation
    • Metasploit
    • Social Engineering Toolkit
  • Module 9: Transferring files
    • FTP
    • TFTP
    • VBscript
    • Debug,exe
    • wget/linux/bitsadmin
    • PowerShell
  • Module 10: Privilege Escalation
    • Linux
      • SUID binaries
      • Shell escapes
    • Windows
      • Identifying vulnerable services/misconfigurations
      • beR00t.exe
  • Module 11: Data-mining a compromised host
  • Module 12: Hashcracking
  • Module 13: Pivoting
    • Netcat/Socat pivot
    • SSH Pivot
    • Metasploit pivot
  • Module 14: Lateral movement
    • psexec
    • smbexec
    • winexe
  • Module 15: Data Exfiltration
    • ICMP Tunneling
    • DNS Tunneling
  • Module 16: Reporting

 

Lab Network Access

Targets in the lab network will change on the 1st of every month. Students have the option to purchase 1 months access to the lab environment for $25.

 

Students will receive:

  • Up to 124 hours of CPEs (24 CPE for the actual training and the rest come from labs and challenges completed by the students)
  • Several virtual machines
  • Courseware access
  • Lab Manual
  • Lab access

 

Class Videos

Each course module has a corresponding video that demonstrates the task being performed. So you can see each individual lesson’s skill or task that is being described actually being performed.

Support

Each student will have access to an InfoSec Addicts Group (infosecaddicts.com) for the class. Additionally, this is where they can work with other students in lab exercises, homework, and challenges. An InfoSec Addicts class mentor will be assigned to the group to answer questions (allow one day for responses). Likewise, a Customer Relationship Manager will get assigned to the class to manage questions and support issues.

 

Class Schedule

The class is self-paced. You can sign-up ANYTIME, and start IMMEDIATELY.

Fill out this form below to sign up for the class.

$100.00Add to cart

Try Certified Ethical Hacker for FREE!!!- https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.  
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!  

Low level of interaction honeypots

Honeypots could be categorized according to the level of interaction with the system into three main categories. The categories are- low level of interaction, medium level of interaction, and high level of interaction. I will discuss the low level of interaction honeypots in this article.

honeypots

When using these type of honeypots, it is not possible to receive a significant amount of data from this system. There are other systems where more and more amounts of data could be collected from them. The advantages of this type of honeypots are given neatly in the following points:

  • They have very limited interaction with the system. This implies that no high risk could arise from an attacker from dealing with this honeypot type of system. To illustrate, there is no operating system in place for an attacker can interact with.
  • The main usage of this type of honeypots is that any traffic coming into the network could be easily identified and captured by such honeypots. Also, new viruses and new worms are identifiable by such honeypots as well.
  • Getting this type of honeypot configured and installed into the network is a simple task. Understanding this type of honeypots and dealing with them from the organization’s perspective is equally easy.
  • The most used honeypot in this category of low-level interaction honeypots is what is referred to as Honeyd. This is considered as an vital honeypot when it comes to the low level of interaction honeypots. The latest and most stable version is 1.5c, which was released back in 2007. I will talk about Honeyd more in detail. This will include how to use them in practice and modern approaches to using them in another article to be published soon. So stay tuned! 😊

In a nutshell, through this type of honeypots, there are only one or more services that have to be simple and available for the attacker to interact with. All communication attempts with any particular functions such as a web or SSH server are logged and investigated afterward. These types of honeypots are considered as simple daemons that help a network administrator get to monitor any attempts of attacks on the system in a passive manner. The host operating system, in this case, is for sure free of any vulnerabilities that could be possibly exploited by an attacker. Thus, this makes such kinds of honeypots safe and secure from the organization point of view. On the other hand, this type of honeypots cannot be used for the sake of simulating a complex environment where interaction is a must, such as a Simple Mail Transfer Protocol (SMTP) server.

Security risks of using the low level of interaction honeypots?

honeypots

When dealing with low interactive honeypots like Honeyd, there are some security risks. These risks mainly lie in the fact that it is straightforward to get to know that a Honeyd is a trap. A Honeyd is easy to detect even when we do not configure our honeypot with our settings. The reason for that is a honeyd drops all the connections until it becomes impossible for it to deal with them anymore. Even when SYN package is not that good, the connections get terminated.

This information could assist any attacker in finding out that the targeted system is not a real one but a honeypot trap system. When an attacker checks the connections of the system, he will be capable of discovering that he fell into a trap, not a real system. Things are obvious in this case. Dropped connections are easily detected by the monitoring tools which an attacker uses, and these dropped connections imply the fakeness of such honeypot systems.

Low interaction honeypots get services emulated by an operating system, yet they are not real services. This fundamental information becomes of valuable use for an attacker who wants to draw his conclusions about the fakeness of a website. Complicated functions cannot get handled using such low interaction honeypots as well. Hence, breaking the system with the use of this technique becomes powerful. What an attacker needs to do is to look for information throughout the network merely. This is because, in the case of low interaction honeypots, the network stack is the one which we deal with.

Another major problem of low level of interaction honeypots is that they depend on the resources of the system that they are deployed on. Removing such resources, as a result, leads to a great notable feature which is latency. This could be checked through a ping test where the response will occur much later than how it was before getting the resources of the system removed. The system will hardly reply with an answer to our ping. This could indicate that the attacker is dealing with a Honeyd or Nepenthes. We can even use these approaches to detect the type of honeypot which we just deployed.

Leaving the deployed low interaction honeypot open for several days in a row is also a great way to come up with some important conclusions. The requests that are received by our honeypot should be significantly taken care of such that any responses by our system should be believable and make sense to the attacker. The responses to the extreme should fool the attacker that they believe that it is an actual running system. Nevertheless, when it comes to low interaction honeypots, SSH server is up and running while there are no generated replies or answers when talking to port 22. This trivially indicates that the system is not a real one because its responses are not appropriate, making the system not secure in the first place.

Resources:

http://www.diva-portal.org/smash/get/diva2:327476/fulltext01

https://www2.cs.arizona.edu/~collberg/Teaching/466-566/2012/Resources/presentations/2012/topic12-final/report.pdf

Try Certified Ethical Hacker for FREE!!! https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.  
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!