VoD 2021/1. Adversary Emulation for Breach Prevention Detection/2. Building our lab environment/5. Building Our SEC699 Lab Environment Expected Steps.mp4 9.5 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/6. Assessing detection coverage/21. Putting it All Together Atomic Threat Coverage.mp4 9.3 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/2. Stealing Credentials without Touching LSASS.mp4 9.2 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/11. LSASS Dumping MimiKatz Zoom in on lsadump.mp4 9.1 MB
VoD 2021/3. Lateral Movement Emulation Detection/6. Kerberos Refresh/3. A Kerberos Refresh Encryption Types.mp4 9.1 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/14. Pivoting Domain Trusts Enter the Trustpocalypse.mp4 8.9 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/11. An Example Cobalt Strikes ExecuteAssembly and spawnto.mp4 8.7 MB
VoD 2021/3. Lateral Movement Emulation Detection/6. Kerberos Refresh/2. A Kerberos Refresh.mp4 8.6 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/3. RuleBased Detection Good vs Bad Rules 1.mp4 7.7 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/13. What Techniques Should We Prioritize.mp4 7.6 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/1. Course objectives/3. What Is SEC699.mp4 6.2 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/8. Process Injection.mp4 6.2 MB
VoD 2021/3. Lateral Movement Emulation Detection/2. Bloodhound Enumeration/3. How Does BloodHound Collect Data.mp4 6.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/4. RuleBased Detection Good vs Bad Rules 2.mp4 6.1 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/42. LSASS Dumping Mimikatz Process Access Masks.mp4 4.5 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/2. Building our lab environment/4. Building Our SEC699 Lab Environment managesh Script.mp4 4.5 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/4. Elastic Common Schema ECS.mp4 4.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/14. Injection and NET Assemblies.mp4 4.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/7. Zooming in on Windows Internals/9. Identifying Hooks.mp4 4.4 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/18. Jupyter Notebooks for Threat Hunting.mp4 4.4 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/1. Techniques Covered in Section 2/2. Techniques Well Cover Today 1.mp4 4.4 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/9. Reflective DLL Injection.mp4 4.4 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/10. Introducing the Internal Monologue Attack.mp4 4.4 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/1. Course Roadmap 1.mp4 4.4 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/6. Assessing detection coverage/12. Launching a Trace Session Builtin CMD 1.mp4 4.3 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/3. Introducing the lab architecture/5. Key Users on the Target Systems.mp4 4.3 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/27. Direct System Calls Using Visual Studio Step 1.mp4 4.3 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/7. Extracting Hashes Using DCSync.mp4 3.8 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/7. LSASS Windows Security Support Providers 3.mp4 3.8 MB
VoD 2021/5. Azure AD Emulation Plans/7. APT28 Emulation Plan/9. Phase 2 Lateral Movement Technique T1047 WMI.mp4 3.8 MB
VoD 2021/5. Azure AD Emulation Plans/3. Azure AD Authentication Methods/4. Azure AD Enterprise Applications Authentication Protocols.mp4 3.8 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/22. LSASS Dumping Main Detection Strategies.mp4 3.7 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/10. A Primer on NET.mp4 3.7 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/12. LSASS Dumping MimiKatz Zoom in on sekurlsa.mp4 3.7 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/45. LSASS Dumping Detecting the Techniques Example SIGMA 4.mp4 3.7 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/22. Process Hollowing with Donut Shellcode and TikiTorch 2.mp4 3.7 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/6. Extracting Hashes from NTDSDIT Example SIGMA.mp4 3.6 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/2. Traditional Attack Strategies Defenses/4. Modern Endpoint Security Products.mp4 3.6 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/7. How Does Authentication Work Over a Trust NTLM.mp4 3.6 MB
VoD 2021/5. Azure AD Emulation Plans/5. Introduction to Azure Identities/2. Azure AD MultiFactor Authentication.mp4 3.6 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/2. Traditional Attack Strategies Defenses/9. Getting an Initial Foothold Key Detection Strategies.mp4 3.6 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/2. Building our lab environment/6. Automated Lab Deployment Using Terraform.mp4 3.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/2. Tricking Modern Endpoint Security Products.mp4 3.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/2. Traditional Attack Strategies Defenses/11. Getting an Initial Foothold Example SIGMA Rules 2.mp4 3.1 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/38. Prevent AV EDR Injection Debugger Tricks 1.mp4 3.1 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/21. Process Hollowing with Donut Shellcode and TikiTorch 1.mp4 3.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/2. Building our lab environment/14. Ansible Vault.mp4 3.1 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/12. Attacking Domains in the Same Forest.mp4 3.1 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/25. System Calls and Windows APIs.mp4 3.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/27. Introducing Shad0w.mp4 3.1 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/15. How Does Internal Monologue Work Two Other Settings.mp4 2.6 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/9. Hunting for These Shenanigans/3. A Concrete Example Reflective DLL Injection.mp4 2.6 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/9. Extracting Hashes Using DCSync Example SIGMA.mp4 2.6 MB
VoD 2021/3. Lateral Movement Emulation Detection/1. Techniques Covered in Section 3/8. Local Administrator Perks Silencing Sysmon Unloading 4.mp4 2.5 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/14. Purple Team AttCK Automation.mp4 2.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/35. Prevent AV EDR Injection Manipulating ProcThreadAttributes 2.mp4 2.5 MB
VoD 2021/3. Lateral Movement Emulation Detection/4. Stealing Credentials without Touching LSASS/14. How Does Internal Monologue Work LM Authentication Levels.mp4 2.4 MB
VoD 2021/5. Azure AD Emulation Plans/3. Azure AD Authentication Methods/5. Another Interesting Tool EWS Cracker Bypassing MFA.mp4 2.4 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/1. Course Roadmap 1.mp4 2.2 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/28. The Golden Age of C2 Introducing the C2 Matrix.mp4 2.2 MB
VoD 2021/3. Lateral Movement Emulation Detection/1. Techniques Covered in Section 3/6. Local Administrator Perks Silencing Sysmon Unloading 2.mp4 2.2 MB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/24. LSASS Dumping Detecting the Tools Example SIGMA Rules 2.mp4 2.2 MB
VoD 2021/5. Azure AD Emulation Plans/2. Azure AD Hybrid Authentication/10. Active Directory Federation Services.mp4 2.2 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/17. EEOutliers Result in Elasticsearch.mp4 2.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/15. Covenant.mp4 2.1 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/8. How Does Authentication Work Over a Trust Kerberos 1.mp4 2.0 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/7. Zooming in on Windows Internals/2. Operating Systems Rings.mp4 1.9 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/26. Identifying the Right System Calls.mp4 1.9 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/10. How Does Authentication Work Over a Trust Kerberos 3.mp4 1.9 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/7. Zooming in on Windows Internals/7. Introducing the WIN32 API Writeprocessmemory CreateRemoteThread.mp4 1.9 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/26. Sliver Catching the Blue Team.mp4 1.8 MB
VoD 2021/5. Azure AD Emulation Plans/1. Azure AD Structure and Management/1. Azure AD Emulation Plans.mp4 1.7 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/39. Prevent AV EDR Injection Debugger Tricks 2.mp4 1.7 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/6. Assessing detection coverage/20. Identifying Gaps and Prioritizing Through DeTTECT.mp4 1.7 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/36. Prevent AV EDR Injection Manipulating ProcThreadAttributes 3.mp4 1.7 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/12. Sources for SIGMA Rules Florian Roths Repository.mp4 1.7 MB
VoD 2021/5. Azure AD Emulation Plans/2. Azure AD Hybrid Authentication/8. Password Hash Synchronization PHS.mp4 1.7 MB
VoD 2021/4. Persistence Emulation Detection/3. COM Object Hijacking/8. COM Object Hijacking Strategies COM Search Order Hijacking 4.mp4 1.7 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/17. Jupyter Notebooks.mp4 1.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/7. Zooming in on Windows Internals/5. Introducing the WIN32 API Example Abuse Case.mp4 1.5 MB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/9. Hunting for These Shenanigans/2. Process Injection Detection.mp4 1.4 MB
VoD 2021/5. Azure AD Emulation Plans/4. Azure AD Conditional Access/6. Azure AD Conditional Access Blocking Legacy Authentication 4.mp4 1.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/11. AnomalyBased Detection Introducing eeoutliers 2.mp4 1.1 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/9. What Details are Available for a Subtechnique 1.mp4 1.1 MB
VoD 2021/4. Persistence Emulation Detection/2. Breaking Domain Forest Trusts/11. Example of a Shortcut Trust Configuration.mp4 1.0 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/7. What Details are Available for a Technique 1.mp4 1.0 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/21. Introducing VECTR Purple Team FollowUp 3.mp4 1.0 MB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/6. Assessing detection coverage/18. Assessing Detection Coverage Using DeTTECT 1.mp4 1.0 MB
VoD 2021/4. Persistence Emulation Detection/8. Stealth AD Persistence Manipulation/39. Security Descriptor Persistence STAGE 3 Being Obscure 4.mp4 969.1 KB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/8. Bypassing Security Products Through Process Shenanigans/28. Direct System Calls Using Visual Studio Step 2.mp4 968.9 KB
VoD 2021/4. Persistence Emulation Detection/8. Stealth AD Persistence Manipulation/38. Security Descriptor Persistence STAGE 3 Being Obscure 3.mp4 958.6 KB
VoD 2021/4. Persistence Emulation Detection/3. COM Object Hijacking/9. COM Object Hijacking Strategies COM Search Order Hijacking 5.mp4 955.1 KB
VoD 2021/4. Persistence Emulation Detection/6. Office Template Library Tricks/10. Microsoft Office AddIns Installing the AddIn.mp4 939.1 KB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/34. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 4.mp4 938.5 KB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/33. LSASS Dumping Detecting the Techniques Sysmon Event ID 10 3.mp4 938.2 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/23. Introducing VECTR Purple Team FollowUp 5.mp4 929.9 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/22. Faction C2 Payloads and Agents.mp4 927.4 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/15. TheHive Tasks.mp4 925.0 KB
VoD 2021/5. Azure AD Emulation Plans/6. Azure AD Security Logging/3. An Example of an Azure AD Risk Detection Investigation 1.mp4 919.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/23. Velociraptor EDR Custom Artifacts 1.mp4 819.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/17. Covenant Creating a Launcher.mp4 817.3 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/24. Introducing VECTR Purple Team FollowUp 6.mp4 811.2 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/6. Assessing detection coverage/17. Assessing Data Source Visibility Coverage Using DeTTECT.mp4 807.3 KB
VoD 2021/5. Azure AD Emulation Plans/4. Azure AD Conditional Access/4. Azure AD Conditional Access Blocking Legacy Authentication 2.mp4 807.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/10. What Details are Available for a Subtechnique 2.mp4 796.9 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/7. AnomalyBased Detection False Positives.mp4 792.8 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/8. What Details are Available for a Technique 2.mp4 591.5 KB
VoD 2021/4. Persistence Emulation Detection/8. Stealth AD Persistence Manipulation/10. Security Descriptor Reviewing The ACE Access Mask 5.mp4 589.5 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/3. Introducing the lab architecture/1. Course Roadmap 1.mp4 566.2 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/18. Covenant Grunts.mp4 564.1 KB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/38. LSASS Dumping Detecting the Techniques Process Access Rights 1.mp4 560.9 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/11. Infection Monkey Example 6.mp4 559.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/19. Exercise Preparing our Elastic and SIGMA stack.mp4 550.0 KB
VoD 2021/5. Azure AD Emulation Plans/6. Azure AD Security Logging/8. Advanced Detection Capabilities Azure Sentinel Example Rules.mp4 549.7 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/5. Building a stack for detection/21. Velociraptor EDR Filesystem Access.mp4 547.8 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/4. Purple teaming organization/20. Introducing VECTR Purple Team FollowUp 2.mp4 519.7 KB
VoD 2021/4. Persistence Emulation Detection/8. Stealth AD Persistence Manipulation/12. Security Descriptor Reviewing The ACE Access Mask 7.mp4 513.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/9. Automated emulation using MITRE Caldera/19. MITRE Calderas Operations 2.mp4 512.4 KB
VoD 2021/3. Lateral Movement Emulation Detection/3. LSASS Credential Stealing Techniques/48. Exercise Stealing Credentials from LSASS.mp4 511.9 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/25. Sliver Advanced Identification.mp4 510.5 KB
VoD 2021/5. Azure AD Emulation Plans/8. APT34 Emulation Plan/14. Exercise Manual Execution of APT34 Emulation Plan.mp4 505.8 KB
VoD 2021/5. Azure AD Emulation Plans/7. APT28 Emulation Plan/12. Exercise Manual Execution of APT28 Emulation Plan.mp4 492.9 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/9. Automated emulation using MITRE Caldera/23. Exercise Caldera.mp4 489.4 KB
VoD 2021/2. Initial Intrusion Strategies Emulation Detection/6. ExploitGuard Attack Surface Reduction Rules/5. Do Not Allow Child Processes.mp4 483.2 KB
VoD 2021/3. Lateral Movement Emulation Detection/5. Stealing NTLMv2 ChallengeResponse/8. Capturing NTLM Challenge Responses Using Office Step 2.mp4 468.6 KB
VoD 2021/4. Persistence Emulation Detection/8. Stealth AD Persistence Manipulation/9. Security Descriptor Reviewing The ACE Access Mask 4.mp4 466.7 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/10. Infection Monkey Example 5.mp4 455.5 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/9. Automated emulation using MITRE Caldera/16. MITRE Calderas Groups 1.mp4 453.4 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/9. Automated emulation using MITRE Caldera/17. MITRE Calderas Groups 2.mp4 453.2 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/16. Covenant Creating a Listener.mp4 403.1 KB
VoD 2021/5. Azure AD Emulation Plans/5. Introduction to Azure Identities/1. Course Roadmap.mp4 263.6 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/7. Rulebased versus anomalybased detection/16. AnomalyBased Detection Introducing eeoutliers 7.mp4 253.0 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/8. Building a stack for adversary emulation/24. Sliver Mitigating the Pyramid of Pains Bottom.mp4 247.7 KB
VoD 2021/1. Adversary Emulation for Breach Prevention Detection/9. Automated emulation using MITRE Caldera/13. MITRE Calderas Phases.mp4 238.2 KB
VoD 2021/4. Persistence Emulation Detection/3. COM Object Hijacking/13. COM Object Hijacking Strategies COM Object Linking 3.mp4 233.9 KB