For direct assistance contact us! +91-9999508202 [email protected]

Advance Threat Hunting training

Advance Threat Hunting training will prepare your mindset for overall threat identification and hunting capabilities . No matter which side you are either blue, red, or purple, a decent understanding of Threat investigation and Threat Intelligence is vital if you want to be a complete IT Security Expert. You cannot be a professional defender without enough knowledge of attacking techniques. The same goes for penetration testers too. The Threat Hunting Examiner course is designed to provide IT security specialists with the abilities necessary to hunt for threats proactively and become a stealthier penetration tester. 

Advance Threat Hunting Training  is for you if

  • You’ve ever sat at a screen feeling paralyzed by not knowing what to look for next.
  • You’ve always wanted to find evil on your network without alerts, but don’t know how to approach it.
  • You struggle to dissect attacks and derive hunting strategies from them.
  • You have a mountain of data at your disposal but don’t know which techniques are best suited for gaining the necessary perspective over it to spot anomalies.
  • You want to add threat hunting capabilities to your security team but don’t know how to get buy-in from management or prove just how valuable it can be.
  • You’re tired of being told hunting is as simple as “knowing what’s normal so you can spot evil” — there’s more to it than that!
Advance Threat hunting

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

 

syllabus

syllabus

Advance Threat Hunting Training- THE2121 1
module 1 : INTRODUCTION TO THREAT HUNTING
  • The process of Investigation
  • Where threat hunting Fits in, and Defined
  • Incident Response & Threat Hunting relationship
  • Threat Hunting Teams
Advance Threat Hunting Training- THE2121 2
module 2 : THREAT HUNTING TERMINOLOGY
  • Advanced Persistent Threat
  • Tactics, Techniques, and Procedures
  • Cyber Kill Chain Model
  • Diamond Model
  • Attack Based Hunting
  • Data based Hunting
  • Subject vs. Context Anomalies
  • MITRE ATT&CK
  • Threat Hunting Hypothesis and Methodology
Advance Threat Hunting Training- THE2121 3
module 3 : THREAT INTELLIGENCE NEXUS
  • Threat Intelligence and Types
  • Threat Intelligence Reports and Exchange
  • Indicators of compromise ( IOCs)
  • Yara, Redline, OpenIOC
  • Yara Rules
  • Lab – IOC Hunting

 

Advance Threat Hunting Training- THE2121 4
module 4 : Advanced THREAT Hunting TOOL-CHAIN
  • GAPSS Model for Hunters
  • Strategies for Searching Data
  • Mastering any Search Tool
  • Aggregations Fundamentals
  • Aggregations-In Practice
  • Statistics for Anomaly Hunting
  • Role of Statistics in Hunting
  • Context Switching with Pivots
  • Hunting Analysis Tools

 

Advance Threat Hunting Training- THE2121 5
module 5 : NETWORK THREAT HUNTING
  • TCP/IP and OSI Model
  • Devices for Networking Threat Hunting
  • Understanding the Network Traffic Flow
  • Tools & Techniques Mindset
  • Wireshark primer for Hunters
  • Network Miner for Hunters
  • HIDS & NIDS for Hunters
Advance Threat Hunting Training- THE2121 6
module 6 : NETWORK TRAFFIC HUNTING
  • ARP traffic Investigation
  • ICMP traffic hunting
  • TCP and UDP analysis
  • DHCP and DNS examine
  • HTTP and HTTPS traffic suspects
  • Hunting Internal Corporate Threats
  • Network Hunting & Forensics
  • RSA Net Witness Investigator
  • ELK & Kibana for Hunters
Advance Threat Hunting Training- THE2121 2
module 7 : WEB ATTACK HUNTING
  • Hunting SQL injections
  • Hunting XSS attacks
  • Hunting File Uploads & Web Shells
  • Hunting Common Client-Side Attacks
  • Hunting Server-Side attacks
Advance Threat Hunting Training- THE2121 8
module 8 : ENDPOINT & MALWARE HUNTING
    • Windows Process map
    • Understanding Endpoint baselines
    • Malware Fundamentals
    • Malware Delivery
    • Malware Evasion Techniques
      • DLL Injections
      • PE Injections
      • Hook Injections
      • Kernel Rootkits
      • Masquerading
      • Packing /Compression
      • Recompiling
      • Obfuscation
    • Malware Persistence
      • AutoStart Locations
      • Scheduled Task
      • COM & DLL Hijacking
      • Windows Services
    • Malware Analysis & Detection
      • PE Capture
      • Payload detection
      • PowerShell Arsenal
      • Redline Use case
      • Memory Analysis with Volatility
certified network security professional
module 9 : EVENTS, LOGGING, and SIEM
  • Windows Event Logs
  • Windows Event IDs use cases
  • LOLBAS
  • Hunting Suspicious Accounts
  • Hunting Passwords Attacks
  • Hunting Pass the Hash
  • Hunting Golden Tickets  
  • Hunting RDP Sessions
  • Hunting PsExec
  • Hunting WMI Persistence
  • Hunting Scheduled Tasks
  • Hunting Service Creations
  • Hunting Network Shares
  • Hunting Lateral Movement
  • Microsoft ATP
  • PowerShell Hunting Tools
  • PowerShell defenses
who should attend this training?
  • Security Operations Center analysts and engineers
  • Incident response team members
  • Penetration testers/Red team members
  • Network security engineers
  • Information security consultants and IT auditors
why should i take this training?

The Advance Threat Hunting Training course is designed to provide IT security
professionals with the skills necessary not only to proactively hunt for threats, but
also to become a stealthier penetration tester

prerequisite of the training ?
  • A solid understanding of computer networks: switches, routing, security
    devices, common network protocols, etc. (Recommended)
  •  Intermediate understanding of IT security matters
What is the duration of the training ?

Its an Instructor-led online training and the total duration of the training is 45 hours.

Advance Threat 

Hunting 

enquiry

12 + 6 =

Our clients

Testimonials

Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

Positive: Professionalism, Quality, Responsiveness, Value

5 start training. Naresh is the best. He made me Zero to Hero in 3 months time. Little bit expensive compare to others ,but totally worth it .

Ravi

Cyber Security Consultant , Red Hawk

together Let’s Create the future

2 + 7 =