Select Page
74 / 100

Threat Hunting Examiner

No matter which side you are either blue, red, or purple, a decent understanding of Threat investigation and Threat Intelligence is vital if you want to be a complete IT Security Expert. You cannot be a professional defender without enough knowledge of attacking techniques. The same goes for penetration testers too. The Threat Hunting Examiner course is designed to provide IT security specialists with the abilities necessary to hunt for threats proactively and become a stealthier penetration tester. 

Threat Hunting Examiner is for you if

  • You’ve ever sat at a screen feeling paralyzed by not knowing what to look for next.
  • You’ve always wanted to find evil on your network without alerts, but don’t know how to approach it.
  • You struggle to dissect attacks and derive hunting strategies from them.
  • You have a mountain of data at your disposal but don’t know which techniques are best suited for gaining the necessary perspective over it to spot anomalies.
  • You want to add threat hunting capabilities to your security team but don’t know how to get buy-in from management or prove just how valuable it can be.
  • You’re tired of being told hunting is as simple as “knowing what’s normal so you can spot evil” — there’s more to it than that!
Threat hunting examiner

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

 

syllabus

syllabus

Threat Hunting Examiner - THE2121 1
module 1 : INTRODUCTION TO THREAT HUNTING
  • The process of Investigation
  • Where threat hunting Fits in, and Defined
  • Incident Response & Threat Hunting relationship
  • Threat Hunting Teams
Threat Hunting Examiner - THE2121 2
module 2 : THREAT HUNTING TERMINOLOGY
  • Advanced Persistent Threat
  • Tactics, Techniques, and Procedures
  • Cyber Kill Chain Model
  • Diamond Model
  • Attack Based Hunting
  • Data based Hunting
  • Subject vs. Context Anomalies
  • MITRE ATT&CK
  • Threat Hunting Hypothesis and Methodology
Threat Hunting Examiner - THE2121 3
module 3 : THREAT INTELLIGENCE NEXUS
  • Threat Intelligence and Types
  • Threat Intelligence Reports and Exchange
  • Indicators of compromise ( IOCs)
  • Yara, Redline, OpenIOC
  • Yara Rules
  • Lab – IOC Hunting

 

Threat Hunting Examiner - THE2121 4
module 4 : THREAT EXAMINER TOOL-CHAIN
  • GAPSS Model for Hunters
  • Strategies for Searching Data
  • Mastering any Search Tool
  • Aggregations Fundamentals
  • Aggregations-In Practice
  • Statistics for Anomaly Hunting
  • Role of Statistics in Hunting
  • Context Switching with Pivots
  • Hunting Analysis Tools

 

Threat Hunting Examiner - THE2121 5
module 5 : NETWORK THREAT HUNTING
  • TCP/IP and OSI Model
  • Devices for Networking Threat Hunting
  • Understanding the Network Traffic Flow
  • Tools & Techniques Mindset
  • Wireshark primer for Hunters
  • Network Miner for Hunters
  • HIDS & NIDS for Hunters
Threat Hunting Examiner - THE2121 6
module 6 : NETWORK TRAFFIC HUNTING
  • ARP traffic Investigation
  • ICMP traffic hunting
  • TCP and UDP analysis
  • DHCP and DNS examine
  • HTTP and HTTPS traffic suspects
  • Hunting Internal Corporate Threats
  • Network Hunting & Forensics
  • RSA Net Witness Investigator
  • ELK & Kibana for Hunters
Threat Hunting Examiner - THE2121 2
module 7 : WEB ATTACK HUNTING
  • Hunting SQL injections
  • Hunting XSS attacks
  • Hunting File Uploads & Web Shells
  • Hunting Common Client-Side Attacks
  • Hunting Server-Side attacks
Threat Hunting Examiner - THE2121 8
module 8 : ENDPOINT & MALWARE HUNTING
    • Windows Process map
    • Understanding Endpoint baselines
    • Malware Fundamentals
    • Malware Delivery
    • Malware Evasion Techniques
      • DLL Injections
      • PE Injections
      • Hook Injections
      • Kernel Rootkits
      • Masquerading
      • Packing /Compression
      • Recompiling
      • Obfuscation
    • Malware Persistence
      • AutoStart Locations
      • Scheduled Task
      • COM & DLL Hijacking
      • Windows Services
    • Malware Analysis & Detection
      • PE Capture
      • Payload detection
      • PowerShell Arsenal
      • Redline Use case
      • Memory Analysis with Volatility
certified network security professional
module 9 : EVENTS, LOGGING, and SIEM
  • Windows Event Logs
  • Windows Event IDs use cases
  • LOLBAS
  • Hunting Suspicious Accounts
  • Hunting Passwords Attacks
  • Hunting Pass the Hash
  • Hunting Golden Tickets  
  • Hunting RDP Sessions
  • Hunting PsExec
  • Hunting WMI Persistence
  • Hunting Scheduled Tasks
  • Hunting Service Creations
  • Hunting Network Shares
  • Hunting Lateral Movement
  • Microsoft ATP
  • PowerShell Hunting Tools
  • PowerShell defenses
who should attend this training?
  • Security Operations Center analysts and engineers
  • Incident response team members
  • Penetration testers/Red team members
  • Network security engineers
  • Information security consultants and IT auditors
why should i take this training?

The Threat Hunting Examiner course is designed to provide IT security
professionals with the skills necessary not only to proactively hunt for threats, but
also to become a stealthier penetration tester

prerequisite of the training ?
  • A solid understanding of computer networks: switches, routing, security
    devices, common network protocols, etc. (Recommended)
  •  Intermediate understanding of IT security matters
What is the duration of the training ?

Its an Instructor-led online training and the total duration of the training is 45 hours.

For more infoThreat Hunting Examiner kindly connect with

us 

3 + 8 =

Our clients

Testimonials

Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

Positive: Professionalism, Quality, Responsiveness, Value

5 start training. Naresh is the best. He made me Zero to Hero in 3 months time. Little bit expensive compare to others ,but totally worth it .

Ravi

Cyber Security Consultant , Red Hawk

together Let’s Create the future

4 + 1 =