Module 1: Windows system binaries hardening |
|
(W37M01) Introduction |
|
00:00:00 |
|
(W37M01) Applocker bypass using MSIEXEC |
|
00:00:00 |
|
(W37M01) Applocker bypass using control panel |
|
00:00:00 |
|
(W37M01) Applocker bypass using CreateRestrictedToken API |
|
00:00:00 |
|
(W37M01) Applocker bypass using MSXSL |
|
00:00:00 |
|
(W37M01) Applocker bypass using bginfo |
|
00:00:00 |
|
(W37M01) UAC bypass using fodhelper |
|
00:00:00 |
|
(W37M01) Conclusion + Assessment |
|
00:00:00 |
|
(W37M01) Assignments |
14, 00:00 |
Windows security auditing and logging |
|
(W37M02) Introduction |
|
00:00:00 |
|
(W37M02) Auditing security events: logging powershell attacks or activity |
|
00:00:00 |
|
(W37M02) Powershell v5 Enhancements |
|
00:00:00 |
|
(W37M02) Collecting and making sense of logs using splunk |
|
00:00:00 |
|
(W37M02) Conclusion + Assignment |
|
00:00:00 |
|
(W37M02) Assignments |
14, 00:00 |
Hardening Windows Active Directory |
|
(W37M03) Introduction |
|
00:00:00 |
|
(W37M03) From Normal AD user to domain administrator (part 1) |
|
00:00:00 |
|
(W37M03) From Normal AD user to domain administrator (part 2) |
|
00:00:00 |
|
(W37M03) From Normal AD user to domain administrator (part 3) |
|
00:00:00 |
|
(W37M03) From guest to domain administrator (part 1) |
|
00:00:00 |
|
(W37M03) From guest to domain administrator (part 2) |
|
00:00:00 |
|
(W37M03) Conclusion + Assignment |
|
00:00:00 |
|
(W37M03) Assignments |
14, 00:00 |
Tools to perform windows audit |
|
(W37M04) Introduction |
|
00:00:00 |
|
(W37M04) Auditing with powershell scripts |
|
00:00:00 |
|
(W37M04) Auditing with Nessus Home |
|
00:00:00 |
|
(W37M04) Conclusion and Assignment |
|
00:00:00 |
|
(W37M04) Assignments |
14, 00:00 |