Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Practical SOC Analyst (intermediate)
0. Concepts & Basics - Network Protocols
Introduction
OSI vs TCP/IP
TCP
0. Concepts & Basics - Firewalls
Firewall Basics
1.1 Monitoring / Detection / Protection - Software in Use
Security Information & Event Management System (SIEM)
Web / Domain Hunting tools
Ticket / Case-Management
Intrusion Detection/Prevention Systems (IDS/IPS)
Proxies
Wireshark
1.2 Monitoring / Detection / Protection - Logs
Linux Logs
Windows Logs
1.3 Monitoring / Detection / Protection - Detection Rules / Frameworks
SIEM functionality / wazuh overview
Decoders & Rules
2.1 Incidents + Detection / Actions - Windows attacks
Kerberoasting
Windows Brute-Force Attacks
MSSQL commands - XP_cmdshell / XP_dirtree
Mimikatz
PassTheHash / OverPassTheHash
SAM / Registry
Silver Tickets
Golden Tickets
Constrained/Unconstrained Delegation
Resource-Based Constrained Delegation (RBCD)
UAC Bypass(es)
SAM Account Spoofing
S4U Self
ADCS - Certificate Services
SCCM - System Center Configuration Manager
PrintSpooler / PrintSpoofer
AMSI Bypasses
Microsoft Defender Attacks
DC-Sync
Potato Attacks
net1.exe abuse
Lateral Movements Tools (wmi, winrm, psexec)
2.3 Incidents + Detection / Actions - Web attacks
OWASP Top 10
3. Post-Incident
Static Malware Analysis
Dynamic Malware Analysis
0.3 - Active Directory
Domain / Domain Controller
Join Computers to the Domain
Kerberos / Tickets
Potato Attacks
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock