New Job-Role Training Path: Active Directory Penetration Tester! Learn More

Newbie

Newbie
This pathway was created for newly employed SA. - Learning Process: this could apply to any learning process, not just cybersec - Intro to Network Traffic Analysis: tcpdump/wireshark - Using Web Proxies: It is not unusual that you have to boost up Burp to when analyzing phishing sites or suspicious website. - JavaScript Obfuscation: Obfuscated code is one of the methods the attacker used to evade detection. This Module only focuses on JavaScript but the knowledge/methodology could apply to any programming lang - Shell & Payload: How can we defend our client if we don't know how the attacker gain initial access - File Transfer: Malware + Attacker are using it to download 2nd stage malware, download additional payload, or exfiltrated data out of the victim's network. - Windows Fundamental: Good to know Windows processes/services which will help you when analyzing EDR alerts
Medium Path Sections 118 Sections
Required: 210
Reward: +90
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.