Hands-On Artificial Intelligence for Cybersecurity: Implement smart AI systems for preventing cyber attacks and detecting threats and network anomalies, Alessandro Parisi, 2019

Conf42 DevSecOps 2023

In case you were unable to attend the conference, here is a link to the playlist on YouTube. It covers topics such as: understanding and where to use AI and ML, cloud security, modernizing authorization, Kafka governance, OpenTelemetry, etc.

YouTube

#AwesomeStuff

Top DevSecOps Pipeline, 2023

Материалы с российской конференции РусКрипто’2023

XXV научно-практическая конференция «РусКрипто’2023», посвященная различным аспектам криптографии, информационной безопасности и защиты информации проходила с 21 по 24 марта 2023 года в подмосковном отеле «Солнечный Park Hotel & SPA».

Участие в программе конференции приняло большое число экспертов из научных кругов, компаний разработчиков средств информационной безопасности и представителей государственных организаций. Деловая часть была представлена работой 16 тематических секций, круглых столов и дискуссионных панелей в два-три потока

Посмотреть материалы

#useful

Снова отходя от темы ИБ - основной тематика канала, сегодня делюсь с вами лучшей подборкой книг от Дениса Борисова на тему саморазвития, о котором я часто упоминал в своих стримах и подкастах #podcast.

Уверен, найдутся те кто скажут "Борисов - инфоцыган, скамер, качок" и "Все это фуфло..". Но как известно только 5% всей массы людей создают контент, движут науку, развивают мир в то время как другие 95% просто потребляют ничего не предлагая (в том числе просто критикуют). И, так же, известно, что в любом сообществе только 1% будет генерить контент (отвечать на сообщения, дискутировать, шарить материалы, ссылки и т.д.) когда 99% оставшихся участников просто пассивно наблюдать. Так, что, безусловно, кому-то зайдет, кто-то пройдет мимо. Но, тем менее, главный концепт манифеста хакера "Информация должна быть свободна (доступна)" поэтому вышел этот пост.

Так, что ребята, кому нра - берем, кому нет - ничего страшного, будут и на вас хорошие материалы. И как говорит Денис "Да прибудет с нами сила" (с)

Официальный сайт

#book #info #softskill

Wazuh Course by Let'sDefend!

Throughout the course, you will have the opportunity to engage in practical exercises and real-world scenarios, enabling you to apply the acquired knowledge in a practical and meaningful manner. Upon completion, you will be well-versed in leveraging the capabilities of Wazuh to enhance the security posture of your organization, effectively detect and respond to security incidents, and gain a comprehensive understanding of SIEM processes from start to finish.

This course equips you with the essential skills and expertise needed to confidently navigate the complexities of Wazuh and strengthen your organization's security infrastructure.

Official page
Wazuh for cybersecurity
Monitor Your Container Activities with Wazuh

#education #defensive

Wazuh Course by Let'sDefend! (PDF only, no Labs)

Hunt APTs with Yara like a GReAT ninja, Kaspersky Lab, ripped by Hide01

Our specialists have poured years of experience from the prominent cases they have worked on into our online Threat Hunting with Yara training. Course leader Costin Raiu, a 25 year veteran of the threat hunting industry, will teach you the unconventional ways of working with Yara so that you can find threats of the same magnitude as his team.

Specifically designed for self-paced learning, our course is deeply practical and enables you to learn-by-doing, hunting for real threats in our dedicated Virtual Lab. Using world-renowned cases like BlueTraveller, Sofacy & WildNeutron as the basis of the course, Costin shares insights and techniques from his team’s exclusive research on these cases. This knowledge will enhance your career and improve your organisation’s threat defences.

Official page + Landing page

#education #malware #defensive

Hunt APTs with Yara like a GReAT ninja, Kaspersky Lab, ripped by Hide01

Password: hide01.ir

Attacking and Defending Active Directory: Advanced Edition by Pentester Academy, ripped by Hide01

A deep dive into Red Teaming – Practice attacks with focus on OpSec, Living Off the Land and bypassing security controls like MDI, WDAC and more in a secure multi-forest active directory lab environment.

Attacking and Defending Active Directory is beginner friendly course designed for security professionals who would like to enhance their AD security knowledge and want to understand practical threats and attacks in a modern Active Directory environment. The course is based on our years of experience of making and breaking Windows and AD environments and teaching security professionals.

We cover topics like AD enumeration, trusts mapping, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, Silver ticket and more), ACL issues, SQL server trusts.

Official page + Lab page
GitHub

#education #windows #pentest #defensive

Attacking and Defending Active Directory: Advanced Edition by Pentester Academy, ripped by Hide01

Password: hide01.ir

Attacking Active Directory with Linux by Altered Security

Attacking Active Directory with Linux (LinuxAD) is a training environment and playground. Students get access to dedicated lab setup (not shared with other students). The lab contains a Linux based machine to execute attacks and a target AD setup. The target AD is a fully patched AD environment with all Server 2019 machines.

Students can practice techniques like network discovery, enumeration, abusing file shares, bypassing AMSI and Windows Defender, metasploit payloads, domain enumeration, credentials spraying and reuse, extracting secrets, testing LOLBAS, evading application whitelisting, SQL Server abuse, pivoting, ACL abuse, exploiting delegation, domain privilege escalation and more!

Official page + Lab page + Lab guide
Win Red Teaming + Attacking Active Directory: 0 to 0.9
Хабр

#education #windows

Attacking Active Directory with Linux by Altered Security, ripped by Hide01

Password: hide01.ir