A DFIR Masterclass with Offensive and Defensive Techniques on Windows 11 and Server 2022

This is a hands-on course for learning attack, detection and DFIR techniques on Windows environment.

You will first attack a Windows domain network with in-the-wild targeted attack malware and post-exploitation tools using the same techniques as attackers, such as:

• NTLM Relay Attack

• Golden/Silver/Diamond/Sapphire Ticket Attack

• DCSync/DCShadow

• Credential Harvesting

• Remote Command Execution/Logon

• Domain Persistence

• Delegation Attack

Then, you will acquire artifacts from the environment and analyze them with the DFIR techniques such as:

• Memory Forensics

• Persistence Analysis

• Program Execution Artifacts Analysis

• Event Log Analysis

• Timeline Analysis

• Triage Collection

Since you will learn attack AND defense, including detection and DFIR, techniques, you will have a better understanding of both. Then, even if new attacks emerge, you will already know how to test and detect them yourself after completing this course.

We will be waiting for you with numerous exercises!