Скачать или смотреть Have You Been Hacked? The Complete Windows Threat Detection MasterCourse

Have You Been Hacked? The Complete Windows Threat Detection MasterCourse
Link:https://drive.google.com/drive/folder...
In this comprehensive cybersecurity mastercourse, you will learn advanced threat detection methods specifically for the Windows operating system. We'll show you how to determine if you've been hacked by analyzing critical forensic evidence left behind by attackers, including Windows Event Logs, running processes, registry persistence mechanisms, and in-memory artifacts.

This course is designed for aspiring cybersecurity analysts, IT professionals, and anyone who wants to develop practical, intermediate-level skills in threat hunting, digital forensics, and incident response within a Windows environment.

➡️ *Recommended Tools & Resources Mentioned:*
Microsoft Sysmon: [Link to Sysmon]
Sysinternals Suite (Process Explorer, Autoruns): [Link to Sysinternals]
Volatility Framework: [Link to Volatility]
The Sleuth Kit (FLS): [Link to TSK]

🔔 *Subscribe for more in-depth cybersecurity training:*    / @sevenseven31  

---

*COURSE OUTLINE:*

*Module 1: Windows System Fundamentals and Attack Surface*
00:00:00 - Introduction: Have you been hacked?
00:00:23 - Lesson 1.1: Understanding the Windows Security Event Log Ecosystem
00:03:12 - Critical Security Event IDs (4624, 4625, 4688)
00:05:25 - Lesson 1.2: Windows Processes, Services, and Object Management
00:06:54 - Core System Processes (lsas.exe, svchost.exe)
00:08:15 - Detecting Anomalous Behavior (Parent-Child Mismatches)

*Module 2: Advanced Host-Based Artifact Analysis*
00:10:21 - Introduction to Module 2
00:10:40 - Lesson 2.1: Windows Registry Forensics & Persistence
00:12:25 - Top Registry Persistence Locations (Run Keys, Services)
00:14:04 - Lesson 2.2: NTFS Artifacts and File System Timelines
00:15:08 - Understanding the Master File Table (MFT) & MACB Times
00:15:50 - Timeline Analysis and Detecting Timestomping

*Module 3: Detecting Volatile and In-Memory Attacks*
00:17:12 - Introduction to Module 3
00:17:24 - Lesson 3.1: Memory Acquisition and Analysis with Volatility
00:19:03 - Analyzing Dumps with Volatility (PSList, NetScan, Malfind)
00:20:52 - Lesson 3.2: PowerShell and WMI Scripting Attack Detection
00:21:52 - PowerShell Attack Detection (Script Block Logging)
00:22:22 - WMI Attack Detection & Persistence

*Module 4: Windows-Specific Threat Hunting and Remediation*
00:23:28 - Introduction to Module 4
00:23:40 - Lesson 4.1: Implementing Sysmon for Advanced Telemetry
00:24:55 - Critical Sysmon Event IDs (1, 3, 8)
00:26:20 - Lesson 4.2: Windows Incident Response & Containment
00:27:14 - Containment, Evidence Collection & Eradication
00:29:04 - Course Conclusion & Summary

---

#Cybersecurity #Windows #ThreatHunting #DigitalForensics #Hacking