Topics will be covered
- One of the most successful threat actor -Team TNT who targeted cloud and containerized environments
- Command and control analysis and cloud instances compromises techniques with functions executed
- Cloud Techniques involved
- AWS Keys and Metadata Extraction
- Docker Scanning and Installation
- DRedis-cli services scanning and compromises
- Kubernetes-instances compromise techniques
- Competitor Miners Identification and Removal Techniques
- Linux Privileges Escalation and Compromise Techniques used
- Diamorphine – Linux Kernal Module rootkit
- Libcap for network packet sniffing
- Zgrab – Golang Build fork of zmap
- Masscan and pnscan usage
- Defense Evasion – Impair / Disable Security Features
- Functions used for compromising techniques
- Windows Privilege Escalation Techniques used
- SQL Database user addition/ Deletion
- Service Execution
- Impair Defenses: Disable or Modify Tools
- PowerShell Execution
Duration: 30 Minutes
Who Should Attend ?
Security Analysts, Threat Hunters, Incident Managers, Practitioners interested in Threat Actor Profiling etc.
About Trainer :
Chetan Kawley is a Threat Hunting Security Researcher