Course Description

Initial access refers to the crucial first step taken by cyber threat actors to gain unauthorized entry into a digital system or network. It marks the beginning of a cyber-attack, during which adversaries exploit vulnerabilities or employ various techniques to breach the perimeter defenses and establish a foothold within the target environment. This initial breach often serves as a gateway for further compromise, allowing attackers to execute their malicious objectives, such as exfiltrating sensitive data, deploying malware, or disrupting operations.

Get Started Now

Kindly choose the enrollment pricing option that suits you best. If you're enrolling as a group or need a custom plan, please contact us. We're here to help!

  • Initial Access and Anomaly Hunting

    Course Material + 40 hours of virtual lab access

    $100.00

    Buy Now

  • Initial Access and Anomaly Hunting

    Course Material - No virtual lab access

    $50.00

    Buy Now

Course Curriculum

  • 01

    Required Files

    • Required Files
  • 02

    Introduction

    • Introduction
  • 03

    SIEM Lab Setup

    • SIEM Lab Setup

    • Server Setup

    • Target Setup

    • Local Testing Setup

    • Theory
  • 04

    Initial Access Payloads

    • Initial Access Payloads

    • Macros

    • Detecting Macros

    • Example #1 - Macros

    • Lab #1 - Macros

    • Lab #1 - Macros - Solutions

    • Stand Alone Scripts

    • Example #2 - Stand Alone Scripts

    • Lab #2 - Stand Alone Scripts

    • Lab #2 - Stand Alone Scripts - Solutions

    • LNK

    • Detecting LNK

    • Example #3 - LNK

    • Lab #3 - LNK

    • Lab #3 - LNK - Solutions

    • CHM

    • Example #4 - CHM

    • Lab #4 - CHM

    • Lab #4 - CHM - Solutions

    • Brute Force

    • Example #5 - Brute Force

    • HTA

    • Example #6 - HTA

    • ISO

    • ISO Exercise
  • 05

    Anomaly Detection

    • Anomaly Detection

    • Scheduled Tasks

    • Example #7 - Scheduled Tasks

    • Lab #5 - Scheduled Tasks

    • Lab #5 - Scheduled Tasks - Solutions

    • Services

    • Example #8 - Services

    • Lab #6 - Services

    • Lab #6 - Services - Solutions

    • User Manipulation

    • Example #9 - User Manipulation

    • Lab #7 - User Manipulation

    • Lab #7 - User Manipulation - Solutions

    • Lab #8

Learning Outcomes

After completing this course, you will learn the following:

  • Gain Insight into Initial Access Techniques

  • Develop Proficiency in Anomaly Detection

  • Enhance Incident Response Capabilities

  • Implement Proactive Security Measures

Technical Requirements

For the hands-on labs in this course

  • Internet Connection

  • Workstation with at least 16GB RAM and 100GB Disk Space

  • Operating System (Windows or Linux)

  • VirtualBox or VMWare (hypervisor)

What is next at Cyber 5W?

Add your email to the mailing list to get the latest updates