Hacking Tactic, Techniques, and Procedures (TTPs)

Source: https://www.udemy.com/course/hacking-tactic-techniques-and-procedures-ttps/

What you’ll learn

• Define key threat and risk-related terms
• Identify and describe the primary categories of hackers (white hat, gray hat, black hat) and explain their ethical boundaries
• Recognize the different characteristics that define adversaries in the cybersecurity landscape, such as motivations, resources, sponsorship, and levels of sophi
• Explain the risks posed by insider threats and shadow IT and how these internal risks differ from external threats
• Explain how cyber attacks are planned and carried out.
• Describe Tactics, Techniques, and Procedures (TTPs) and how they reveal attacker behavior
• Understand the MITRE ATT&CK framework and how it organizes attack tactics and techniques
• List the steps of the Cyber Kill Chain and how it helps defend against attacks
• Describe the Diamond Model of Intrusion Analysis and how it helps analyze attacks
• Define what attack patterns and signatures are and how they are used to identify adversaries
• Explain the purpose of reconnaissance and how attackers gather information
• Describe OSINT techniques, including DNS and website reconnaissance, social media scraping, eavesdropping, and dumpster diving
• Define an attack surface and how it’s analyzed to find an attack vector and vulnerabilities that will be used during an attack
• Explain the concept of weaponization in cyber attacks and the role of brokers in malware distribution
• Identify common types of malware, including viruses, worms, trojans, ransomware, spyware, Command and Control (C2), Remote Access Trojans (RATs), botnets, and f
• Discuss enterprise-level concerns related to malware and strategies for mitigation
• Explain the role of social engineering in cyber attack delivery and how trust is developed with targets
• Identify and describe common social engineering methods and tactics, including impersonation, phishing variants, and physical techniques like tailgating
• Recognize advanced delivery techniques such as typosquatting, domain shadowing, and business email compromise (BEC)
• Understand the impact of emerging tools, including AI, on social engineering attacks
• Identify common vulnerabilities across networks, protocols, hardware, software, virtualization, cloud, cryptography, humans, passwords, processes, and physical
• Explain how different vulnerabilities can be exploited individually or combined through exploit chaining
• Describe techniques for network discovery, reconnaissance, and enumeration, including both wired and wireless methods
• Perform basic network scanning and fingerprinting using tools like Nmap and Wireshark
• Explain wiretapping and sniffing attacks and how they are used to capture network data
• Understand credential harvesting and vulnerability scanning as part of the attack lifecycle
• Explain the concepts of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks and their impact on network availability
• Identify various types of DoS attacks, including jamming, buffer overflow, ping of death, and TCP reset attacks.
• Describe network flooding attacks such as ping flood, TCP SYN flood, UDP flood, DNS flood, amplification, and reflected attacks.
• Demonstrate understanding of Wi-Fi deauthentication, DHCP starvation, and rogue DHCP attacks
• Understand the mechanics behind broadcast storms, directed broadcasts, and smurf attacks
• Explain what Adversary-in-the-Middle (AitM) and replay attacks are, including their impact on communications
• Identify various spoofing attacks, including DHCP spoofing, ARP cache poisoning, DNS cache poisoning, and evil twin attacks
• Understand how these attacks manipulate network traffic and deceive systems or users
• Identify common software vulnerabilities using frameworks like Common Weakness Enumeration (CWE) and OWASP Top 10.
• Explain different types of software attacks, including race conditions, deserialization, buffer overflow, path traversal, injection attacks, and cross-site scri
• Identify common authentication and credential-based attacks such as password attacks, credential replay, and MFA fatigue.
• Explain advanced access attacks including pass-the-hash, session hijacking, privilege escalation, and compromised key attacks
• Describe exploitation techniques like jailbreaking, sideloading, trust exploits, and request forgery attacks (CSRF, SSRF)
• Recognize physical attack vectors related to authentication and access control
• Explain password hashing and the importance of salting to protect stored passwords
• Demonstrate various password cracking methods, including brute-force, dictionary, mask attacks, and password spraying
• Understand advanced cracking tools like hashcat and hydra used for account compromise
• Recognize attacks such as rainbow tables, credential stuffing, and their impact on security
• Explain common stealth techniques used by attackers, including encryption, tunneling, and obfuscation
• Describe traffic manipulation methods such as traffic fragmentation and DNS tunneling
• Identify network evasion tools like proxies, fast-flux, double-flux, and domain-flux
• Understand how Domain Generation Algorithms (DGA) enable persistent and evasive communications
• Identify common indicators of compromise (IoCs), including alerts, logs, and signs of removed evidence or disabled defenses
• Recognize behavioral signs such as resource consumption issues, system crashes, and strange communications
• Detect suspicious activities like data exfiltration, rogue devices, scans, beaconing, and unauthorized changes
• Understand account anomalies including lockouts, new accounts, concurrent sessions, and impossible travel
• Analyze other unusual system behaviors that may indicate a security breach

Requirements

• A good understanding of computers
• A good understanding of networking

Password: cms.ddpanda.org