RootKit
Cyberscore

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Time
2 hours
Difficulty
Intermediate

This lab is designed to introduce the student to a Windows rootkit and to some tools and techniques used in discovery and removal of the rootkit. This experience should provide them with a basic understanding ...

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Overview

CYBRScore's Rootkit is a Premium Cybrary Lab intended for students of Intermediate level. CYBRScore's Rootkit Lab provides essential knowledge and experience in discovering a Windows rootkit operating the Rootkit Revealer tool, and using the rootkit as a backdoor as well as the techniques to proceed with the removal of the rootkit.

CYBRScore's Rootkit Lab is targeted towards Cyber Operators as well as future cybersecurity workers. Upon successful completion of CYBRScore's Rootkit Lab, the student will learn how to deploy tools to a target and utilize them once deployed. In CYBRScore's Rootkit Lab, students will gain knowledge of the structure, approach, and strategy of exploitation tools and techniques, such as gaining backdoor access. Students will also learn procedures and techniques for removing rootkits in operating systems.

CYBRScore's Rootkit Lab takes most students approximately 1-2 hours to complete.

In CYBRScore's Rootkit Lab, students will learn about how to discover and set up a rootkit in a Windows environment using the Command Line Tool, check running processes, review port activity as well as how to prepare and execute the rootkit. These actions and techniques represent an essential part of a Cyber Operator's knowledge.

The CYBRScore Rootkit Lab will allow you the opportunity to learn how to detect a rootkit and how it can be operated as a backdoor, to access a target. At this stage, more tools will be employed to communicate with the target and use the rootkit. This will give the cyber-operator the ability to develop new techniques for gaining and keeping access to target systems.

In CYBRScore's Rootkit Lab students will learn how to find, stop and confirm suspicious services. After deletion, the registry will be searched for any rootkit presence, and tools will be used to confirm rootkit eradication. This will give the Cyber Operator the opportunity to identify potential points of strength and vulnerability within a network.

CYBRScore's Rootkit Lab is part of the Cyber Operator career path. Successful completion of CYBRScore's Rootkit Lab means that the student has learned properly and understood how to set up, accurately detect and promptly remove rootkits.

Click on the Lab, to learn more about this threat.