OS Credential Dumping and Remote Services

Cybrary
Course
COMING SOON

Once attackers have a presence on your system, they may dump credentials from the operating system to gain further access and perform lateral movement. They can then use valid accounts to log in and connect to remote services for even wider access. Learn to detect and dump attackers in this lab-based course.

Time
55 minutes
Difficulty
Intermediate
CEU/CPE
1
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Course Description

Once an adversary has found their way into your environment, they will often take advantage of any credentials they grab as a hash or in plain text so they can move to an even better level of access. Although there are numerous ways to accomplish this goal, one of them is to dump credentials from the operating system or software. Even more clever is when they go on to use the valid accounts they have obtained access to log into remote services, move laterally, and explore other avenues to the data they are after.

Clearly, you should know how to detect this kind of activity and mitigate it so attackers can't gain such wide-ranging access.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Credential Access and Lateral Movement in your environment today.

Instructed By
Owen Dubiel
Owen Dubiel
Security Practitioner
Instructor
Matthew Mullins
Matthew Mullins
Technical Manager, Red Team
Instructor
Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a OS Credential Dumping and Remote Services Certificate of Completion

Domains