Instructor

Lucas Romano

Red Team Operator

Lucas is a seasoned threat researcher in multiple security disciplines, such as real-world adversarial tracking, network vulnerabilities, web exploitation, API abuse, and more.

See More
Rating
9
courses
courses

Courses

false
true
false
Course
1
H:
M
1
CEUS

Exploitation for Privilege Escalation

This hands-on lab covers the MITRE technique T1068 - Exploitation for Privilege Escalation. This technique involves an adversary exploiting a vulnerability with the objective of gaining higher privileges. Learners will practice simulating privilege escalation and using a SIEM to detect this attack.

Learn More & Enroll
false
true
false
Course
1
H:
0
M
1
CEUS

CVE Series: Openfire (CVE-2023-32315)

If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against CVE-2023-32315 (Openfire Path Traversal to RCE), you won't want to miss this course. You will identify the vulnerability, exploit it, and mitigate it in a hands-on, secure lab environment. Don't let Openfire catch you off guard.
Learn More & Enroll
false
true
false
Course
1
H:
52
M
1
CEUS

Protocol Tunneling and Encrypted Channel

This hands-on lab is designed to equip learners with in-depth knowledge of protocol tunneling and encrypted channels - two critical techniques for secure and covert communication.

Learn More & Enroll
false
true
false
Course
1
H:
M
1
CEUS

Ingress Tool Transfer

This hands-on lab provides a brief survey of the MITRE TTP T1105 technique. This technique involves using tools to transfer malicious files onto a target network and the techniques used to evade detection.

Learn More & Enroll
false
true
false
Course
1
H:
M
2
CEUS

Exploit Public-Facing Application

This course covers the MITRE technique T1190: Exploit Public-Facing Application. This technique involves an adversary exploiting a vulnerability in a public-facing application to gain unauthorized access to a target network. Students will learn about the types of public-facing applications and common vulnerabilities that attackers may target.
Learn More & Enroll
false
true
false
Course
1
H:
M
1
CEUS

Search Open Technical Databases: Scan Databases

This course covers various aspects of the Search Open Technical Databases: Scan Databases TTP, including its components, associated risks, and detection techniques. Participants will learn how to detect and mitigate the risks associated with this TTP (T1596.005) and techniques for validating alerts and conducting pre and post-alert preparations.
Learn More & Enroll

About Lucas Romano

Lucas is a seasoned threat researcher in multiple security disciplines, such as real-world adversarial tracking, network vulnerabilities, web exploitation, API abuse, and more. He began his career at the US Department of Defense, where he was trained by some of the world's best operators and analysts. Lucas now operates in the Cybrary red team, emulating real-world threat actors and running purple team exercises. He has 11 industry certifications, including the OSWA, GPEN, GAWN, GCFE, and RHCSA. He is also a member of the GIAC Advisory Board. In his free time, he enjoys working outdoors to improve his farm.