Master Instructor
Matthew Mullins
Security Researcher - Adversary Emulation
Matt Mullins is a seasoned professional within offensive security with over a decade of experience where he has worked in medical, financial, and government spaces.
See More
Rating
56
courses
courses
Courses
Careers In Cybersecurity
Getting started in cybersecurity can be tough, and the number of careers seems endless. This course will get you hands-on with six of the most common cybersecurity roles, including penetration tester, digital forensics, cloud security, governance, security analyst, and security engineer. Decide which career is right for you today!
Lateral Movement: Remote Desktop Protocol (RDP)
T1021.001 is a comprehensive course that delves into the realm of lateral movement and remote services, with a particular emphasis on Remote Desktop Protocol (RDP). This course aims to equip students with a thorough understanding of RDP, its implementation, and the potential security implications of its use.
Valid Accounts: Local Accounts
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
Protocol Tunneling
Maintaining privacy and security has become increasingly vital for both individuals and organizations. T1572/T1573 is a comprehensive, hands-on course designed to equip participants with in-depth knowledge of protocol tunneling and encrypted channels - two critical techniques for secure and covert communication.
Exfiltration Over Alternative Protocol: Asymmetric Encrypted Non-C2 Protocol
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
CVE Series: Log4J (CVE-2021-44228)
The Log4J vulnerability (CVE-2021-44228) took the world by storm in late 2021. Do you have what it takes to exploit and mitigate this critical vulnerability that experts say had the biggest global impact since Shellshock? Find out in this course, where you'll put your defensive and pen testing skills to the ultimate test in a virtual lab.
Kerberoasting and Domain Accounts
Kerberos enables secure network communication in Windows environments, while Domain Accounts are a core part of Identity and Access Management. Adversaries can attack both of these and move through an environment largely undetected. Start detecting this covert behavior and begin stopping it in its tracks today.
Application Shimming and Data from Local System
Application shimming is a powerful feature that allows for backward compatibility across different versions of Windows OS. Adversaries manipulate this feature to bypass controls. They also search local file systems for files of interest. Get the skills to detect this behavior and prevent adversaries from setting up shop in your organization.
Spearphishing Attachment and PowerShell
Phishing is one of the top techniques leveraged in breaches today, and adversaries use it to send malicious attachments to targeted users. PowerShell is a powerful scripting tool that adversaries can exploit to perform recon and run executables. You will detect these adversary techniques and discover ways to mitigate them.
CVE Series: InstallerFileTakeOver (CVE-2021-41379)
InstallerFileTakeOver (CVE-2021-36934) is a Windows elevation of privilege vulnerability that emerged in late 2021 and could allow a threat actor to acquire elevated SYSTEM-level access. You will exploit this vulnerability in a virtual lab environment and learn how to mitigate it so you can protect your organization.
SSH Authorized Keys
SSH Authorized Keys are widely used as credentials for remotely accessing Linux-based systems via SSH. Adversaries can manipulate these keys to give themselves persistence in your environment so they can return at will. Get hands-on detecting and mitigating this adversary action today.
CVE Series: MSHTML Vulnerability (CVE-2021-40444)
The MSHTML Windows remote code execution vulnerability (CVE-2021-40444) identified in September 2021 could allow a threat actor to execute code on a victim’s machine. In this advanced course, you will exploit and mitigate this vulnerability in a secure lab environment, giving you the skills you need to protect your organization.
Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.