Senior Instructor

Matthew Mullins

Security Researcher - Adversary Emulation

Matt Mullins is a seasoned professional within offensive security with over a decade of experience where he has worked in medical, financial, and government spaces.

See More
Rating
41
courses
courses

Courses

false
true
false
Course
0
H:
50
M
1
CEUS

Challenge: Spiny Shell

You receive an alert about a suspicious command execution on a Windows endpoint. Early analysis suggests PowerShell has not locked down appropriately. Can you validate if anything malicious is underway? Now that you have some basic information discovered, dive deeper into the suspicious command to identify the attacker's infrastructure and setup!
Learn More & Enroll
false
true
false
Course
1
H:
50
M
2
CEUS

CVE Series: Follina (CVE-2022-30190)

The Follina exploit (CVE-2022-30190) is a Windows Remote Code Execution (RCE) vulnerability that could allow a threat actor to acquire an initial level of access after a successful phishing attack. Take our course to gain the skills you need to identify the vulnerability, detect it, and mitigate it (with current best knowledge).
Learn More & Enroll
false
true
false
Course
0
H:
45
M
1
CEUS

CVE Series: Spring4Shell (CVE-2022-22965)

Spring4Shell (CVE-2022-22965) is a critical Remote Code Execution (RCE) vulnerability affecting Spring, a common application framework library used by Java developers. You will exploit and mitigate this vulnerability in a virtual lab, giving you the skills you need to “Spring” into action and protect your organization!
Learn More & Enroll
true
false
false
Course
1
H:
45
M
1
CEUS

Careers In Cybersecurity

Getting started in cybersecurity can be tough, and the number of careers seems endless. This course will get you hands-on with six of the most common cybersecurity roles, including penetration tester, digital forensics, cloud security, governance, security analyst, and security engineer. Decide which career is right for you today!
Learn More & Enroll
false
true
false
Course
1
H:
35
M
2
CEUS

Application Layer Protocol: Web Protocols

In this course, students will learn how C2 connections are established and used by attackers in a real-world demonstration to give learners a sense of how to detect malicious HTTP traffic. This is the last course in the Raspberry Robin Attack series.
Learn More & Enroll
false
true
false
Course
1
H:
35
M
2
CEUS

Command and Scripting Interpreter: Windows Command Shell

In this course, you will learn how the native CMD scripting language for Windows can be abused to allow an attacker to execute remote commands, establish persistence and create autorun files to carry out an attack within the Raspberry Robin attack cycle.
Learn More & Enroll
false
true
false
Course
1
H:
35
M
2
CEUS

System Binary Proxy Execution: Rundll32

In the course, you will learn how a malicious user can obfuscate some of their payload actions through downloaded DLL files using the built-in rundll32.exe. Using rundll32, an attacker can make their activity look like a normal Windows system binary process being executed under rundll32.
Learn More & Enroll
false
true
false
Course
1
H:
35
M
2
CEUS

System Binary Proxy Execution: Msiexec

In the course, you will learn how a malicious user can obfuscate some of their payload actions through downloaded DLL files by utilizing the built in rundll32.exe. By using rundll32, an attacker can make their activity look like a normal Windows system binary process being executed under the rundll32.
Learn More & Enroll

About Matthew Mullins

Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.