Time
8 hours 28 minutes
Difficulty
Beginner
CEU/CPE
10

Video Transcription

00:00
Hello and congratulations on the successful completion of the privilege escalation phase of these discussions with respect to the miter attack framework. So what should we have learned up to this point? Well, we're going to be quick. We should have looked at access token manipulation described it,
00:20
how it's been used and mitigating and detection techniques. Within that,
00:25
we looked at elevated execution with prompt again describing what it was within minor, how we've seen it used or some examples or vulnerabilities there mitigation techniques and detection techniques. We reviewed exploitation for privilege escalation, touching on what it was.
00:41
Some use cases in areas where that's been taken advantage of.
00:45
And then we jumped into mitigation and detection techniques as well. File system permission. Weaknesses touching on all of those core areas that we've previously discussed. Scheduled tasks. Looking at how that's used,
00:58
how you can take advantage of scheduled task to run scripts and do things of that nature and then again, mitigation and detection techniques. We looked at pseudo at a high level, again, being specific to Lennox and Matt Os for essentially running as administrator. If Theseus Doers group is taken advantage of
01:15
or that violence manipulated that can be used
01:19
to do some damage.
01:21
We then rounded our discussions out with Web Shell, describing what that was, how systems should be properly segmented and ensuring that if you do have an externally facing server, that it is limited in its privilege sets and its capabilities.
01:37
Remember, throughout all of these discussions, we've got some re occurring themes and things that are happening. But it's important that
01:44
you realize that you can consume this information in a number of ways, that you can break these modules up these discussions up into individual categories as need be. And so the mitigation techniques that made up telling to other areas are always going to be important across the board,
02:02
and they're going to be worth mentioning again and again.
02:06
So with that in mind, I want to thank you for your time today, and I look forward to seeing you again soon.

Up Next

Application of the MITRE ATT&CK Framework

This MITRE ATT&CK training is designed to teach students how to apply the matrix to help mitigate current threats. Students will move through the 12 core areas of the framework to develop a thorough understanding of various access ATT&CK vectors.

Instructed By

Instructor Profile Image
Robert Smith
Director of Security Services at Corsica
Instructor