Train On-Demand
Choose the training you want from 18,000+ videos of instructor-led content. Watch anywhere.
Learn MoreIn this course, you will dive into the workstation. You will be introduced to the Windows OS where you will learn how to detect what’s in plain sight, and whether it is normal or potentially malicious. Also introduced are techniques on how to track malicious behavior on the endpoint/s through lateral movement and how to use certain tools to assist you with this task across thousands of endpoints. You will learn to detect Mimikatz, malicious macros, code injection, Kerberos attacks and more, using various detection methods. Finally, you will also get familiar with how malware operates and how you can detect their operations in memory. During endpoint hunting, you will leverage numerous endpoint detection solutions as well as popular SIEM such as Splunk and the ELK stack. This course is part of the Threat Hunting Professional Learning path which prepares you for the eCTHPv2 exam and certification.
Instructor for this course
Slavi Parpulev
eCTHP, eCPTX, OSCE, OSCP, GCFA, AZ-500, Microsoft INF260x
Introduction to Endpoint Hunting - Study Guide
Malware Overview - Study Guide
Hunting Malware - Study Guide
Redline: Create Standard Collector
Redline: Basic Usage
Redline: Create Analysis File
Redline: Detecting Code Injection
Hunting in Memory Lab 1
Hunting in Memory Lab 2
Hunting for Process Injection & Proactive API Monitoring
Advanced Endpoint Hunting Lab 1
Advanced Endpoint Hunting Lab 2
Hunting Malware Part 1
Hunting Malware Part 2
Event IDs, Logging, & SIEMs - Study Guide
Introduction to Sysmon
Hunting Code Injections with Sysmon
Hunting Mimikatz with Sysmon
Hunting Macros with Sysmon
Introduction to ELK
Creating Visualizations in ELK
ELK Hunting: Keylogger and Remote Threads
ELK Hunting: Macros
ELK Hunting: Mimikatz
ELK Hunting: Invoke Mimikatz
Threat Hunting with ELK
Hunting Responder
Hunting .Net Malware Lab 1
Hunting .Net Malware Lab 2
Hunting for WMI Abuse, Parent Process Spoofing & Access Token Theft
Hunting with ELK Lab 1
Hunting with ELK Lab 2
Hunting with ELK Lab 3
Hunting with Splunk Lab 1
Hunting with Splunk Lab 2
Hunting with Splunk Lab 3
Hunting with Splunk Lab 4
Hunting with Splunk Lab 5
Hunting with PowerShell - Study Guide
Hunting at Scale with Osquery
Take your technical training into your own hands and stay engaged with our learn-by-doing platform where you can put your skills to the test with hands-on exercises, quizzes, and labs.
Choose the training you want from 18,000+ videos of instructor-led content. Watch anywhere.
Learn MoreINE quizzes, labs, projects, and exercises help reinforce your knowledge.
Learn MoreOrganized training helps guide you through the most relevant subjects for certification prep.
Learn MoreWe add new courses and learning materials to the platform weekly so you're always up-to-date.
Learn MoreIf you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below.
If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.
Do you offer training for all student levels?