Cybersecurity Live Training by Omar Santos

(Free with O'Reilly Learning Subscription)

Live Training Ethical Hacking Learning Path

This track is for individuals starting an ethical hacking career or enhancing their offensive security skills. 

< Most people start here.

Modern Cybersecurity Fundamentals

In this course you will learn introductory cyber security concepts, as well as the different focus areas in cyber security. You will explore different concepts of incident response, digital forensics, security operations, and security management. This course will also go over cyber security in the Internet of Things (IoT), secure development management, and how cyber security is affecting software development (including DevOps and cloud computing).

Introduction to the concepts, tools, and methodologies of Penetration Testing (Ethical Hacking)  >>

Becoming a Hacker: An Introduction to Ethical Hacking, Penetration Testing, and Bug Hunting 

Becoming a Hacker is your first step to starting your ethical hacking and penetration testing career. This intensive two-day training session is taught by Omar Santos, best-selling security author and speaker. This training includes focused live discussions, real-world demos, and insights into hacking from someone who’s been on the front lines. You will benefit from expert insights of the methodologies used to assess and compromise a network. You will also learn about the legal aspects of ethical hacking and the associated risks. This course additionally reviews many different tools that can be used to penetrate a wired and wireless network and the systems within that network.

No prior penetration testing or ethical hacking experience is needed. You will be introduced to offensive cybersecurity concepts and then walk through a complete penetration test, from beginning to end. You will explore passive and active reconnaissance, fuzzing, enumeration, vulnerability assessment, exploitation, and post-exploitation techniques. This course is also helpful for those seeking certifications such as the Offensive Security Certified Professional (OSCP) Certification, CEH Practical, PenTest+, or the GIAC Penetration Tester (GPEN), this two-day training session is a great place to start. This live training can also help you if you want to start exploring the world of bug hunting and bug bounties.

This course is also helpful for those seeking certifications such as the Offensive Security Certified Professional (OSCP) Certification, CEH Practical, PenTest+, or the GIAC Penetration Tester (GPEN), this two-day training session is a great place to start.

CEH Exam Preparation

Certified Ethical Hacker (CEH) Certification Crash Course

This live and interactive training is designed to help you prepare for the EC-Council Certified Ethical Hacker (CEH)  certification exam. In this training we will review: Key topics and methodologies that you need to master the CEH exam objectives; step by step examples of security penetration testing methodologies and concepts; and sample questions for each of the topics covered in the exam.
Learn how to craft exploits used by ethical hackers to perform real-world penetration testing engagements. Understand the methods for conducting wired and wireless network assessments, hacking web servers, and web applications. Explore attack techniques against mobile devices, IoT devices, and cloud deployments.

CompTIA PenTest+ Certification

CompTIA PenTest+ Crash Course

This live and interactive training is designed to help you prepare for the new CompTIA PenTest+ exam. In this training we will review the main topics and methodologies that you need to master the PenTest+ exam objectives. You will learn security penetration testing methodologies and concepts by going over step-by-step examples. In this class we will also review several sample questions for each of the topics covered.

Learn how to craft the exploits used by ethical hackers to perform real world penetration testing engagements. Understand the methods for conducting wired and wireless network assessments, hacking web servers, and web applications. You will learn mitigations to the most common attacks and vulnerabilities. You will also learn details about pre-engagement tasks including planning, scoping, compliance-based testing, and more. You will also learn how to write penetration testing reports and include best practices explaining recommended mitigation strategies for the discovered vulnerabilities.

Hands-on Web Application Penetration Testing

Intense Introduction to Hacking Web Applications

This course starts with an introduction to modern web applications and then immediately dives into the mapping and discovery phase of testing. In this course, you will learn security penetration testing methodologies and concepts by going over step-by-step examples in real time.

This hands-on training course will use various open source tools. You will learn how to exploit SQL injection, command injection, cross-site scripting (XSS), XML External Entity (XXE), and cross-site request forgery (CSRF). You will also learn how to perform assessments of modern APIs used for mobile and IoT applications. This course includes interactive labs where students can interact with a series of vulnerable web applications in a safe environment. Learn how to craft the exploits used by ethical hackers to perform real-world penetration testing attacks and vulnerabilities.

3-day Pen Testing Bootcamp (Beginner to Intermediate)

Ethical Hacking Bootcamp with Hands-on Labs

This is a comprehensive Ethical Hacking (security penetration testing) hands-on boot camp! In this 3-day course you will get the training and experience you need to successfully launch your ethical hacking career. You will participate in live discussions, demos, whiteboard instruction and lab exercises. No prior experience is needed. Omar Santos, best-selling security author, speaker and Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations will walk you through numerous exercises and ethical hacking concepts. If you are starting your cyber career, seeking your Certified Ethical Hacking, CompTIA PenTest+, or Offensive Security Certified Professional (OSCP) Certification, or are just interested in learning more about cyber security, this three-day training session is for you!

This course provides step-by-step real-life scenarios. It starts by going over passive and active recon, then dives deep into scanning, target exploitation, password attacks, web application testing, buffer overflows, wired and wireless network hacking, and post-exploitation techniques. You will use dozens of different tools that can be used to penetrate a wired and wireless network and the systems within that network. In this training we will go over several tools like the social engineering tool kit (SET), Metasploit, Maltego, and many more. After that you’ll different best practices on how to write a penetration testing report.

4-week Ultimate Ethical Hacking Bootcamp!!                         

The Ultimate Offensive Security and Hacker Bootcamp in 4 Weeks

his is an intensive 4-week hands-on ethical hacking bootcamp exploring the most important techniques of exploitation, enumeration, reconnaissance, and obfuscation. In today’s security world it is important to be well rounded and this course covers all the key topics you need to get the job done.

Each week includes deep-dive training with Q&A and hands-on exercises so you can see projects in action. You are given a weekly homework assignment so you can then test your own skills and learn by doing with Interactive Scenarios. This is an active class designed to give you the knowledge and the practical skills you need to start your ethical hacking career now.

The training provided is full and deep. You learn about:
Week 1: Ethical Hacking and Bug Hunting Methodologies, Reconnaissance, and Enumeration
Week 2: Hacking Modern Applications
Week 3: Intermediate-to-Advanced Exploitation
Week 4: Hacking Containers, Kubernetes, Cloud Technologies, and Bypassing the Security Operation Center (SOC), including how to leverage Linux, Bash and Python for pen testing and bug hunting.

This training is a great way to gain the extra insight needed to help pass a number of certifications, including OSCP, GPEN, PenTest+, eCPPT, and others.

RECON! Active, Passive, Dark Web Research...

Hands-on Recon on the Surface, Deep and Dark Web

This live and interactive training is designed to help you perform passive and active reconnaissance in ethical hacking and bug bounty hunting engagements. You will learn intermediate-to-advanced recon methodologies using open source intelligence (OSINT). In this training you will also learn how to perform dark web research and reconnaissance. You will learn how to use Tor, proxies and proxychains, and even how to create your own VPN servers in cloud environments.

This training course is for you because... You have an understanding of cybersecurity. You want to prepare for certifications such as OSCP, OSWE, GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCIH), and the GIAC Exploit Researcher and Advanced Penetration Tester (GXPN). You want to learn how to perform reconnaissance for bug bounty and ethical hacking engagements. Anyone interested in cybersecurity, dark web research, and penetration testing (ethical hacking) will benefit from this training.

Active Cybersecurity Defense, Digital Forensics and Incident Response (DFIR), Cloud Security, Kubernetes & Docker Security Learning Path

This track is designed for individuals that want to start a career or develop new skills related to incident response, malware analysis, cloud security, active threat defense, threat hunting, and digital forensics.

Introduction to Digital Forensics and Incident Response (DFIR)

The number of cyber-attacks and breaches continue to rise. The field of digital forensics and incident response (DFIR) is in high-demand. Digital cybersecurity forensics, threat hunting and incident response tactics and procedures have evolved rapidly over the past several years. Incident response and digital forensics teams are tasked to identify malware, indicators of compromise, and patterns of activity in order to detect current and future intrusions.

In this course you will learn the fundamentals of incident response and digital forensics. You will learn how to create effective incident response teams and best practices on how to contain and remediate cybersecurity incidents. You will also learn how to develop how to extract and create necessary cyber threat intelligence that can help you properly scope the compromise and detect future breachesYou will also learn how to collect evidence from network infrastructure devices and endpoints; and how to preserve that evidence.

Cybersecurity Offensive and Defensive Techniques in 3 Hours

In this course you will learn all about cybersecurity blue and red teams while also building the skills necessary to create your own teams. We will start with exploring the concepts of red, blue and "purple teams" or "purple teaming," which combines the elements of defense and offense within an organization. Next you will find out how to create and manage cybersecurity red, blue and "purple" teams before jumping into best practices for understanding how your teams can effectively collect and analyze data to defend your organization against threat actors. You will also learn different tools that are appropriate for blue and red teams and how to proactively and iteratively "hunt" and isolate advanced threats that evade existing security solutions within your organization. We will then end with a look at threat intelligence and how blue and red teams use it in their engagements.

Cybersecurity Defender in 4 Weeks

This four-day training provides hands-on and real-world incident response exercises covering topics such as threat intelligence, threat hunting, orchestration, automation, security monitoring, and incident response methodologies. Learn how to use the most current and useful tools available, including Security Onion, Suricata, Zeek (formerly known as Bro), Fleet, HUNT, osquery, TheHive, Elasticsearch, logstash, and Kibana (ELK), Caldera, Atomic Red Team, Metasploit, Maltego, Yeti, and many others. You will learn how these tools can be used in combination with the MITRE ATT&CK Framework to perform threat hunting and adversarial simulation or emulation. This training is also a great way to gain the extra insight needed to help pass a number of certifications, including CISSP, CompTIA Security+, CompTIA CySA+, CompTIA CASP+, GSEC, GNFA, GCTI, Cisco's CyberOps Associate and CyberOps Professional.
Cybersecurity Defender in 4 Weeks is your inside track for learning how red and blue teams not only work, but strategically coordinate the best methods for breach detection and prevention. Find out how cybersecurity red teams mimic an adversary and assess the overall security of your network, while also examining how blue teams defend your organizations against threat actors and their attacks. You will also build the skills necessary to create and work in blue and red teams, while also exploring the concept of "purple teams" or "purple teaming" which combines the elements of defense and offense within an organization.

CCNP and CCIE Security Core SCOR 350-701 Crash Course

The CCNP and CCIE Security Core SCOR 350-701 Crash Course serves as comprehensive 2-day training for anyone interested in taking and passing the Cisco CCNP Security certification.
A fast-paced live training course designed to help you learn about every objective in the SCOR exam. This training will also help any network professionals interested in learning the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.
This course starts with an introduction to the new Cisco CCNP Security and CCIE Security certifications. You will then quickly dive into the topics of the CCNP Security Implementing and Operating Cisco Security Core Technologies (300-701 SCOR) exam and the cybersecurity foundation topics that you need to study to pass the exam. This is the first exam you must take and pass to pursue your Cisco Security certification career path. You will also learn about different Cisco network security concepts needed to pass the exam, how to secure multi-cloud environments, and the different Cisco Content Security solutions available. In this training you will also learn details about endpoint protection and detection, secure network access, visibility, and enforcement.
This live and interactive training is designed to help you prepare for the Cisco CCIE Security and CCNP Security Implementing and Operating Cisco Security Core Technologies (300-701 SCOR) exam. We will review all the topics in the exam blueprint.

Intense Introduction to Docker and Kubernetes Security in 4 Hours

Docker, containers, and Kubernetes have transformed the way we create, deploy, and orchestrate applications on-premise and in the cloud. Yet as these solutions are prone to a number of vulnerabilities and secure misconfigurations that lead to significant breaches and security risks, it has become increasingly important that you know how to implement safeguards

This fast-paced training will teach you the basics of Docker and Kubernetes security. You will learn the various concepts of container security, how to prevent issues related to container supply chain security, and best practices around application isolation and protection. You will also learn about different authentication schemes, key concepts for how to perform logging, and how to audit the Docker platform. This training also covers clear advice on securing Kubernetes deployment, including how to secure the k8s API server, controller manager, scheduler, kubelet, worker nodes, and running etcd safely. You will also learn details about role-based authentication (RBAC), securing service accounts, Kubernetes Pod security policies, network policies, and secret management.  

How to Build Your Own Lab + Intro to Linux, Python, and Bash Scripting for Cybersecurity

< You need a good Linux, Python, and Bash Background for Offensive and Defensive Security

Intro to Linux, Python, and Bash Scripting for Cybersecurity Professionals

Numerous cybersecurity jobs require a solid background in programming, Linux, and scripting languages. In this fast-paced and hands-on course you will learn several fundamental skills that you need to master to be competitive in today’s cybersecurity job market.

Having working knowledge of Linux, Python programming, and Bash scripting will help you become a better cybersecurity professional. This course also helps students that are preparing for hands-on cybersecurity certifications like the Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) Practical, Licensed Penetration Tester (LPT), and several GIAC certifications. This course starts with an introduction to Linux, Python, and the Bash shell and then immediately dives into several hands-on lab scenarios where you will learn the details about Linux user and group accounts; Linux file permissions, networking, processes, and logs for incident response. In addition, you will learn how to create Linux-based firewalls and deploy open source Intrusion Prevention Systems (IPS). You will learn how to get started with Python, how to create your own network scanner and network sniffer using Python. You will learn several tips for post exploitation activities using Python. In this course, you will also learn how to use Bash scripting for penetration testing and for incident response.

Build Your Labs using VMs, Containers, or even in the cloud! >>

Build Your Own Cybersecurity Lab and Cyber Range

Numerous cybersecurity and penetration testing tools and techniques have the potential to damage or destroy the target system or the underlying network. In addition, if malware is used in testing, there is the potential for infection and spread if testing in an Internet-connected testbed. This class will teach how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem.

You will learn what you need to create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems. You will learn how you can leverage tools like Virtual Box, VMWare Workstation/Fusion, ESXi, Proxmox, or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks. Vagrant files and Ansible playbooks will be shared during the class for you to build complex lab environments within minutes. You will also learn how to create environments in cloud services such as AWS, Azure, Google Cloud, and Digital Ocean.

This course is designed for anyone preparing for a certification like Certified Ethical Hacker (CEH), CompTIA PenTest+, CEH Practical, Offensive Security Certified Professional (OSCP), Cisco CCIE Security, CCNP Security. It is also designed to help those just learning how to perform penetration testing (ethical hacking), exploit development, or reverse engineer malware.

This live and interactive training is designed to help you get started building different lab environments to practice cybersecurity skills. This training is important for any individuals preparing for cybersecurity certifications or that are just passionate about learning new hands-on skills.

This page was built with Mobirise