Overview
This course aims to equip learners with the knowledge and skills to exploit vulnerabilities in notorious Remote Administration Tools (RATs) used in targeted cyber attacks. The course covers identifying patterns in APT reports, understanding common RATs like Gh0st RAT and XtremeRAT, and exploiting vulnerabilities in their command and control components. The teaching method involves disclosing exploits for remote execution and information disclosure. The intended audience includes individuals interested in cybersecurity, digital forensics, and threat research.
Syllabus
Intro
Disclaimer
The sophisticated attack
Hacking back
RAT terminology
Sophisticated attack hit list
APT1 & Poison Ivy
Xtreme Rat
Remote file upload
Remote file download
Ghost RAT
DLL side load vulnerability
Decode implant configs
Post exploitation
Taught by
Cooper