Leanpub Header

Skip to main content
Go to Leanpub.comLeanpub

Material for Cybersecurity Deconstructed

Advanced Techniques and Internals

Steve T.

The author is letting you choose the price you pay for this book!

Pick Your Price...
PDF
EPUB
WEB
About

About

About the Book

Share this book

Categories

Computer SecurityCloud ComputingAmazon Web ServicesMicrosoft Azure

Feedback

Email the author

Price

Pick Your Price...

Minimum price

$19.00

$29.00

You pay

$29.00

Author earns

$23.20
$

All prices are in US $. You can pay in US $ or in your local currency when you check out.

EU customers: prices exclude VAT, which is added during checkout.

...Or Buy With Credits!

Number of credits (Minimum 2)

2
The author will earn $24.00 from your purchase!
You can get credits monthly with a Reader Membership

Author

About the Author

Steve T.

Steve T. is a highly respected cybersecurity veteran whose 18-year career provides deep expertise across the threat landscape, from complex web application security to intricate low-level exploitation. His journey in Germany began with simpler web architectures, giving him firsthand perspective on the evolution of technology, attack methods, and defensive strategies. This historical context, combined with continuous hands-on engagement with cutting-edge challenges (including vulnerability analysis at both the application and system level), gives Steve a uniquely grounded viewpoint. Throughout his career, he has excelled in penetration testing, security architecture review, incident response, and secure development consulting across diverse industries, actively identifying and remediating vulnerabilities in high-stakes environments.

Contents

Table of Contents

Lesson 1: Advanced Network Traffic Analysis & Evasion

  1. Deep Dive into TCP/IP: Header Manipulation and Obscure Flags
  2. TCP Flags Beyond the Basics
  3. TCP Options
  4. IP Fragmentation
  5. Exercise 1
  6. Protocol Tunneling Techniques: Implementation Details
  7. DNS Tunneling
  8. ICMP Tunneling
  9. HTTP/S Tunneling
  10. Exercise 2
  11. Advanced Packet Crafting with Scapy/Custom Tools
  12. Introduction to Scapy
  13. Packet Crafting Examples
  14. Other Tools
  15. Exercise 3
  16. IDS/IPS Evasion Techniques
  17. How IDS/IPS Work (Simplified)
  18. Evasion Techniques Revisited
  19. Exercise 4
  20. Deep Packet Inspection (DPI) Bypassing Strategies
  21. Exercise 5
  22. Analyzing Encrypted Traffic Patterns (TLS Handshake Analysis, JA3/JA3S)
  23. The TLS Handshake
  24. JA3 Fingerprinting
  25. JA3S Fingerprinting
  26. Limitations of JA3/JA3S
  27. Exercise 6
  28. Network Flow Analysis (NetFlow/IPFIX) for Anomaly Detection
  29. What is Flow Data?
  30. Generation and Collection
  31. Security Use Cases
  32. Limitations
  33. Exercise 7
  34. Lesson Summary
  35. Quiz 1

Lesson 2: Modern Endpoint Detection & Response (EDR) Internals & Bypass

  1. Understanding EDR Telemetry: The Data Sources
  2. Kernel Callbacks and Filter Drivers
  3. Event Tracing for Windows (ETW)
  4. API Hooking (Userland vs. Kernel)
  5. Exercise 8
  6. Common EDR Detection Mechanisms (Illustrative Examples)
  7. Process Injection Detection
  8. Credential Access Detection (LSASS Dumping)
  9. Lateral Movement Detection
  10. Exercise 9
  11. Techniques for Bypassing EDR Hooks (Userland Focus)
  12. Direct Syscalls
  13. Unhooking
  14. Hardware Breakpoints
  15. Bring Your Own Land (BYOL) / Vulnerable Driver Abuse
  16. Exercise 10
  17. Evading Behavioral Analysis
  18. Process Hollowing & Variations
  19. Reflective Loading
  20. In-Memory Execution (.NET Example)
  21. Parent Process ID (PPID) Spoofing
  22. AMSI (Antimalware Scan Interface) Internals and Bypass
  23. How AMSI Works
  24. AMSI Bypassing Techniques
  25. Exercise 11
  26. Analyzing EDR Logs and Artifacts
  27. Exercise 12
  28. The Role of Memory Forensics
  29. Exercise 13
  30. Lesson Summary
  31. Exercise 14
  32. Quiz 2

Lesson 3: Applied Offensive Techniques: Post-Exploitation Deep Dive

  1. Advanced Credential Harvesting: Access Beyond the Initial Foothold
  2. LSASS Dumping: Accessing Credential Material in Memory
  3. Kerberos Attacks: Abusing the Authentication Protocol
  4. Exercise 15
  5. Living-off-the-Land (LotL): Using What’s Already There
  6. Advanced LOLBAS Examples (Windows)
  7. LOLBAS Obfuscation Recap
  8. Exercise 16
  9. Windows Lateral Movement Techniques: Spreading Through the Network
  10. WMI for Remote Execution
  11. WinRM / PowerShell Remoting
  12. DCOM Object Abuse
  13. SMB/RPC Based (PsExec Variants)
  14. Exercise 17
  15. Linux Lateral Movement
  16. SSH Tunneling and Pivoting
  17. Sudo Exploitation and Misconfigurations
  18. Shared Library Hijacking
  19. Exercise 18
  20. Command and Control (C2) Framework Internals
  21. Malleable C2 Profiles
  22. Domain Fronting (Legacy Concept & Detection)
  23. DNS C2 Channel Analysis
  24. Exercise 19
  25. Data Exfiltration Techniques: Getting the Goods Out
  26. Covert Channels (Beyond Standard Tunneling)
  27. Steganography
  28. Protocol Abuse / Using Legitimate Services
  29. Exercise 20
  30. Lesson Summary
  31. Exercise 21
  32. Quiz 3

Lesson 4: Cloud Security Architecture & Exploitation (Focus: AWS/Azure)

  1. Introduction to Cloud Security Challenges
  2. Exercise 22
  3. IAM Deep Dive: The Cornerstone of Cloud Security
  4. AWS IAM Policy Evaluation Logic
  5. Azure RBAC Evaluation Logic
  6. AWS AssumeRole Internals (STS)
  7. Azure RBAC vs. Azure AD Roles
  8. Federation Security (SAML, OAuth2/OIDC)
  9. Exercise 23
  10. VPC/VNet Security Internals: Network Controls in the Cloud
  11. Security Groups (AWS) vs. Network Security Groups (NSGs - Azure)
  12. Network Access Control Lists (NACLs - AWS) vs. NSG Flow Logs (Azure)
  13. VPC Endpoints (AWS) vs. Private Endpoints (Azure)
  14. Network Segmentation Strategies
  15. Exercise 24
  16. Serverless (Lambda/Functions) Security: New Execution Models, New Risks
  17. Execution Environment Internals
  18. Event Injection Vulnerabilities
  19. Function Permissions Misconfigurations
  20. Secrets Management
  21. Exercise 25
  22. Container Security in the Cloud (ECS/EKS, AKS)
  23. Runtime Security
  24. Image Scanning Internals & CI/CD Integration
  25. Kubernetes RBAC Exploitation
  26. Network Policies (Kubernetes)
  27. Exercise 26
  28. Cloud Storage Security Pitfalls (S3/Blob)
  29. Access Control Mechanisms & Complexity
  30. Pre-signed URLs (AWS S3)
  31. Shared Access Signatures (SAS - Azure)
  32. Data Leakage Vectors
  33. Exercise 27
  34. Cloud Auditing and Logging: Visibility is Key
  35. Core Logging Services
  36. Log Analysis Strategies
  37. Detecting Advanced Threats with Logs
  38. Exercise 28
  39. Lesson Summary
  40. Exercise 29
  41. Quiz 4

Lesson 5: Practical Cryptography & Implementation Failures

  1. TLS/SSL Deep Dive: Securing the Transport Layer
  2. The TLS 1.2 Handshake (Simplified Walkthrough)
  3. Certificate Validation Internals
  4. Common Configuration Weaknesses
  5. Exercise 30
  6. Public Key Infrastructure (PKI) Internals
  7. Certificate Authority Hierarchies
  8. CRL/OCSP Mechanisms and Failures (Revisited)
  9. Certificate Transparency (CT) Logs
  10. Exercise 31
  11. Common Cryptographic Implementation Bugs
  12. Padding Oracles (CBC Mode)
  13. Weak Random Number Generation
  14. Timing Attacks (Conceptual Examples)
  15. Exercise 32
  16. Hashing Algorithms: Integrity and Beyond
  17. Core Properties:
  18. Practical Issues with MD5 and SHA-1
  19. Length Extension Attacks
  20. Exercise 33
  21. Symmetric vs. Asymmetric Encryption: The Hybrid Approach
  22. Key Management Challenges
  23. Exercise 34
  24. Introduction to Post-Quantum Cryptography Concepts (Brief Overview)
  25. Exercise 35
  26. Lesson Summary
  27. Exercise 36
  28. Quiz 5

Lesson 6: Technical Incident Response & Memory Forensics

  1. The Incident Response Lifecycle: Technical Actions
  2. Exercise 37
  3. Volatile Data Collection Techniques: Capturing Fleeting Evidence
  4. Memory Acquisition (RAM Dump)
  5. Other Volatile System State Capture
  6. Exercise 38
  7. Memory Analysis with Volatility Framework
  8. Getting Started
  9. Process Listing (pslist, pstree, psscan)
  10. Network Connections (netscan, sockets, sockscan)
  11. DLL Analysis (dlllist, ldrmodules)
  12. Command History (cmdscan, consoles)
  13. Registry Analysis (hivelist, printkey, dumpregistry)
  14. Exercise 39
  15. Identifying Malware in Memory
  16. Code Injection Detection (malfind)
  17. Hidden Processes/Drivers (psxview, driverscan, modscan)
  18. Hook Detection (apihooks, ssdt, idt, gdt - Volatility 2 more common, some V3 ports exist)
  19. Exercise 40
  20. Filesystem Forensics Basics: Complementing Memory
  21. MFT Analysis (NTFS)
  22. Timestamps (MAC Times) & Timestomping
  23. Deleted File Recovery Concepts (NTFS)
  24. Exercise 41
  25. Timeline Analysis Techniques: Weaving the Narrative
  26. The Super Timeline Concept
  27. Tools (Plaso/log2timeline)
  28. Correlation and Analysis
  29. Exercise 42
  30. Lesson Summary
  31. Exercise 43
  32. Quiz 6

Lesson 7: Reverse Engineering & Malware Analysis Fundamentals

  1. Introduction: Static vs. Dynamic Analysis
  2. Static Analysis Techniques: Examining the Code at Rest
  3. Disassemblers and Decompilers (IDA Pro/Ghidra)
  4. String Analysis
  5. PE Header Analysis: Imports and Exports
  6. Packer and Obfuscator Identification
  7. Exercise 44
  8. Dynamic Analysis Techniques: Observing the Malware in Action
  9. Debuggers (x64dbg/WinDbg)
  10. Sandboxing
  11. Behavioral Monitoring Tools
  12. Exercise 45
  13. Common Malware Techniques
  14. Persistence Mechanisms
  15. Anti-Analysis Tricks
  16. Command and Control (C2) Communication Patterns
  17. Exercise 46
  18. Introduction to Assembly Language (x86/x64)
  19. Key Instructions (x86/x64 - Intel Syntax)
  20. Stack Operations & Function Calls
  21. Exercise 47
  22. YARA Rule Creation: Pattern Matching for Detection
  23. Purpose: Identify and classify malware samples, hunt for related samples in datasets, create custom detection rules for security tools (some EDRs/scanners support YARA).
  24. Rule Structure
  25. Key Components:
  26. Writing Effective Rules:
  27. Exercise 48
  28. Lesson Summary
  29. Exercise 49
  30. Quiz 7

Lesson 8: Conclusion & Further Learning

  1. Key Takeaways:
  2. Further Learning:
  3. Exercise 50
  4. Quiz 8

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub