Analyze Potentially Malicious Activity

---

Goals

• Explore network attack indicators.
• Explore rogue device concepts.
• Understand operating system analysis concepts.
• Review data exfiltration methods.
• Review vulnerability assessment techniques.

Network Attack Indicators

• Distributed DoS (DDoS) Attack
  • DDoS Mitigation
• Unusual Traffic Spikes and Bandwidth Consumption
• Beaconing Intrusion IoCs
• Irregular Communication Patterns
• Protocol and Port Use Scenarios

Host Attack Indicators

• Memory and Process Consumption
• Disk and File System Use
• Unauthorized Software
• Malicious Processes
• Unauthorized Change Indicators
  • Privilege Escalation
• Data Exfiltration Methods

Vulnerability Assessment Tools

• Nessus
• OpenVAS
• Qualys
• Nmap
  • Nmap Port Scanning
  • Nmap Fingerprinting
  • Nmap Scripting Engine (NSE)
  • Nmap Output Options
• Measuring Social Engineering Vulnerabilities
  • Pretexting
  • Baiting
  • Phishing
  • Simulating Social Engineering Attacks
    • Phishing Campaigns
• URL Obfuscation Techniques
• Additional Assessment Tools
  • Angry IP Scanner
  • Maltego
  • Metasploit Framework (MSF)
  • Recon-ng