Professional Documents
Culture Documents
Real-world Get personalized guidance on what skills you should learn, what certificates you should
practical pursue, and how to learn such skills in a practical step-by-step process.
experience
Get ~60 hours of in-depth live training that includes the experience and expertise I
Professional gained after working over 10 years in the industry. Don't reinvent the wheel or spend
years relearning all these skills. Start from where I stopped through this live training
Certification
prorgams
Resume & Job Get the real-world experience needed for the high-paid job you are applying for through
Hunting Advice our practical labs and our part-time internship. You will look over the shoulders of our
engineers on how they analyze real attacks for our customers and as well in-depth case
studies to shortcut the experience needed for a high-paid job in cybersecurity.
Get certified and build a compelling resume for the dream job you are applying for. Our
recruitment expert will help with the career shift in your resume and any gaps in your
resume.
The program is divided into 5 phases. In the next pages of this document, you will get to
learn about each phase of this Master's Program and how it will help you in your
cybersecurity journey.
MalTrak Cybersecurity Masters Program 2
You will learn in this phase how real attacks work, the basics of log analysis, incident
response, forensics investigation, and malware analysis. As well, you will be introduced to
advanced attacks such as Fileless attacks and ransomware attacks.
This phase is personalized based on what skills you already have and what you need to
learn. It will be based on pre-recorded training provided by us and as well our 3rd party
training provider
Key Objectives:
Learn internet communication, network protocols, and packet analysis (TCP, UDP, IP,
HTTP, DNS ... etc)
Optional: Learn the basics of Cloud (AWS or Azure DevOps, Terraform and Ansible)
"Thank you Amr Thabet for the great effort in this training. You have covered many
topics/techniques of the red team and the blue team that simulate the thinking of the
attacker and how to deal with them in the most practical and realistic way "
- Andrew Essam, Network Security Engineer at Vantage Securities Brokage
"Thank you Amr Thabet for explaining some adversary simulation steps according to the
MITRE ATT&CK framework with such clear examples. Don't miss this training from Amr
Thabet "
- Ali Soban, Cisco Certified Specialist- Security
"This training from MalTrak is one of the best courses I have ever taken. The curriculum
gives you an excellent starting point for a career in incident response and malware
analysis. It provides a clear understanding of what modern cyberattacks look like in real-
world and how to recognize the tools and the techniques used by any cybercriminal and
how to analyze them. Totally recommended"
"The best training available to master incident response, digital forensics, and malware
analysis. It helped me a lot in strengthing my skills. Totally recommended"
"Basically I have gone through many courses and boot camps order to learn "Real life
CyberSecurity operations" but a significant amount of courses just showed old techniques
or some better tools. However, the training delivered by Amr Thabet covered that gap and
explained to me the reality of industry and methodology. I'm personally working in the
industry and got really juicy and interesting knowledge. I highly recommend people to
attend this."
- Shravan Kumar, Cyber Security Associate at FICO
MalTrak Cybersecurity Masters Program 4
This training takes you on a journey inside the organization's Active Directory. We will cover
This hands-on training
privilege escalation, lateral movement, and persistence inside the active directory. We will
teaches you how to also cover Azure AD and Server-side/infrastructure attacks as well in this training.
move laterally inside
the organization This training will be fully hands-on with scenarios and real attack examples. This training will
be presented by Amr Thabet and another Instructor that will be announced soon.
abusing Active
Directory and Azure
Key Objectives:
AD misconfiguration
Learn Active Directory attacks in depth, from Privilege escalation to lateral movement,
and maintain a stealthy persistence
Learn Cloud Attacks on Azure AD environment. From Initial Access to Full control
You will also learn about infrastructure attacks and web attacks throughout the training
DAY #1:
MODULE 1: WEB BASICS INTRODUCTION TO WEB HACKING
HTTP Protocol Megaprimer Penetration Testing Execution Standard (PTES)
HTML & JavaScript Penetration Test Vs. Vulnerability Assessment
Web Servers Burp Suite, the Swiss Army Knife for Web Hacking!
PHP, ASP.net, and Python Languages Web Application Vulnerabilities
SOP & CORS OSINT (Open-Source Intelligence)
Passive and Active Reconnaissance
DAY #2:
ATTACKING THE BROWSER’S SECURITY ATTACKING THE BACKEND: SQL & NON-
CORS Explained SQL DATABASES
CSRF (Cross-Site Request Forgery) XSS (Cross-Site SQL and NoSQL Databases Error-Based Injection
Scripting) Preventing SQL injections
Practical Exploitation
DAY #3:
DAY #4:
RECONNAISSANCE & ASSETS DISCOVERY INITIAL ACCESS ATTACKS
Cloud vs On-Premise Spear-Phishing with illicit consent
Identities on Cloud: Cloud Authentication Methods Password Spraying Attacks
(Azure, AWS) Storage Misconfigurations (S3 & Storage Blobs)
Domain Discovery, Bruteforcing & Assets
Reconnaissance
Post Compromise Reconnaissance (Azure AD and
AWS)
Service Accounts (Azure Managed Identities & AWS
Roles)
With the rise of APT attacks and targeted ransomware attacks, there's a huge need for in-
This training focuses
depth investigation & threat hunting skills to detect these attacks early on before the cost of
on in-depth the breach gets doubled every day.
investigation through
the logs, memory and In the In-Depth Digital Investigation & Threat Hunting Training, you will learn how real APT
attacks and targeted attacks work, how to perform in-depth investigation through
digital forensics
collecting and analyzing digital artifacts, performing live forensics, memory forensics, and
artifacts to detect,
how to automate this process across the whole enterprise in Powershell.
investigate and hunt
for the targeted As well, you will learn how to perform threat hunting based on the MITRE ATT&CK
attacks, APT attacks framework and powered by threat intelligence. Not just the Attackers' IoCs but their tactics,
techniques, and procedures.
and ransomware
attacks Key Objectives:
How to build a threat hunting process that is powered by MITRE ATT&CK framework and
threat intelligence information.
DAY #1:
INTRODUCTION TO APT ATTACKS & INTRO TO INCIDENT RESPONSE & THREAT
MITRE ATT&CK HUNTING
What is an APT Attack? The Incident Response Lifecycle
What are the Attack Stages? And what’s MITTRE how attacks are being discovered (SOC, 3rd party &
ATTACK? threat hunting)
APT attack lifecycle Security Controls and types of logs in an organization
Examples of real-world APT attacks What's Threat hunting & why threat hunting?
Red Team Tools & Frameworks (PowerSploit, Types of Threat hunting
Powershell EMPIRE, Cobalt Strike, Metasploit, Kali The threat hunting process step by step
Linux) Intelligence-based Threat hunting
INTRO TO OUR PURPLE TEAM CLOUD INITIAL ACCESS & LOG ANALYSIS
LAB Spearphishing Attacks with a malicious attachment
Intro to Purple Teaming & Why Purple Teaming? Spearphishing attacks with links
The Design of your lab Spearphishing attacks using social media
Hands-on Attack Simulation using Atomic Red Hands-on Simulating & Detecting Spearphishing using
Team Sysmon Logs
Hands-on Attack Simulation using Caldera Advanced execution techniques
Investigating Sysmon Logs using Elasticsearch Hands-on Analyze attacks using Sysmon & Splunk
Perform deeper investigation using Powershell
Remoting
Learn how to build this lab for yourself using AWS
& Terraform
MalTrak Cybersecurity Masters Program 8
DAY #2:
PACKET ANALYSIS & MALWARE MALWARE IN-DEPTH & MALWARE
EXFILTRATION FUNCTIONALITIES
Hunting the evil in packets Types of Malware
Detecting Malware Exfiltration methods Malware Functionalities in-depth (APIs, Code
Detecting Downloaders, malicious documents, Functionalities & Detection Techniques)
exploits and others Malware Encryption & Obfuscation (packing, strings
Detecting IP Flux, DNS Flux, DNS over HTTPS encryption, API encryption .. etc)
Malicious bits transfer, malware communicating Strings and API Encryption & Obfuscation
through legitimate websites Network communication Encryption & Obfuscation
Detecting peer-to-peer communication, Remote Virtual machine & Malware analysis tools bypass
COM Objects and unknown RDP Communications techniques
Hands-on analysis using Wireshark & Microsoft Write your own YARA rule
Network Monitor
Hunting the evil in zeek logs
Hands-on analysis using zeek logs & Elasticsearch
DAY #3:
MALWARE DEFENCE EVASION MEMORY FORENSICS
TECHNIQUES Intro to Memory Forensics & Volatility
Process Injection (DLL & Shellcode Injection) Capture a full memory dump
Advanced Process Injection (APC Queue Injection) Extract suspicious & hidden processes
Advanced Injections: Using NTFS NxF Feature Detecting memory injection, process hollowing & API
Detecting Process injection using Sysmon logs hooking
Detecting Process injection using Live Forensics Detect injected threads using call stack backtracing
Use of legitimate applications for Applocker bypass Detect suspicious network communication & extract
Disguise malware using COM Objects network packets
Detecting & preventing the abuse of the legitimate Detect malware persistence Functionalities using
applications registry hives
Sysmon & EDR Bypass Techniques Detect the initial access using Prefetch files & MFT
Detecting EDR bypass techniques with Live extraction
forensics Extract windows event logs from memory
Automate memory processing using python
MalTrak Cybersecurity Masters Program 9
DAY #4:
MALWARE PRIVILEGE ESCALATION INCIDENT RESPONSE IN AN ENTERPRISE:
TECHNIQUES POWERSHELL INTRO
UAC bypasses using legitimate apps Intro to Powershell
UAC bypasses using COM objects Powershell Remoting
UAC bypasses using Shimming Logon Types and Powershell vs RDP
Abusing Services for privilege escalation Collect & Analyze Malicious Artifacts using Kansa
DLL Order Hijacking Collect Minidumps using Powershell
Privilege escalation to SYSTEM Detect suspicious processes using Powershell
Best practices for detecting & preventing privilege Automating Artifacts collection & analysis for threat
escalation intelligence
Mac OSX & Linux privilege escalation Convert your threat hunting hypothesis into an alert
Write your own SIGMA rules
This is hands-on offensive training that focuses on helping organizations battle against
This training focuses
ever-growing targeted attacks and ransomware attacks by simulating their adversaries and
on developing cyber putting your defenses and your blue team at the test to improve the organization's security
weapons that can posture.
evade AV detection,
This training focuses on developing cyber weapons that can evade AV detection, EDR logs,
EDR logs and forensics
and forensics traces like how advanced targeted attacks do, and provide you with insights
traces like how
on how to improve your organization's overall detections and security posture
advanced targeted
attacks do, and Key Objectives:
provide you with
Simulate a real APT Attack given its TTPs and build their own malware to test their
insights on how to
defenses (or clients' defenses) against completely new malware.
improve your
organization's overall Build their own Red Team infrastructure and secure it from being detected or blocked by
detections and the company's security team.
security posture
Learn not just the techniques and how to use them, but how each technique works
internally and how they can develop their own version of it.
"Definitely one of the most up to date training with relevant topics. Thank you Amr Thabet
for this great learning session. I would definitely recommend this training for anyone who
is looking to level up their skills in Red Teaming.
"The training was highly helpful by highlighting many of the techniques that can be used to
bypass the organization's security defenses. You put huge appreciated effort with all the
attendees to ensure that all the modules are clear and understood.
"One of the best Outstanding Training I have ever taken. You have done a great effort with
us especially in the Malware Development section and EDR / AV Evasion. Most of the
training programs out there don't have Malware Development from scratch. That's what
has made this training a special one. Thanks again for your effort with us! Really
appreciated"
- Omar Amin
MalTrak Cybersecurity Masters Program 11
DAY #1:
APT ATTACKS & RED TEAM PHISHING & SOCIAL ENGINEERING MASTERY
INFRASTRUCTURE ON AWS
What is an APT Attack? Create a Phishing Platform using GoPhish & EmailGun
What are the Attack Stages? And what’s MITTRE Create Your Phishing Pages using EvilGinx 2
ATTACK? Build Your Phishing plan using OSINT
APT attack lifecycle Build your phishing emails templates
Examples of real-world APT attacks Bypass 2-Factor Authentication using EvilGinx 2
Deep dive into the attackers' tactics, techniques, and
procedures (TTPs) Using Threat Intelligence
Understand the attackers' malware arsenal
Setting Up Your Infrastructure in the cloud
Setting up your account in AWS & Terraform
Build your network and Caldera VM in the cloud
Create Redirectors to obfuscate your C&C IP
DAY #2:
WRITE YOUR FIRST HTTP MALWARE MALWARE PLUGIN FRAMEWORK
Build a Vulnerable organization in AWS IMPLEMENTATION
Connect to Caldera C2 using HTTP Add a framework for plugins with additional features
Implement Base64 encoding in your malware Add a keylogger plugin to log keystrokes and steal
Implement JSON parsing in your malware credentials.
Send victim machine information to your C&C Add commands for Caldera to download the keylogger
Receive and execute commands from Caldera logs
Automate command execution across multiple
victims
DAY #3:
DEFENSE EVASION: MALWARE DEFENSE EVASION: NETWORK
OBFUSCATION OBFUSCATION
Malicious Documents: VBA Stomping Network Data Encryption
Strings Encryption Hidden In Plain Sight 01: HTML Smuggling
Dynamic API Loading Hidden In Plain Sight 02: Steganography
Hidden In Plain Sight: Malware Steganography HTTPS Communication
Using legitimate websites for communications
DNS Flux and DNS over HTTPS
Other Protocols & Channels (ICMP, DNS)
DEFENSE EVASION: BYPASS EDRS &
BEHAVIORAL-BASED DETECTION
Process Injection & DLL Injection
Sysmon & EDR Bypass Techniques
Unhook EDR APIs
Invisible Process Injection Without Alerting EDRs
AppLocker And Application Whitelisting bypass
Techniques
DAY #4:
"If you are looking for the most detailed and relevant training available I would highly
recommend Maltrak. You will learn how to automate cloud-based C&C infrastructure,
bypass 2FA with malicious proxies for legitimate pages, develop completely undetectable
C++ malware from scratch, defeat machine learning-based endpoint detection tools and
much, much more from one of the most celebrated persons around."
- Grant Knoetze - IT Support Specialist
MalTrak Cybersecurity Masters Program 13
As well, it will include how to build a professional image on Linkedin, reach out to recruiters
and hiring managers, and write a compelling resume and cover letter.
We will partner with a recruitment expert to help you build a professional world-class
resume and LinkedIn profile and help you through this whole process.
Key Objectives:
Reach out to recruiters and hiring managers to land the job you are looking for
Registration Process
The number of students in this program is very limited and therefore, we need to ensure that
LIMITED you are a good fit for this Master's Program and it will transform your career tremendously
in the next 9 months.
SEATS
So to register, you will need to fill out this application at: https://maltrak.com/masters
This Program is
based on coaching
and mentorship
and therefore, the
seats are very
limited.
Book your call
now and get
started before it's
too late
MalTrak Cybersecurity Masters Program 15
Just bear in mind that the seats are very limited. Once they are taken, you will be put on the
waiting list for a few months until you can join.
And they are looking for someone who can protect them against these attacks, who has the
practical skills and real-world experience, and that's what this Master's program provides.
This program excels more than any other program in providing in-depth training, expert insights,
real-world, hands-on labs, not simple CTFs, and all with mentorship and guidance.
Red Teamer
Penetration Tester
Incident Handler
Cloud Security Professional
Threat hunter
Security Analyst
MalTrak Cybersecurity Masters Program 16
It's fluff-free, industry-based, and fully hands-on with real mentorship and guidance.
It's based on the real attacks that companies are facing right now. Rather than general
Cybersecurity knowledge.
Job offers have requirements of a computer science degree, multiple different certificates, and
years of experience. But in reality, hiring managers don't care about all of that. They care about
your hands-on skills and if you can do your day-to-day work without lots of training and
supervision.
In the master's program, not only we do help you learn the real hands-on skills that you will need
in your next job, but also we help you showcase these skills in your resume.
Instead of certificates, we show your skills in projects, blogs, technical reports, and write-ups.
And we build your resume to stand out, get through HR and get the hiring manager interested in
interviewing you and hiring you in the company.
We have many students who followed our structure and our tips and advice and got recruiters
and hiring managers reaching out to get them to work in their company.
About MalTrak
MalTrak is a cybersecurity organization specialized in the detection, response, and hunting
If you are ready to of current threats companies are facing right now such as targeted attacks, ransomware
shift your career to attacks, and cloud attacks.
the ever-growing MalTrak's mission is to equip cybersecurity professionals and companies with the training,
field of tools, and processes to help them respond to such attacks and better protect their assets
cybersecurity, you MalTrak has helped over 200 professionals from all over the world build their skills in
are ready for cybersecurity with live training, recorded training, and personalized coaching.
MalTrak Now MalTrak is continuing its mission through this dedicated Masters program to ensure
that the new generation of cybersecurity professionals are equipped with the practical skills
and tools to protect
He is the founder of MalTrak and the author of "Mastering Malware Analysis, 2nd
Edition" book published by Packt Publishing.
Amr has spoken at top security conferences all around the world, including
Blackhat, DEFCON, Hack In Paris, and VB Conference. He was also featured in
Amr Thabet, Founder of MalTrak
Christian Science Monitor for his work on Stuxnet.