top of page
Writer's pictureBen Lampere

TCM Academy - Pen Testing, Malware, and Active Directory






Working in computer security requires a passion for learning. Not just because the attacks and defenses constantly change but because there is so much to learn. There is OSINT, hardware hacking, malware development, Penetration testing, exploit development, cryptography, etc. The list can go on forever. Learning everything would take over a lifetime, but they still build off one another. For this reason, I find myself learning something new almost every day.


The resource I have focused on in the past few weeks is the Cyber Mentor Academy. They have a bunch of excellent computer security courses for a relatively low price. Each class costs 30 dollars, but if you join the discord (I'll link below), they regularly have sales of as much as 90% off. In the past two weeks, I completed three courses from TCM that I will go through below.




External Pentest Playbook


Certificate of Completion for External Pentest Playbook


The External Pentest Playbook course covers the lifecycle of external pen tests. It begins with the business side by discussing engagement rules, scope, and client communications. Then it moves into the technical side by going through enumeration, attacking, escalation, and common findings. Finally, it discusses report writing and client debriefs. Being a Penetration tester already, I knew a lot about the process; however, I did appreciate the section on report writing as it's always interesting to hear other people's methods and layouts of the reports. The course is a little over 3.5 hours, but you can watch up to 2.0x speed, which I did for content I already knew. This course is 1 of 5 classes as part of TCM's Practical Network Penetration Tester certification (PNPT) that I may consider taking in the future.



Movement, Pivoting, and Persistence


Certificate of Completion for Movement, Pivoting, and Persistence


This is your Active Directory course. If you are studying for the OSCP, this is the class you want to take from TCM. The first 40 minutes of this course is setting up a lab which can be a pain but pays off later. The entire course uses Covenant, which is a C2 server. After getting footholds, the course takes a deep dive into local persistence and privilege escalation. Once again, this is all through Covenant, which is helpful if you use it, but I would have preferred if they showed commands through a traditional reverse shell. Once it gets past all the local attacks, it moves on to attacking Active Directory. A good amount of content enumerates users, groups, and objects, which is highly beneficial. Next, they go through pivoting on the domain and using Bloodhound. I enjoyed the video on proxy chaining, as it's something I have to practice and understand better. Overall a great course, and I'll return to the Active directory content for reference. The course ended up being 5.5 hours.



Practical Malware Analysis & Triage


Certificate of Completion for Malware Analysis and Triage


Malware Development and analysis has been an unknown field in computer security for me. It was touched on in the reverse engineering course I took at BSides, but I wanted something more in-depth. This course has the largest portion of lab setup out of all the courses. It's understandable because you are running Malware on a virtual machine; it requires some extra steps for safety. The course focuses on Static Analysis and Dynamic analysis. It states that simply looking at strings and analyzing Wireshark then moves to more advanced concepts like debugging and reversing the .Net framework. While this class isn't about developing Malware, this is an excellent introduction to malware analysis required if you want to get into development. This course is the largest at almost 9 hours. There is a lot in this one, and you'll watch it multiple times to grasp everything. I recommend this course if you want to understand more about Malware and how it works.




From here, I'll be exploring more malware development and taking a course by Sektor7. It's 6 hours of content but seems relatively advanced, so I'll be going through it rather slowly. Pentester academy also has some courses on hacking with python, which would be interesting. No matter the course or content, I'm always learning. Luckily this field has plenty of people willing to spread the knowledge, so all you have to do is look.



Recent Posts

See All

Commenti


bottom of page