Cooper Courses

Generating MITRE ATT&CK DNA for Groups of Actors

Explore techniques for generating MITRE ATT&CK DNA profiles of threat actor groups, analyzing similarities, and addressing challenges in attribution and emulation.

• YouTube
• 36 minutes
• On-Demand
• Conference Talk

Piercing the Veil - Server Side Request Forgery Attacks on Internal Networks

Explore esoteric SSRF entry points, internal service vulnerabilities, and mitigation strategies in ethical hacking and bug bounty programs.

• YouTube
• 32 minutes
• On-Demand
• Conference Talk

Defeating APT10 Compiler-level Obfuscations

Explore techniques to overcome compiler-level obfuscations used by APT10, enhancing your ability to analyze and defend against advanced persistent threats.

• YouTube
• 22 minutes
• On-Demand
• Conference Talk

DeTT&CT - Mapping Your Blue Team to MITRE ATT&CK

Explore MITRE ATT&CK framework for blue team mapping, focusing on attack techniques, gap analysis, and event query language to enhance cybersecurity defenses.

• YouTube
• 20 minutes
• On-Demand
• Conference Talk

What The Log - So Many Events, So Little Time

Explore efficient event logging strategies and tools for enhanced cybersecurity, including Microsoft Security Compliance Toolkit, EventList, and Sigma.

• YouTube
• 42 minutes
• On-Demand
• Conference Talk

Kill MD5 - Demystifying Hash Collisions

Demystify hash collisions and explore the vulnerabilities of MD5 in this engaging talk. Learn about identical prefixes and gain insights into cryptographic security.

• YouTube
• 30 minutes
• On-Demand
• Conference Talk

Say Cheese - How I Ransomwared Your DSLR Camera

Explore DSLR camera vulnerabilities and ransomware techniques in this cybersecurity talk, covering PTP protocols, firmware updates, and responsible disclosure practices.

• YouTube
• 54 minutes
• On-Demand
• Conference Talk

How to Better Integrate Continuous Improvement into Security Monitoring

Learn strategies to enhance security monitoring through continuous improvement, focusing on reducing false positives and optimizing processes for better threat detection and response.

• YouTube
• 22 minutes
• On-Demand
• Conference Talk

MISP Project Future

Explore the MISP Project's future, including its downsides, processes, and preparation strategies for upcoming challenges in threat intelligence sharing.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

ReconPi

Explore ReconPi, a tool for efficient reconnaissance in cybersecurity, with insights on its inspiration, functionality, and practical applications.

• YouTube
• 25 minutes
• On-Demand
• Conference Talk

Modern Pentest Tricks for Faster, Wider, Greater Engagements

Discover cutting-edge pentest techniques for efficient and comprehensive engagements, focusing on CSV tools, parallel execution, and innovative applications.

• YouTube
• 42 minutes
• On-Demand
• Conference Talk

Take Your Path Normalization Off and Pop 0days Out

Explore path normalization vulnerabilities in web frameworks, including real-world examples and case studies of critical security flaws leading to remote code execution and access control bypass.

• YouTube
• 45 minutes
• On-Demand
• Conference Talk

Finding the Best TI Provider for a Specific Purpose

Explore methodologies for evaluating and selecting the most suitable Threat Intelligence provider, focusing on comparison metrics, data analysis, and key takeaways for various cybersecurity roles.

• YouTube
• 40 minutes
• On-Demand
• Conference Talk

Make ARM Shellcode Great Again

Explore ARM shellcode techniques, from basic execve() to advanced "Quantum Leap" code, covering tight spaces, mprotect egghunters, and ARM-Thumb switching for efficient exploitation.

• YouTube
• 41 minutes
• On-Demand
• Conference Talk

Digital Safety for Politically Vulnerable Organizations

Learn strategies for protecting politically vulnerable organizations from digital threats, covering physical and psychological security, incident response, and data retention policies.

• YouTube
• 45 minutes
• On-Demand
• Conference Talk