Instructor
Lucas Romano
Red Team Operator
Lucas is a seasoned threat researcher in multiple security disciplines, such as real-world adversarial tracking, network vulnerabilities, web exploitation, API abuse, and more.
See More
Rating
9
courses
courses
Courses
CVE Series: Openfire (CVE-2023-32315)
If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against CVE-2023-32315 (Openfire Path Traversal to RCE), you won't want to miss this course. You will identify the vulnerability, exploit it, and mitigate it in a hands-on, secure lab environment. Don't let Openfire catch you off guard.
Lateral Movement: Remote Desktop Protocol (RDP)
T1021.001 is a comprehensive course that delves into the realm of lateral movement and remote services, with a particular emphasis on Remote Desktop Protocol (RDP). This course aims to equip students with a thorough understanding of RDP, its implementation, and the potential security implications of its use.
Valid Accounts: Local Accounts
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
Protocol Tunneling
Maintaining privacy and security has become increasingly vital for both individuals and organizations. T1572/T1573 is a comprehensive, hands-on course designed to equip participants with in-depth knowledge of protocol tunneling and encrypted channels - two critical techniques for secure and covert communication.
Exfiltration Over Alternative Protocol: Asymmetric Encrypted Non-C2 Protocol
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
Exfiltration Over C2 Channel
This course covers the Mitre TTP T1041- Exfiltration Over C2 channel, which involves exfiltrating data over a command and control (C2) channel. This technique is commonly used by threat actors to evade detection and exfiltrate sensitive information from compromised networks.
Ingress Tool Transfer
This course gives cybersecurity professionals an in-depth understanding of the MITRE TTP T1105 technique. This involves using legitimate tools to transfer malicious files onto a target network and the techniques used to evade detection. The course will also cover prevention strategies for this type of attack.
Exploit Public-Facing Application
This course covers the MITRE technique T1190: Exploit Public-Facing Application. This technique involves an adversary exploiting a vulnerability in a public-facing application to gain unauthorized access to a target network. Students will learn about the types of public-facing applications and common vulnerabilities that attackers may target.
Search Open Technical Databases: Scan Databases
This course covers various aspects of the Search Open Technical Databases: Scan Databases TTP, including its components, associated risks, and detection techniques. Participants will learn how to detect and mitigate the risks associated with this TTP (T1596.005) and techniques for validating alerts and conducting pre and post-alert preparations.
Lucas is a seasoned threat researcher in multiple security disciplines, such as real-world adversarial tracking, network vulnerabilities, web exploitation, API abuse, and more. He began his career at the US Department of Defense, where he was trained by some of the world's best operators and analysts. Lucas now operates in the Cybrary red team, emulating real-world threat actors and running purple team exercises. He has 11 industry certifications, including the OSWA, GPEN, GAWN, GCFE, and RHCSA. He is also a member of the GIAC Advisory Board. In his free time, he enjoys working outdoors to improve his farm.