Senior Instructor
Matthew Mullins
Security Researcher - Adversary Emulation
Matt Mullins is a seasoned professional within offensive security with over a decade of experience where he has worked in medical, financial, and government spaces.
See More
Rating
41
courses
courses
Courses
CVE Series: HiveNightmare (CVE-2021-36934)
HiveNightmare (CVE-2021-36934) is a serious vulnerability that gives threat actors access to sensitive data in the Windows Registry. Don't get stung by HiveNightmare. Get hands-on experience mitigating and exploiting this vulnerability in a secure lab environment by taking this course today.
Red Team Operator Series: Automated Target Acquisition and Validation (RTXO OSINT 103)
Once you’ve collected your intel and enumerated your targets, validating them before beginning an engagement is essential. You can do this manually, but often this is difficult at the enterprise scale. Learn the tools and techniques to automate the acquisition and validation of your targets so you can focus the Red Team engagement going forward.
Red Team Operator Series: Enumeration of Assets (RTXO OSINT 102)
Once you’ve identified information of interest with OSINT, it’s time to enumerate those findings to expand your understanding. In this course, we’ll dive into tools and techniques to expand on your findings while continuing to leverage publicly available information about your organization. See what the adversaries see so you can close those holes.
Red Team Operator Series: Scanning and Identification (RTXO OSINT 101)
OSINT (Open Source Intelligence) is how most engagements begin from an adversary perspective. Be sure your organization isn’t exposing too much by leveraging the same tactics adversaries deploy. Learn to scan and identify open-source signals available to adversaries so you can mitigate these risks for your organization.
Red Team Operator Series: Leading Teams (RTXO 103)
Focuses on the program level perspectives and experience needed to run both small and large Red Teams across your organization. With challenges like timelines and budget constraints always in place, how can we complete research and have time (as a Red Team) to attack in a smart and focused way that benefits our Blue Team and entire organization?
Red Team Operator Series: Leading Operations (RTXO 102)
Focusing around the specific roles that are needed to run successful Red Team operations. The exercises throughout this course provide learners with valuable experience in managing different sections of an engagement experience, which provides everyone with a deeper understanding of the goals behind and during the actual Red Team engagement.
Red Team Operator Series: Operations Planning (RTXO 101)
Explore the exciting world of Red Team operations and how the process phases impact each engagement. Learn about threat emulation, TTPs, threat profiles, and deliver an effective report readout. Identify the perfect individual to lead your Red Team operations, and gain a new perspective to be better prepared for your role!
Red Team Operator Series: Operations Overview (RTXO 100)
Focuses on basics of designing, implementing, and maintaining Red Team operations for both smaller and larger organizations. Explore concepts of Red Teaming and how the Attack Chain works in conducting offensive operations. Review between Red & Blue operations to determine what roles are required throughout the entire incident response life cycle.
Challenge: Update B4 It's 2Late
National Cybersecurity Awareness Month has four themes; the last being 'Update Your Software.' This challenge will have you analyze a log and identify a web application attack. The goal is to piece together the narrative from the suspicious requests and understand how attacks like these can happen when you do not update your software.
Challenge: MFA ... All Day Every Day
National Cybersecurity Awareness Month has several themes, one of which is Multi-Factor Authentication (MFA). This MFA challenge will have you analyze a log and identify the potential MFA attack. The goal is to review suspicious requests and identify how MFA can be attacked in real-world use cases.
Challenge: Password123
National Cybersecurity Awareness Month has several themes, one of which is Password Complexity Awareness. This password challenge will have you analyze a password and validate if it is secure. The goal is to attempt to crack a password and gain hands-on skills to evaluate the importance of password complexity for real-world use cases.
Challenge: Teach a Person to Phish
National Cybersecurity Awareness Month has several themes, one of which is Phishing Awareness. This phishing challenge will have you analyze a real phish caught in the wild! The goal is to identify exactly why it was flagged as a phish and gain hands-on skills to validate a suspicious email!
Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.