This course analyzes real-world examples of adversaries performing Access Token Manipulation and discusses how we can emulate this behavior. The course is broken down into modules, with each module focusing on a specific sub-technique for Access Token Manipulation. The first module focuses on the token impersonation/theft sub-technique, and it dives into two real world examples from FIN8 and Shamoon.
Target Audience
This course is meant for adversary emulators who want to learn more about access token manipulation.
Course Prerequisites
Adversary Emulation Fundamentals Course Technical primer courses on Access Tokens and Access Token Manipulation.
