Listen to this Post
Course Overview:
“Constructing Defense” by Just Hacking Training is a comprehensive cybersecurity course designed for blue teamers, offering hands-on experience in defending against real-world attacks. The course features a massive virtualized lab environment with 100+ videos and an updated curriculum, including Splunk, Windows & Active Directory, Linux & Kubernetes, and cloud platforms like AWS & Azure.
Course Structure:
- Course 1: to Windows Servers & Clients (Active Directory).
- Course 2: Linux & Kubernetes defensive techniques.
- Course 3: Cloud security in AWS & Azure.
Latest Updates (ConDef 2025):
- New Splunk integration for threat hunting.
- Expanded cloud security modules.
- Additional quizzes and lab navigation guides.
Pre-Release Offer:
Use code “ConDef25” for 25% off (expires March 31). Enrollees get immediate access + free upgrade to ConDef 2025 in April.
🔗 Course Link: Constructing Defense – Just Hacking Training
You Should Know:
1. Windows & Active Directory Commands (Course 1)
- Check User Logins:
Get-ADUser -Filter -Properties LastLogonDate | Sort-Object LastLogonDate -Descending
- Audit GPO Changes:
Get-GPOReport -All -ReportType HTML -Path "C:\GPO_Report.html"
- Detect PSExec Attacks:
netstat -ano | findstr "445"
2. Linux & Kubernetes Commands (Course 2)
- Check Suspicious Processes:
ps aux | grep -E "(nmap|metasploit|sqlmap)"
- Kubernetes Pod Inspection:
kubectl get pods --all-namespaces -o wide
- Log Analysis with
journalctl:journalctl -u sshd --no-pager | grep "Failed password"
3. AWS & Azure Cloud Security (Course 3)
- AWS S3 Bucket Permissions Audit:
aws s3api get-bucket-acl --bucket BUCKET_NAME
- Azure Suspicious Login Alerts:
Get-AzLog -StartTime (Get-Date).AddDays(-1) -Status Failed
- Splunk Query for Brute-Force Attacks:
index=security sourcetype=linux_secure "Failed password" | stats count by src
What Undercode Say:
This course bridges defensive cybersecurity gaps with actionable labs—whether hardening Windows AD, analyzing Linux logs, or securing cloud workloads. Key takeaways:
– Threat Hunting: Use Splunk to correlate attacks (e.g., index=firewall DENY).
– Kubernetes Defense: Restrict pods with kubectl apply -f network-policy.yaml.
– Cloud Hardening: Enable AWS GuardDuty or Azure Sentinel for automated threat detection.
Pro Tip: Combine these commands with SIEM tools (Elasticsearch, Wazuh) for real-time monitoring.
Expected Output:
- Windows: GPO reports, failed RDP logs.
- Linux: `auditd` rules for file integrity.
- Cloud: JSON policies for least-privilege access.
- Splunk: Dashboards for attack visualization.
🔗 Enroll Here: Constructing Defense Course
References:
Reported By: Carlos Espinoza01 – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
