Violent Python Book

Optional book ($35)

Python Scripting for Cybersecurity Professionals

Thu, Jan 5, 2017 3:30-5:20
Cisco, San Jose
Sam Bowne

Home Page


Course Description

IT and security professionals who don't know coding should take this course. Attendees will learn fast, simple coding techniques by performing hands-on projects and competing to solve challenges. These skills are appropriate for prototypes, demonstrations, and proof-of-concept code. The focus on hacking and competition helps to keep students motivated and engaged.

Prerequisites

Familiarity with networking and security concepts at the Network+ and Security+ level would be best, but it's not required. No previous coding experience is required.

Projects

NETLAB at Moraine Valley

Windows Users: Download Python 2.7 Here

Basic Python
CodeCademy Python Lesson Local

Network Attacks with Python

Basic Port Scanning with Python NETLAB * Local
Port Scanning Challenges NETLAB * Local
HTTP Requests with Python NETLAB * Local
HTTP Login Challenges NETLAB * Local

Packet Crafting with Python and Scapy

Introduction to Scapy NETLAB * Local
TCP Handshake with Scapy NETLAB * Local
yesman--Scanner Honeypot with Scapy NETLAB * Local
ARP Spoofing with Scapy NETLAB * Local
Slow Loris Attack with Scapy NETLAB * Local
IPv6 with Scapy NETLAB * Local
IPv6 Router Advertisements with Scapy NETLAB * Local
Advanced Ethical Hacking Class

Command Injection Challenges
These challenges work locally as written. They also work inside Netlab: Use the Kali64 machine, and open samsclass.info in IceWeasel.
Essential Linux (Bash)
1. Ping Form: Command Injection Winners
2. Buffer Overflow: Command Injection Winners
3. ImageMagick: Command Injection Winners
4. SQL Injection Winners 1     Winners 2     Winners 3

Basic SQL

CodeCademy SQL Lesson Local
Using NETLAB Local

SQL Injection Attack and Defense

Installing SQLol NETLAB(rev. 6-27-16) * Local
SQLi: Attacking with Havij and Defending with Input Filtering NETLAB (rev. 6-28-16)* Local
Exploiting SQLi with sqlmap NETLAB * Local
Fixing MySQL with Parameterized Queries NETLAB * Local

Ethical Hacking Class

Basic Networking

Sniffing HTTP Traffic with Wireshark NETLAB Local
Sniffing UDP and TCP Traffic with Wireshark Local
Using Wireshark to Analyze a Packet Capture File     Packet Capture File
NETLAB Local
Port Scans and Firewalls NETLAB Local
Analyzing a Port Scan NETLAB Local
Detecting Attacks with Snort NETLAB * Local
Network+ Class

Security+ Class

Website Attacks and Defense

HTTP Basic Authentication NETLAB * Local
Cookie Replay Local
Reverse-Engineering an Authentication Cookie Local
Defeating HTTPS with SSLstrip NETLAB * Local
Intro to Burp Local
Making a Linux HTTPS Server NETLAB * Local
Performing an HTTPS DoS Attack NETLAB * Local
Brute Force Attacks with Hydra Local
Securing Web Applications Class

Cryptography with Python

Password Hashes with Python NETLAB * Local
Password Hashes Challenges NETLAB * Local
XOR Encryption in Python NETLAB * Local
XOR Encryption Challenges NETLAB * Local
Getting Started with Multichain NETLAB * Local
Making a Blockchain Survey with Multichain Local
RSA1: Using Very Small Keys NETLAB * Local
RSA2: Cracking a Short RSA Key NETLAB * Local
Bitcoin 1: Setting up a Private Regtest Blockchain Local
Bitcoin 2: Adding a Second Node to your Private Regtest Blockchain Local
Bitcoin 3: Joining the Samcoin Blockchain Local
ROT-13 in Windows: Capturing and Examining the Registry Local
Cryptography Class
Computer Forensics Class

Exploit Development

Linux Buffer Overflow: Command Injection · Winners NETLAB * Local
Using Jasmin to run x86 Assembly Code
If you don't want the drawing of a partially undressed woman on the splash screen, use this version of Jasmin:

Download politically correct Jasmin without the cheesecake

Assembly Code Challenges
Linux Buffer Overflow Without Shellcode Practice NETLAB * Local
Linux Buffer Overflow Without Shellcode Challenges NETLAB * Local
Linux Buffer Overflow With Dash Shellcode Practice NETLAB * Local
Remote Linux Buffer Overflow With Metasploit Shellcode Practice NETLAB * Local
Linux Buffer Overflow With Shellcode Challenges · Winners NETLAB * Local

Exploit Development Class

Malware Analysis Class

* For instructions inside Netlab, open samsclass.info in IceWeasel

Cultural Enrichment

Twitter

How to view someones IP address and connection speed with TRACER T! - YouTube

I Pwned Your Server - YouTube

Downloads

The three machines used for the NETLAB projects are here:

Kali32-2.ova 4.06 GB

Kali64-2.ova 4.08 GB

Ubuntu-2.ova 2.33 GB

Lectures

Real Hacking (key)
Data Breaches: Real and Imaginary (ppt)
Bitcoin (key)
Security at Colleges
SSL Certificates at Banks
NETLAB password insecurity
Is Your Android App Secure? (ppt)
Financial Android App Vulnerabilities
Android App Security Auditing Workshop
Hacking Mobile Devices Class
Rindjael Encryption Animation (AES)

Some lectures are in Keynote format.
To comvert them to PowerPoint, use Cloud Convert.


Last updated 1-5-17 9:46 am