-
Notifications
You must be signed in to change notification settings - Fork 0
/
0_Home.txt
33 lines (22 loc) · 3.8 KB
/
0_Home.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Content-Type: text/x-zim-wiki
Wiki-Format: zim 0.4
Creation-Date: 2020-01-26T18:35:27-08:00
===== Home CSIS88 - Security Practices =====
<-- [[https://offswitchsecurity.com/|Back to Offswitch Security]]
===== Weekly Summary =====
==== Week 1 (1/27) - Intro to Ethical Hacking ====
This week we covered a lot of information. From introductory hacking/penetration testing concepts to performing an actual real world demo. I also gave an overview of various well accepted Cyber Security professional certifications. I hope this class inspires to continue pursuing your education and honing your cyber skills. There is much to learn, and much to keep up with in this industry. Its important to keep an open mind when things arent working out as expected. Like anything in life, when things get tough, try harder...
==== Week 2 (2/3) - Cryptography Fundamentals ====
We talk about various methods and types of encryption, how it's used to conceal information and how it applies to the CIA Triad. As secure as encryption may sound, it is still vulnerable to brute force attacks and inadequate implementation. We realize that compute power is getting cheaper and may become more of a threat to encryption. Here is a link by Daniel Miessler on [[https://danielmiessler.com/study/encoding-encryption-hashing-obfuscation/|Encoding vs. Encryption vs. Hashing vs. Obfuscation]] that will help put some things into perspective going into this week.
==== Week 3 (2/10) - TCP/IP Fundamentals and Malware Basics ====
Im spending the first 30 minutes wrapping up Cryptography and then we'll dive into good ol' network fundamentals. Hopefully, we can get through everything I want to cover this week so you can start tapping the keyboard more often. I found this pretty good document on the OSI model, take a look, I think the author does a good job of using real world analogies to describe the OSI model. [[http://www.toadworld.net/Student%20Info/Archive/The%20OSI%20Model%20and%20the%20Godfather.pdf|The OSI Model as Explained by Laura Robinson]]
My thinking as we get into Malware is to explain the different categories and then use Metasploit to create a payload to showcase the concepts learned. I think you'll find it interesting.
==== Week 4 (2/19) - Footprinting/Recon (OSINT) ====
We take a break on Monday for President's day, but we get back to hacking things on Wednesday. I'll be covering the topic of Open Source Intelligence, or OSINT for short. This is our very first phase in our pentesting assessment or hacking methodology. We learn everything we can about our target or client so that our attacks are more specialized and accurate. We'll use use tools like whois, nslookup, dig for DNS recon, and Wget or Httrack to mirror a website. I'm already giving too much away...see you on Wednesday.
==== Week 5 (2/24) - Port Scanning ====
Straight from the whatismyipaddress.com website: **Port Scanning** is the name for the technique used to identify open ports and services available on a network host. It is sometimes utilized by security technicians to audit computers for vulnerabilities, however, it is also used by hackers to target victims. Yes, as the description indicates, we will be scanning for open ports this week. See you in class.
==== Week 6 (3/2) - Sniffers ====
==== Week 7 (3/9) - System Hacking ====
==== Week 9 (3/30) - Midterm Excellence ====
==== Week 10 (4/6) - Pentesting Web Applications ====
Ah yes! Once of my favorite topics in Ethical Hacking. This week we will be exploring the vast world of the Web and its technologies. Client side and server side technologies galore. We will look at some of the vulnerabilities as explained in the OWASP Top 10, which is a great resource if you are interested in web development and programming. There are many tools at our disposal to aid in finding those vulns and exploiting them. Let's hack some web apps.