Syllabus
*
*Source: Stable Diffusion AI
Lectures
Topic 1. Introduction
- Code of Ethics
- Introduction and basic concepts
- Possible targets of a cyberattack
Topic 2. Cryptography Applications
- General cryptography concepts.
- Confidentiality. Symmetric and asymmetric key algorithms
- Integrity
- Authentication. Digital signatures. Authenticated encryption. Digital certificates.
- Steganography
Topic 3. Operating System Security
- Introduction.
- Physical security.
- Improving the security of an operating system, its software, users, and files.
- System security evaluation.
Topic 4. Security Policies and automated hardening
- Hardening automation. SCAP protocol.
- Sources of validated security control lists. SCAP Security Guide. STIGs. CIS Benchmarks.
- Security frameworks
- Implementing an ISMS
- Audit and security review
Topic 5. Perimeter and Network Security
- Additional networking concepts. Firewall types.
- Principles of secure network design. Network attacks and insecure designs. Secure network infrastructures.
- Introduction to network pentesting following the MITRE ATT&CK framework. Active scanning. Obtaining technical and people information. Other recognition techniques.
Topic 6. Application Security
- Application security fundamentals
- Security at the requirements level
- Secure design
- Creating secure code
- Security testing
- Secure deployment and maintenance
- Common errors in web design, APIs, and typical attacks.
Topic 7. Introduction to Red Team techniques
- The MITRE ATT&CK framework as a compendium of modern offensive techniques and tactics.
- Exploiting tactics and techniques
- Phase 2. Resource Development
- Phase 3. Initial Access
- Phase 4. Execution
- Post-exploiting tactics and techniques
- Phases 5 and 6. Persistence and Privilege Scalation
- Other post-exploiting phases
Seminars
Seminar 1: Tools for Internet Research
- OSINT with machines
- OSINT with people
- Social networks
- Reconnaissance from multiple sources
- OSINT with source code
Seminar 2: Physical Security
- Introduction
- Protecting the environment
- Protecting the equipment
- Protecting personnel
- Pre -boot protection (LOM systems)
Seminar 3: Automated Vulnerability Scanning Tools
- Introduction
- Automated scanning tools for servers
- Complementary automated scanning tools for the web
Seminar 4: Introduction to Reversing
- Introduction
- How to load an executable for inspection with Ghidra
- How to inspect executable data
- How to inspect executable code and behavior
- Decompiling
- Data annotation
- Call graphs
Seminar 5: Input Validatyion and Security Coding Techniques
- Security requisites
- Input validation and output encoding
- Access control
- Cryptography and data security
- General secure code creation practices
- System configuration, development tools and dependencies
Seminar 6: HTTP Security and CSP
- Introduction
- Custom HTTP headers
- Content Security Policy (CSP)
- Strict CSP
- Other HTTP security-related headers
- Examples
- New advances in the field
Laboratories
Laboratory 1: System Setup
- Block 1: Virtual Machine Setup
- Block 2: Basic Security Operations
- Block 3: Additional Basic Security Operations
Laboratory 2: Information Discovery and OSINT
- Block 1: Exploring web contents
- Block 2: Searching for Gold
- Block 3: Looking Back Over my DNS
- Block 4: Inspecting IPs
- Block 5. Let’s Make it Personal: Privacy, Browsing Security and Social Networks
Laboratory 3: Cryptography Applications (I)
- Block 1: Symmetric Cryptography Applications
- Block 2. Encoding, Obfuscation and Steganography
- Block 3. Introduction to Offline Password Cracking
Laboratory 4: Cryptography Applications (II)
- Block 1: GNUPG Management
- Block 2. Confidentiality and Authentication
- Block 3. Integrity and Identity
Laboratory 5: Linux OS Security (non-automatable)
- Block 1: User-related security
- Block 2: Process-related Security
- Block 3: File-related Security
- Block 4. Host networking security
- Block 5: Logging and Monitoring
Laboratory 6: Automatable Linux OS Security Policies
- Block 1: Managing oscap policie
- Block 2. Oscap remediation
- Block 3: Examining STIGs
- Block 4: Applying a third-party CIS security policy to an Ubuntu server
Laboratory 7: Network Security
- Block 1: Host Networking Protection
- Block 2. Connection protection
- Block 3. Extreming security in connections
Laboratory 8-9: Network Enumeration
- Block 1: Enumeration With Nmap Lv1
- Block 2: Enumeration with Nmap Lv2
- Block 3: Enumeration With Nmap Lv3
- Block 4. Beyond Nmap. Other enumeration techniques.
Laboratory 10: Defending Web Applications
- Block 1: Installing a Reverse Proxy
- Block 2. Web Application Firewalls
- Block 3. Network Intrusion Detection Systems
- Block 4: Automated SCA and SAST in Application development
Laboratory 11: Red Team Techniques through MITRE ATT&CK (Part 1)
- Block 1: MITRE ATT&CK Phase 3. TA0001 Initial Access
- Block 2: MITRE ATT&CK Phase 4. TA0002 Execution
- Block 3: MITRE ATT&CK Phase 9-10: TA0009. Collection / TA0010. Exfiltration
Laboratory 12-13: Red Team Techniques through MITRE ATT&CK (Part 2)
- Block 1: MITRE ATT&CK Phase 4. TA0002. Execution (continued)
- Block 2: MITRE ATT&CK Phase 6: TA0004. privilege scalation
- Block 3: MITRE ATT&CK Phase 6: TA0004. privilege scalation (continued)