Hacking Software - Attacker Techniques Exposed
The true threat: insiders and outsiders. This 72 hour class begins with examples of security breaches, then move to current day exploits and vulnerabilities of real application code. The case studies will illustrate the broad range of threats that organizations face from both external actors as well as insiders. For each attack scenario, we will go through the underlying flaws, exploits, vulnerabilities and consequences.
|Contact Hours:||37 hr Lecture 35 hr labs|
|Prerequisites:||Understanding of TCP/IP Protocols|
|Credits:||72 CPE / 3 CEU|
|Method of Delivery:||Residential (100% face-to-face) or Hybrid|
|Method of Evaluation:||95 % attendance 2. 100 % completion of Lab|
|Grading:||Pass = Attendance+ labs & quizzes Fail > 95% Attendance|
Sample Job Titles:
IA Operational Engineer
IA Security Officer
IS Manager/ IS Specialist
IS Security Engineer
IS Systems Security Manager
Platform Specialist/ Security Administrator
Security Analyst/ Security Control Assessor
Text Materials: SU Class handbook, lab, SU resource CD’s and attack handouts.
This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
Who Should Attend Information Security and IT managers; Information Assurance Programmers; Information Security Analysts and Consultants; Internal Auditors and Audit Consultants; QA Specialists, Systems Security Architecture - Designs and develops system concepts and works on the capabilities phases of the systems development lifecycle. Translates technology and environmental conditions (e.g., laws, regulations, best practices) into system and security designs and processes.
Machines a Dual Core 4M Ram, 350 Gig drives, running MS OS, linux, and VMWare Workstation
Tools for class -Whois, Google Hacking, Nslookup , Sam Spade, Traceroute , NMap , HTTrack , Superscan , Nessus, PSTool, Nbtstat, Solarwinds ,Netcat , John the ripper , Nikto/Wikto ,Web Scarab , HTTP Tunnel (hts.exe) , LCP ,Cain and Abel, Ettercap system hacking ,John the Ripper Wireshark sniffers, TCP dump, D sniff , tcpdump, Metasploit, ISS exploit, web app,Core Impact , Snort , Infostego, Etherape ,Firefox with plugins (Hackbar, XSSme...) ,, ebgoat, Web Inspect, Ida Pro, Helix, Wget, Cyrpto tool, 'Curl'
- Students will be able to produce software components that satisfy their functional requirements without introducing vulnerabilities
- Students will be able to describe the characteristics of secure programming
- Explore methods to zombify browsers
- Discuss using zombies to port scan or attack internal networks
- Explore attack frameworks
- Walk through an entire attack scenario
- Exploit the various vulnerabilities discovered
- Leverage the attacks to gain access to the system
- Learn how to pivot our attacks through a Web application
- Understand methods of interacting with a server through SQL injection
- Exploit applications to steal cookies
- Execute commands through Web application vulnerabilities
- Threat Modeling
Lesson Plan 40 hrs lecture/ 32 hrs labs 75 question Online exam last day of class
Lesson 1 and ½ Lesson 2
7 hrs Lecture 4 hr Labs
Examine some trends in software vulnerabilities. Over the years, the industry has seen some distinct trends emerge in vulnerabilities. One of the most interesting is the fact that actors have moved their assaults to the application layer instead of the network layer. This section examines those trends in detail.
Lesson 2 & ½ Lesson 3
7 hrs Lecture 5 hr Labs
Live vulnerability and exploit tour! This is the core of the class. In this section, attendees will go through a wide range of software vulnerabilities and the instructor will show sample exploits for these vulnerabilities live. This tour will span today's most pervasive vulnerabilities including cross-site scripting, SQL injection, buffer overflows, format string vulnerabilities, and many others. Attendees will gain awareness and key insights into these vulnerability types as well as the ease with which the actor community can exploit them.
2 hrs Lecture 5 hr Labs
Tools and Threats. The threat is growing and so is the number of tools that lower the bar for actors. This section takes the audience inside the underground world of the actor and illustrates the range of tools available to adversaries.
2 hrs Lecture 3 hr Labs
Thinking Like the Actor: Threat Modeling. A critical step in securing an application or system is to methodically think through threats. In this section we present several techniques for threat modeling and also walk the audience through the process of modeling threats against several systems.
2 hrs Lecture 3 hr Labs
Incorporating Threats Into Software/System Design, Development, Testing and Deployment. By thinking about threats at each stage of the development lifecycle, we can make software and systems that are more resilient to attack. Attendees will walk away with an introduction to tools and techniques to build security in.
Grades - All students must ordinarily take all quizzes, labs, final exam, and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while your mitigating the threat step by step
Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below. The first is intended for those inexperienced in (or less comfortable with the idea of) hacking. The second is intended for those experienced in (or more comfortable with the idea of) hacking. Both are available at sites like Amazon.com. Both are avail at the SU Hacker Library. Realize that free, if not superior, resources can be found on the SU website.
Those Less Comfortable - Hacking for Dummies, Kevin Beaver - Publication Date: January 29, 2013 | ISBN-10: 1118380932 | Edition: 4
For Those More Comfortable The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy by
Patrick Ngebretson (Jun 24, 2013)
The book below is recommended for those interested in understanding how their own computers work for personal edification