Exploitation Analysis 2
Exploitation Analysis 2 NICE Specialty Area Package Analyzes collected information to identify vulnerabilities and potential for exploitation. This package consists of CYRIN labs focusing on the NIST National Initiative for Cybersecurity Education (NICE) Exploitation Analysis specialty area. Completing these labs …
Exploitation Analysis 2 NICE Specialty Area Package
Analyzes collected information to identify vulnerabilities and potential for exploitation.
This package consists of CYRIN labs focusing on the NIST National Initiative for Cybersecurity Education (NICE) Exploitation Analysis specialty area. Completing these labs will help you learn the skills needed for a job in the area. The “Exploitation Analysis 1” package, or equivalent experience, is suggested prior to completing this package.
Prerequisites vary by lab, but are generally: familiarity with the Unix/Linux command line and basic networking concepts (TCP/IP, DNS, etc.). The “Exploitation Analysis 1” package, or equivalent experience, is suggested prior to completing this package.
18.0 hours, self-paced. Pause and continue at any time.
18.0 CPEs awarded on successful completion.
Automating Security Analysis with SPARTA
Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.
Detecting and Exploiting SQL Injection Vulnerabilities
Students will learn how to detect and exploit SQL injection vulnerabilities. By using several SQL injections techniques students will gather information about a remote database such as server operating system, database type, table names, and most importantly, table content. Students will then use sqlmap, a tool for SQL injection, to automate this process.
Web Site Reconnaissance
Web site reconnaissance is about gathering information about a web site. Of course, there is information published on the website that is intended for people to see. Then there is information such as the name and version of the software used in the website and information about databases used by web applications on the site. This is information the website owner may not want known but can be discovered using techniques covered by CYRIN labs in the Network Monitoring and Recon and Web Application Security Analysis categories.
In this lab students will learn to find additional information from documents on the website. These documents have associated with them document metadata, which is information attached to a file that isn’t visible when the document is viewed. For example, metadata associated with a Microsoft Word document includes its creation time and the name of the person who created it. This is very likely information not intended to be publicly available.
Analyzing Potential Malware
Students will learn to use the Cuckoo sandbox to determine if an executable or document is potential malware. If the executable is packed (compressed), they will learn to use a debugger to unpack it.
Intrusion Analysis using Network Traffic
Examine packet captures from actual intrusions and dive deeper into how attackers operate! Students will learn the details of protocols such as SMB and SSH by examining network traffic captures in Wireshark®, then will proceed to build network packets “by hand” in order to tunnel secret data in normal-looking traffic. Finally, students will learn the details of “web shell” payloads commonly used by attackers.
Advanced Analysis of Malicious Network Traffic
Continue your exploration into malware’s behavior on the network! Students will analyze network captures containing real, malicious network traffic, both by hand and using tools such as Security Onion and Sguil. Both malware spreading methods and command and control operations will be explored. In addition, students will create web shell payloads of their own to see how they operate from the inside.
Capture the Flag Scenario I
One of the most important skills in cyber defense is the ability to think like an attacker. How will an adversary break in to your systems? Are your sensitive files properly hidden from prying eyes? Can a dedicated attacker steal encryption keys that would allow them to impersonate you? Knowing how such attacks might work helps you securely configure and defend your systems.
Hone your skills and see how an attacker would exploit configuration weaknesses. This Capture the Flag (CTF) scenario lets you see first-hand an attacker’s strategies for compromising your systems. Can you gain total control over a target system solely via a web application?
Capture the Flag Scenario II
Build on your skills from the first Capture the Flag (CTF) scenario with a new web server setup—can you gain root access on this box? This CTF scenario lets you see first-hand how an attacker could go about compromising your systems.
Price included 6 months of access