ＨｉｄｅＺｅｒｏＯｎｅ

Let’s delve into the “Get Good at Python” learning path offered by OffSec. This curated cybersecurity path aims to enhance your Python skills and empower you with practical knowledge. Here’s what you can expect from this learning journey:

1. Foundational Python Skills:
   • Dive into Python essentials, including syntax, data types, and control structures.
   • Learn how to write efficient and clean Python code.
   • Explore common libraries and modules used in Python development.
2. Web Application Security with Python:
   • Understand how Python is leveraged in web security.
   • Explore topics such as input validation, authentication, and secure coding practices.
   • Learn about common vulnerabilities and how Python can be used to mitigate them.
3. Automating Security Tasks:
   • Discover how Python can streamline security operations.
   • Automate repetitive tasks, such as scanning, reporting, and log analysis.
   • Gain insights into scripting for penetration testing and vulnerability assessment.
4. Advanced Python Techniques:
   • Delve into more complex Python concepts.
   • Explore topics like multithreading, networking, and data manipulation.
   • Learn how to build custom tools and scripts for specific security scenarios.
5. Real-World Projects and Challenges:
   • Apply your Python skills to practical scenarios.
   • Work on hands-on projects related to cybersecurity.
   • Tackle challenges that simulate real-world situations.

By completing this learning path, you’ll be well-equipped to wield Python effectively in the realm of cybersecurity. Whether you’re a beginner or looking to level up your existing Python expertise, the “Get Good at Python” path provides a comprehensive and practical approach to mastering this versatile programming language.

OffSec – Get Good at Python

The Corelan “BOOTCAMP” is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer, at a conference. During this (typically 3 ‘long’ day) course, students will be able to learn all ins and outs about writing reliable exploits for the Windows platform.  The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.

We believe it is important to start the course by explaining the basics of stack buffer overflows and exploit writing, but this is most certainly not “your average” entry level course. In fact, this is a true bootcamp and one of the finest and most advanced courses you will find on Win32 stack based exploit development.

This hardcore hands-on course will provide students with solid understanding of current x86 (stack based) exploitation techniques and memory protection bypass techniques.  We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves.  Combined with the way the course is built up, this will turn this class into a truly unique experience.

Syllabus

• The x86 environment

  • System Architecture
  • Windows Memory Management
  • Registers
  • Introduction to Assembly
  • The stack
  • Running 32bit applications on a 64bit OS (wow64)

• The exploit development lab environment

  • Setting up the exploit developer lab
  • Using debuggers and debugger plugins to gather primitives

• Stack Buffer Overflows

  • Stack Buffers
  • Functions
  • Saved return pointer overwrites
  • Stack cookies
  • Structured Exception Handlers
  • etc

• Egg hunters

  • Using egghunters
  • Egg hunters in a WoW64 environment

• Reliability++ & Reusability++

  • Finding and avoiding bad characters
  • Creative ways to deal with character set limitations

• Metasploit framework Exploit Modules

  • Writing exploits for the Metasploit Framework
  • Porting exploits to the Metasploit Framework

• ASLR

  • Bypassing ASLR

  DEP

  • Bypassing NX/DEP
  • Return Oriented Programming / Code Reuse (ROP)

  Intro to x64 exploitation

  • x64 processes, memory map, registers
  • Functions & calling conventions
  • Structured Exception Handling
  • Stack buffer overflows
  • ROP
  • Shellcode

Corelan Win32 Exploit Development Bootcamp

Android Userland & Kernel Fuzzing and Exploitation Step into the realm of comprehensive Android security with our integrated “Android Userland and Kernel Fuzzing and Exploitation” course. Designed for both novices and seasoned professionals, this course offers an extensive curriculum that covers the spectrum of Android vulnerabilities and their exploitation.

Starting with the Userland component, learners will grasp how to detect bugs in Android Userland Applications and exploit memory corruptions. The course provides a deep understanding of ARM assembly, reverse engineering, and the development of robust exploits, bypassing exploit mitigations like NX and ASLR. With 43 labs across 9 modules, students will employ advanced fuzzing techniques to pinpoint exploitable vulnerabilities.

The journey continues as we pivot to the Android kernel on the second day, where the intricacies of kernel internals, such as memory allocators and driver programming, are unraveled. Students will learn to discover bugs using kernel fuzzing techniques, including the use of sanitizers and Syzkaller. The course will guide attendees through the construction of kernel exploits crucial for sandbox escape, examining real-world vulnerabilities and the art of kernel debugging.

In Certified Ethical Hacker Elite Course You will understand how to use open-source intelligence to your advantage. Further, you will discover how to analyze and interpret network protocols and leverage Wireshark. Moving ahead, you will learn how to perform ethical hacking using Nmap. You will also learn how to perform information gathering and enumeration of Windows-specific services with Nmap and OpenVAS. You will then understand how hackers use session hijacking to attack an organization and the techniques to prevent it.

Syllabus

Open Source Intelligence
Wireshark for Ethical Hackers
Ethical Hacking with Nmap
Windows Penetration Testing Essentials
Session Hijacking and Prevention Techniques
Power of Next Generation Firewalls
OWASP Top 10 Security Fundamentals
Burp Suite: Web Application Penetration Testing
Deep Dive into Network Assessments
Applied Secure Smart City

EC-Council – Certified Ethical Hacker Elite

A non-exhaustive set of topics covered include:

• Pentesting Routers
• Attacking SSH with Metasploit, Nmap, Medusa, Hydra, Ncrack
• SNMP attacks
• Bypassing Firewalls
• Payloads and Shells
• HTTP/HTTPS tunneling
• Port Forwaring, Pivoting, Reverse Connects
• Privilege Escalation and UAC bypass
• Hash Dumping and Mimikatz
• Windows Sessions, Stations and Desktops
• Impersonation attacks
• WMIC post exploitation
• Hidden bind shells
• Bitsadmin
• Browser Password Recovery
• PAC Attacks
• DNS Poisoning
• Veil Framework and AV Evasion
• Metasploit Loader 32/64-bit
• DLL Hijacking basics
• DLL Hijacking and Meterpreter
• Privilege Escalation via DLL Hijacking
• DLL Injection using Appinit_DLLs
• Stripping Manifest Files for DLL Hijacking
• Attacking with DLL Forwarding
• Anti-Forensics techniques
• Memory Dumping and Analysis
• … ton of other interesting topics

Pentester Academy – Network Pentesting