Curso de seguridad ofensiva

off_sec_banner3.png

W. Owen Redwood profesor de la Universidad del Estado de Florida ha publicado el material de la clase que imparte junto a Prof. Xiuwen Liu sobre seguridad ofensiva.

La clase está programada para ser impartida en 15 semanas de la siguiente forma:

  • Week 1 (Intro / Overview)
    • Lecture 1: Intro, Ethics, & Overview
    • Lecture 2: Linux Overview
  • Week 2 (Overview / Code Auditing)
    • Lecture 3: Windows Overview
    • Lecture 4: Rootkits; Code Auditing
  • Week 3 (Reverse Engineering Workshop Week)
    • Lecture 5: x86 Reverse engineering
    • Lecture 6: x86 Reverse engineering 2
  • Week 4 (Exploit Development)
    • Lecture 7: Fuzzing and Exploit Development 101
    • Lecture 8: Shellcode and Exploit Development 102
  • Week 5 (Exploit Dev / Networking)
    • Lecture 9: Exploit Development 103: SEH Exploitation, Heap Sprays, and Executable Security Mechanisms
    • Lecture 10: Networking 101: Data Layer, Link Layer, and IP layer
  • Week 6 (Networking / Web Application Hacking)
    • Lecture 11: Networking 102: TCP layer, Important Protocols, Services, Portscanning, ARP
    • Lecture 12: Web application Hacking 101
  • Week 7 (Web Application Hacking)
    • Lecture 13: Web Application Hacking 102: Big picture of topics so far, SQLi, XSS
    • Lecture 14: Web Application Hacking 103: SSL attacks, advanced techniques
  • Week 8 (Web Application Hacking / Exploit dev)
    • Lecture 15: Web Application Hacking 104 & Exploit Development 104
    • Lecture 16: Midterm review & Exploit Development 105 (ROP)
  • Week 9: (Special Topics)
    • Lecture 17: The Modern History of Cyber Warfare
    • Lecture 18: Social Engineering
  • Week 10 (Metaspl0it):
    • Lecture 19: Metasploit
  • Week 11 (Post Exploitation and Forensics):
    • Lecture 20: Meterpreter and Post Exploitation
    • Lecture 21: Volatility and Incident Response:
  • Week 12 (Physical Security):
    • Lecture 22: Physical Security Workshop: Lockpicking, USB mischief, and BacNET/SCADA system security
  • Week 13 (Malware / Student Presentations):
    • Lecture 23: Advanced Malware Techniques
  • Week 14-15 (Student Presentations)
Algunas de las sesiones no contienen vídeo según parece por problemas técnicos, pero los recursos y las diapositivas están disponibles a excepción de la sesión sobre malware.

También puedes acceder a los trabajos o deberes asignados.