Cyber Buffet
Description
We will cover five classes worth of material in a week: securing web applications, securing APIs, attack techniques, network security monitoring with Splunk, and ARM
Assembly and exploitation. There are many hands-on projects for each topic, ready to be inserted into your classes.
This workshop is structured as a Capture-The-Flag competition, so each participant can proceed at their own pace. The techniques will be briefly demonstrated, and we will provide tips and help as needed to make sure everyone is able to solve at least some of the challenges.
The participants will not all learn the same thing, but will each learn something new and useful.
Pre-requisites
Participants should understand networking and security at the Net+ and Security+ level. No programming experience is required.
Textbook
All the software used is freely available, and all the projects are copyright-free and available freely on the Web. No textbooks are required.
sam bowne
Instructor
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.
Formal education: B.S. and Ph.D. in Physics Industry credentials:
Infosec: CISSP, Certified Ethical Hacker, Security+, Defcon Black Badge, Splunk Core Certified User
Networking: Network+, Certified Fiber Optic Technician, HE IPv6 Sage, CCENT, IPv6 Forum Silver & Gold, Juniper JN0-101, Wireshark WCNA
Microsoft: MCP, MCDST, MCTS: Vista
Objectives
At the completion of this track, the participants will be able to…
- Explain the security risks of Operational Technology networks and how to mitigate them
- Audit Android apps for important security vulnerabilities
- Analyze Windows malware and identify Indicators of Compromise
- Develop exploits for Windows systems
- Find security flaws in applications and correct them
Class Location
Collin College – Preston Ridge Campus, IT Center, Room XXX
Daily Agenda
Day 1: (July 15) – OT Security
Operational Technology (OT) is hardware and software that controls physical processes like factories and power plants. These processes are far more efficient when networked services monitor, control, and automate them, but also are exposed to network attacks. The primary OT protocols, such as Modbus and DNP3, are decades old and lack security features. This class covers the risks of OT installations and how to secure them.
Prior knowledge: No experience with programming or hardware is required. It’s recommended to have familiarity with networking at the Network+ level.
Day 2: (July 16) – Mobile App Security
Practice finding flaws in real Android and iOS apps in this workshop, and you will be ready to avoid making similar security errors in your own apps.
Android apps are very easy to unpack, analyze, modify, and repack; partly because of the open nature of the system, and partly because most companies neglect basic security measures. In this workshop, participants will hack apps from tProgressive Insurance, IBM, Harvard, the Indian government, and other large organizations. We will find insecure network transmissions, broken cryptography, improper logging, and pervasive lack of binary protections.
Prior knowledge: Some experience with Java coding is helpful but not necessary.
Day 3: (July 17) – Malware Analysis
Analyze malware to find indicators of compromise using static and dynamic techniques. We will modify Windows code to cheat at games and examine the actions of malware, including droppers, botnets, and keyloggers. We will use PEstudio, IDA Pro, Ghidra, OllyDbg and other tools.
Prior knowledge: Familiarity with programming in C and assembler is helpful but not necessary.
Day 4: (July 18) – Introduction to Exploit Development
Learn how to take control of Windows and Linux servers running vulnerable software, in a hands-on CTF-style workshop. We begin with easy command injections and SQL injections, and proceed through binary exploits incuding buffer overflows on the stack and the heap, format string vulnerabilities, and race conditions.
After this workshop, you will understand how memory is used by software, and why computers are so easily tricked into executing bytes as code that entered the system as data.
We will exploit 32-bit and 64-bit Intel systems, and also ARM-based systems. We will examine modern Windows defenses in detail and how to defeat them, including ASLR, DEP, stack cookies, and SEHOP.
Prior knowledge: Previous experience with C and assembly language is helpful but not required.
Day 5: (July 19) – Secure Coding
Learn how to find vulnerabilities in code and fix them. First we will discuss threat analysis and how to prioritize risks using the STRIDE model and the CVSS scoring system. Then participants will examine deliberately insecure apps written in PHP, NodeJS, or other common languages. They will work in groups, and use three methods to find flaws: a source code scanner, a dynamic vulnerability scanner, and manual testing. Discussions during and after these examinations will help the participants understand how to apply these techniques to improve the quality of the code they write.
Prior knowledge: Participants should have some experience coding apps in any language.
Please note that content is subject to change or modification based on the unique needs of the track participants in attendance.