## **Python & Cybersecurity**

- Introduction to Cybersecurity
- How Python is Used in Cybersecurity
- Resources and Tools
- Experimentation with Cryptohack 

Note: The information provided in this cybersecurity class is intended for general knowledge and awareness only. Check with your universities policies before working with any tooling presented in the material. 

### **1. Introduction to Cybersecurity**

   - **What is Cybersecurity?**
     - Cybersecurity involves protecting systems, networks, and data from digital attacks to ensure Confidentiality, Integrity, and Availability (CIA Triad).

   - **Key Areas of Cybersecurity**
     - **Network Security**: Protects network infrastructure from unauthorized access.
     - **Application Security**: Secures applications at every stage of development and deployment.
       - **OWASP (Open Web Application Security Project)**: A prominent organization that publishes guidelines for secure coding, including the [OWASP Top 10](https://owasp.org/www-project-top-ten/), which highlights the most critical security risks in web applications (e.g., Injection, Cross-Site Scripting, Insecure Deserialization).
     - **Information Security**: Protecting data privacy and integrity.
     - **Operational Security**: Managing and protecting sensitive data and systems in everyday operations.
     - **Incident Response & Forensics**: Detecting, analyzing, and responding to security breaches.
   
   - **Source:**  
     - [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)  
     - [OWASP Top 10](https://owasp.org/www-project-top-ten/)

### **2. How Python is Used in Cybersecurity**

   - **Why Python?**
     - Python’s readability, flexibility, and libraries make it suitable for cybersecurity, enabling rapid development for scripting, automation and testing.

   - **Popular Use Cases**
     - **Web Application Security and OWASP Compliance**: Python can automate vulnerability scans and simulate attacks on web applications based on OWASP guidelines.
     - **Network Scanning**: Tools like `nmap` for analyzing network architecture.
     - **Data Encryption**: `pyca/cryptography` for implementing encryption and decryption techniques.

   - **Source:**  
     - [Scapy Documentation](https://scapy.readthedocs.io/)  
     - [awesome-python-security](https://github.com/guardrailsio/awesome-python-security?tab=readme-ov-file)

### **3. Resources and Tools**

   - **Libraries to Explore**
     - **`Scapy`**: For network packet analysis, useful in vulnerability scanning.
       - [Scapy Documentation](https://scapy.readthedocs.io/)
     - **`Requests` and `BeautifulSoup`**: For open-source intelegence (OSINT) tasks and simulating OWASP web application security tests.
     - **`PyCryptodome`**: For cryptographic functions like encryption, useful in ensuring data integrity.
     - **`Impacket` and `Pwntools`**: For penetration testing and exploitation, aligning with the OWASP principles for security testing.
  
   - **Organizations to Follow**
     - [CMU Cybersecurity Programs](https://catalog.coloradomesa.edu/areas-study/cyber-security/)
     - [NIST Cybersecurity](https://www.nist.gov/cyberframework)  
     - [OWASP](https://owasp.org/)
     - [SANS](https://www.sans.org/)

### **4. Cryptohack**
Cryptohack is a free hacking playground to learn more about crypotography using Python.
1. [CryptoHack Registration](https://cryptohack.org/register/)
2. [Introduction to Cryptohack](https://cryptohack.org/courses/intro/course_details/)