An updated running of Hack Lab (first run in 2018)
Instructor Information
- Instructor: Hexadecim8 (Hexa)
- Contact info @ https://hexadecim8.com
This class will run for one hour a week for 15 weeks over the course of one semester.
In Hack Lab, we will be building our understanding of Computer Network Exploitation (CNE) Computer Network Defense (CND) and learning how to be positive contributors to the network security ecosystem. We will achieve this through a mix of class instruction and labs designed to challenge student's understanding of computer technology, its limitations, and how we can take advantage of those limitations for our own gain. This is a class for students who are serious about exploring a future in computer technology. Students who are interested in offensive and defensive computer security, or even system engineering/administration will do best with the material in this class. The material is likely to be too dense, or even disintersting to students who are only casually interested in computers or the internet. Please consider this before registering for the class.
This will be a tight-knit class. We will build a healthy culture among our peers that mirrors the best elements of the hacking community. We will learn while we play, and have a lot of fun doing it. I encourage students of this class to engage with the public hacking community and take advantage of activites happening both locally (in the form of hacking conferences) and remotely (in the form of bug bounty programs and CTFs).
This is not an introductory class!! Students should be well acquainted with computers and have at least an intermediate understanding of both computer operation and computer networking. In addition to having a healthy curiosity and enthusiasm for computers, students should come prepared with at minimum basic knowledge of the following:
- Operating systems
- What is it?
- Can you name 3 different operating systems?
- How do these operating systems differ?
- Do you have familiarity with linux/unix?
- Computer networking
- What is it?
- What does it enable computers to do?
- What is a subnet?
- What network devices can you name?
- What is a 'tuple'?
- Can you explain what a network port is?
- Programming
- What is a computer program?
- How does a computer program work?
- Computer Operation
- What is a terminal window?
- Have you used this before?
- What can you do in a terminal that you might not be able to do in a GUI?
- Can you tell me what the following basic commands do in Linux?
- 'ls'
- 'cd'
- 'touch'
- 'rm'
- 'man'
- What is a terminal window?
In this class, we will be applying technical understandings of computer systems and combining those understandings with our creativity in order to gain access to places we aren’t given explicit permission to be. We will learn where our legal and ethical boundaries are, and understand the importance of exercising common sense and discretion to how we conduct our operations.
Required text and materials: (more to come)
- A laptop computer with wifi internet connection
- Required text:
- Red Team Field Manual
- Smashing The Stack For Fun And For Profit
- Recommended (but optional)text & Other Readings:
Please have accounts on the following free websites:
By the end of this class, students will obtain understanding and experience in the following topics:
- The principles of cybersecurity
- How an exploit works
- Experience in enumeration & exploitaiton
- The penetration tester methodology
- A sense of ethics around offensive activity and how to defend against it
-
Backup your work!!! If you write something you can’t replace, make SURE that you scp the files back to your machine, or backup with some other method. If you have questions about this, please make sure to ask me.
-
Play Nice - This is a place of learning for all of us. If you get access to a classmate’s environment, be kind and don’t delete or move their stuff. The golden rule always applies, and don't forget; there's always a bigger fish.
-
Participation is key - It's easy to sit in class and do nothing, but asking questions and participating in discussions and labs will greatly benefit students of this class. You will get out of this class what you put in. I have had students who have had an absolute blast in this class in past offerings. Many of those students have gone on to participate in conferences and even National Security Agency internships. If this sounds exciting to you, then you're in the right place.
-
Be in class - I cannot stress enough how important it is to regularly attend class. In this class, it will be very easy to fall behind, especially if you do not make an effort to stay on top of class materials. If you find that you have any trouble keeping up with assignments or other aspects of the course, make sure you let your instructor know as soon as possible. Make sure that you are proactive in informing your instructor when difficulties arise during the semester so that we can help you find a solution.
-
Maturity - Keeping in mind that we're still in high school, a basic level of maturity is requested for participation in this class. What we will be learning does have the potential to be used in malicious ways, and ensuring that students are being as constructive with the course material as possible is essential to staying out of trouble. We can be silly while also respecting the hazard of the knwoledge we possess
I will be limiting this class to 6 students for the 2023 offering, and I will not be able to accomodate exemptions. If you have any questions or concerns, please reach out as soon as possible!