Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
3 contributors

Users who have contributed to this file

@rmusser01 @invalid-email-address @deveyNull
executable file 215 lines (196 sloc) 28.5 KB

Classes & Training


Table of Contents


Classes & Training

  • HEADS UP
    • These classes are all focused on computer/information security. If you're looking for online courses to learn material other than the mentioned, check out "coursera.com", Standford's online classes or MIT's online courses.
    • Coursera
    • MIT OpenCourseware
    • Standford
    • Udemy
  • General Sources/Repository of Classes
  • General Classes
    • Learning How to Learn
      • Free Coursera Course
      • About this course: This course gives you easy access to the invaluable learning techniques used by experts in art, music, literature, math, science, sports, and many other disciplines. We’ll learn about the how the brain uses two very different learning modes and how it encapsulates (“chunks”) information. We’ll also cover illusions of learning, memory techniques, dealing with procrastination, and best practices shown by research to be most effective in helping you master tough subjects.
    • ENISA CERT Exercises and Training
      • ENISA CERT Exercises and training material was introduced in 2008, in 2012 and 2013 it was complemented with new exercise scenarios containing essential material for success in the CERT community and in the field of information security. In this page you will find the ENISA CERT Exercise material, containing Handbook for teachers, Toolset for students and Virtual Image to support hands on training sessions.
    • SEEDLabs
      • People learn from mistakes. In security education, we study mistakes that lead to software vulnerabilities. Studying mistakes from the past not only help students understand why systems are vulnerable, why a "seemly-benign" mistake can turn into a disaster, and why many security mechanisms are needed. More importantly, it also helps students learn the common patterns of vulnerabilities, so they can avoid making similar mistakes in the future. Moreover, using vulnerabilities as case studies, students can learn the principles of secure design, secure programming, and security testing.
    • Hopper's Roppers Intro to Security
      • A free, self-paced curriculum that builds a base of knowledge in computers and networking prior to moving on to the fundamentals of security and defense. The course is intended to build up a student with no prior technical knowledge to be confident in their ability to learn anything and continue their security education.
    • Teach Yourself Computer Science
    • Technical Development Guide - Google
    • OSS University - Computer Science
      • Path to a free self-taught education in Computer Science!
    • cs-video-courses
      • List of Computer Science courses with video lectures.
    • Secure Software Principles - CSCI 4971, Spring 2010
  • ARM
  • Cryptography
  • Data Science
  • Databases
    • Intro to Databases Systems(CMU) / Fall 2019)
      • Site page
      • This course is on the design and implementation of database management systems. Topics include data models (relational, document, key/value), storage models (n-ary, decomposition), query languages (SQL, stored procedures), storage architectures (heaps, log-structured), indexing (order preserving trees, hash tables), transaction processing (ACID, concurrency control), recovery (logging, checkpoints), query processing (joins, sorting, aggregation, optimization), and parallel architectures (multi-core, distributed). Case studies on open-source and commercial database systems are used to illustrate these techniques and trade-offs. The course is appropriate for students with lit systems programming skills.
  • Exploit Development Training
    • exrs - Binary Exploitation/Reverse Engineering Challenge training
      • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
    • BFH Exploiting & Defense Course - Dobin Rutishauser
    • Modern Binary Exploitation - CSCI 4968 - Spring '15
      • The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux based userland binary exploitation. It will then transitionin to protections found on modern systems(Canaries, DEP, ASLR, RELRO, FortifySource, etc) and the techniques used to defeat them.Time permitting, the course will also cover other subjects in exploitation including kernel land and Windows based exploitation.
    • Modern Binary Exploitation - CSCI 4968
      • This repository contains the materials as developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation.
    • armpwn
      • Repository to train/learn memory corruption exploitation on the ARM platform. This is the material of a workshop I prepared for my CTF Team.
    • BinTut
      • Dynamic or live demonstration of classical exploitation techniques of typical memory corruption vulnerabilities, from debugging to payload generation and exploitation, for educational purposes
    • CNIT 127: Exploit Development - samsclass
    • Advanced Exploitation and Rootkit Development, CSCI Spring 2013
    • Windows Exploitation, CSCI Spring 2014
      • Abstract: As of January 2014, the Microsoft Windows operating system series maintains over a 90% market share in the global market of computing1 . This fact alone helps explain why Windows is the most commonly targeted platform for malicious exploitation by hackers, organizations, and nation states alike. With years of relentless exploitation, great strides have been made by Microsoft in securing their operating system through numerous exploit mitigation techniques from the Windows XP era onwards. This course will explore the tools, a number of mitigations, and their associated bypass techniques that are utilized in most modern exploits on the Windows platform. The outcome of this course will leave one with the ability to analyze real world vulnerabilities and develop reliable exploits from end to end for Windows XP – Windows 7 systems.
  • Incident Response/Forensics/NSM Training
  • Machine Learning
  • Malware Analysis
    • Malware Analysis - CSCI 4976
      • This repository contains the materials as developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run soley by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills in reverse engineering, malicious behaviour, malware, and anti-analysis techniques.
      • Malware Analysis - CSCI 4972/6963, Spring 2013
  • Mobile Application Security
  • Networking
    • CS 144: Introduction to Computer Networking, Fall 2019
    • Introduction to Computer Networking(Stanford) - Philip Levis, Nick McKeown
      • This is a self-paced introductory course on computer networking, specifically the Internet. It focuses on explaining how the Internet works, ranging from how bits are modulated on wires and in wireless to application-level protocols like BitTorrent and HTTP. It also explains the principles of how to design networks and network protocols. Students gain experience reading and understanding RFCs (Internet protocol specifications) as statements of what a system should do. The course grounds many of the concepts in current practice and recent developments, such as net neutrality and DNS security. A textbook is recommended, but not required: you can use either Peterson and Davie or Kurose and Ross, any version in the past 5 years will do.
  • Penetration Testing
    • Pentester Lab
      • PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.
    • FSU Offensive Security 2014
      • Florida State University Offensive Security 2014 Class materials
    • FSU Offensive Security 2013
      • Florida State University Offensive Security 2013 Class materials
    • HackSplaining
      • Security training aimed towards developers. Free.
    • Beginner Network Pentesting - The Cyber Mentor
      • Welcome to the Beginner Network Pentesting course. Previously, the course was delivered weekly on Twitch and built from lessons learned in the previous week. The course provides an opportunity for those interested in becoming an ethical hacker / penetration tester the chance to learn the practical skills necessary to work in the field. Throughout the course, we will develop our own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We'll cover the red and blue sides. We'll also cover some of the boring stuff like report writing :).
    • Penetration Test Guide based on the OWASP + Extra
      • This guid[e] is for the penetration testers seeking for the appropriate test cases required during a penetration test project. I rearranged the OWASP Testing Guide v4 from my point of view including 9 Test Classes and each class has several Test Cases to conduct against the target. Each Test Case covers several OWASP tests which also is useful for the report document. I've also added 14 extra Tests Cases marked by the EXTRA-TEST. I hope it will be useful in both penetration test projects and bug-bounty.
    • SpecterOps Adversary Tactics: PowerShell Course *
  • Programming Classes/Courses
  • Regular Expressions
  • Reverse Engineering
    • Binary Auditing Training - Thorsten Schneider
      • The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses!
    • exrs - Binary Exploitation/Reverse Engineering Challenge training
      • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
    • mammon_'s tales to his grandson - Reverse Engineering
    • Software Modeling and Verification - Static Analysis
    • The Life of Binaries
      • Topics include but are not limited to:
        • Scanning and tokenizing source code.
        • Parsing a grammar.
        • Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code).
        • Linking object files together to create a well-formed binary.
        • Detailed descriptions of the high level similarities and low level differences between the Windows PE and Linux ELF binary formats. (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
        • How an OS loads a binary into memory and links it on the fly before executing it.
        • Along the way we discuss the relevance of security at different stages of a binary’s life, from the tricks that can be played by a malicious compiler, to how viruses really work, to the way which malware “packers” duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR).
    • Introduction to Reverse Engineering Software - Dartmouth
    • CSCI 4974 / 6974 Hardware Reverse Engineering
    • Reverse Engineering 101 - MalwareUnicorn
    • Reverse Engineering 102 - MalwareUnicorn
    • Binary Analysis Course - Max Kersten
      • This course starts at the very start, where it is assumed that the reader has little to no low level knowledge. It is expected that the reader is able to understand basic programming aspects such as functions/methods, variables, types and system calls. Unlike most courses, this course aims to only use free and open-source software. This way, everybody can participate and follow the course, whereas most other courses are focused on proprietary tools which cost up to thousands of dollars. This won’t exclude such tools from being used in additional examples later on, but they will not be used as the sole tool in an example. As the course progresses, the material gets more in-depth and complex. Throughout the chapters, there are practical cases included. These cases serve two purposes. Firstly, the reader is greeted with a puzzle every once in a while, instead of pure theory. Secondly, it provides insight in the reader’s learning curve with the help of a given case.
    • Reverse-Engineering-Intel-x64-101
      • Material for a RE 101 class on Intel x64 binaries
    • Android App Reversing 101 - Maddie Stone
    • Program Obfuscation, Fall 2013 - CSCI
      • The issue of program protection has never been more relevant. Commerical software companies need techniques to protect their intellectual property, malware authors try to slow the down the process of reversing and detecting their creations, and nation-states are creating cyber-weapons that they do not want reverse engineered and repurposed. Program protection is has two main approaches, tamper-resistance and obfuscation. Tamperresistance focuses on the detection and corruption of tools used to analyze programs. Obfuscation focuses on making a program hard to understand, even when under flawless analysis tools. Tamper-resistance techniques tend to be an arms race, of one off tricks versus analysis tool updates. Obfuscation offers a much more stable and provably secure avenue in which to protect programs. Obfuscation is thorougly grounded in the formal methods and proofs of cryptography. The only distinction between obfuscation and cryptography is the location of the key. In cryptography, the key is outside the system or data under analysis. In obfuscation, the obfuscated data and key are together, making it a challenging problem of its own. It is the difficulty of provable security and the great need program protection in the current day, that make this class relevant and necessary. In this readings class, we will focus on 15 of the most important works in program obfuscation. We will attain thorough understanding of these papers through paper reviews, discussion, and a project implementing an obfuscation scheme from one of the papers.
  • UEFI/BIOS Training
  • Web Security Focused Training
  • Wireless
    • Dissecting Industrial Wireless Implementations - DEF CON 25
    • RFID INFOSEC
      • RFID INFOSEC is designed to teach undergraduate students about radio frequency identification (RFID) information systems security (INFOSEC). It provides a system-wide description of a RFID system using a layered reference model that describes the tag, media interface, reader, network, middleware, and application layers. In addition, it addresses RFID security and privacy threats, risks, and mitigation techniques. These materials include lesson plans, slides, homework, laboratories, and assessment rubrics organized into modules.
  • Resources for Instructors and Trainers
You can’t perform that action at this time.