Category: Tutorial   
Download Now


Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos
Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos
Size: 7.14 GB Type: Lectures & Videos




Description

Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos.

The primary incentive for an attacker to exploit a vulnerability, or series of vulnerabilities is to achieve a return on an investment (his/her time usually). This return need not be strictly monetary-an attacker may be interested in obtaining access to data, identities, or some other commodity that is valuable to them. The field of penetration testing involves authorized auditing and exploitation of systems to assess actual system security in order to protect against attackers. This requires thorough knowledge of vulnerabilities and how to exploit them. Thus, this course provides an introductory but comprehensive coverage of the fundamental methodologies, skills, legal issues, and tools used in white hat penetration testing, secure system administration, and incident response.

Lecture 1: Intro, Ethics, & Overview:
This lecture covers the course Intro, syllabus review, distinction between hacking vs. penetration testing, ethics discussion, course motivation, threat models and some of the basics.

Lecture 2: Secure C Coding 101:
What you absolutely need to know about secure coding in C. C is everywhere.

Lecture 3: Secure C Coding 102:
What you absolutely need to know about secure coding in C. C is everywhere.

Lecture 4: Code Auditing:
Auditing C Code, basic tips / strategies / and exercises

Lecture 5: The Permissions Spectrum:
Intro to Vulnerability Research topics and the Permissions spectrum.

Lecture 6: Reverse Engineering Workshop 1:
Guest lecturer Mitch Adair will lead a two day RE workshop, exposing students to x86 reverse engineering with IDA and CFF Explorer. Meet in the lecture room prepared

Lecture 7: Reverse Engineering Workshop 2:
Guest lecturer Mitch Adair will lead a two day RE workshop, exposing students to x86 reverse engineering with IDA and CFF Explorer. Meet in the lecture room prepared

Lecture 8: Fuzzing Lecture 1:
Coverage of Fuzzing techniques for SDL, VR, and other applications.

Lecture 9: MIDTERM REVIEW:

Lecture 10: Fuzzing Lecture #2 and Exploitation Lecture 101:
There are two videos for this lecture. The first half is a wrap up of fuzzing topics. The second half the beginning of the exploit development lectures.

Lecture 11: Exploit Development 102:
Second lecture in the exploit development lecture series. Covering the very very basics of exploitation. Concept of ret2libc is covered, examples with basic exit() shellcode, and some position-independent basic shellcode.

Lecture 12: Exploit Development 103:
Third lecture in the exploit development lecture series. Coverage of heap and format string exploitation (with demos), as well as exploit mitigations (ASLR, NX/DEP, stack cookies, EMET, etc...)

Lecture 13: Networking Lecture 101:
This lecture covers an overview of networking concepts and network security concepts. Topics covered: Wireshark, Nmap, nc, Hubs vs switches vs routers, manufacturer default logins / backdoors... ARP & dns (dnssec), proxies, weak IP vs strong IP model (RFC 1122)

Lecture 14: Exploit Development 102

Lecture 15: Wireshark and Web Application Hacking/Security 101:
Its a bit shorter than other videos as the class time is split between this lecture and a wireshark/tcpflow demo. This lecture addresses some of the big picture with the topics covered so far, and moves into web application security topics, as well as a very basic demo using BurpSuite as a HTTP Proxy.

Lecture 16: Web Application Hacking/Security 102:
Coverage of SQLi, XSS, Metacharacter Injection, OWASP top 10, and demos.

Lecture 17: Web Application Hacking/Security 103

Lecture 18: Web Application Hacking/Security 104 and Exploitation 104:
This class was two lectures in one. In the web application 104 lecture we cover topics like WAF, and IDS and how to evade them - which leads into the exploit development 104 lecture. In the exploit dev 104 section we cover topics like networking shellcode, polymorphic shellcode / encoders, and the methodology for defeating IDS/WAF.

Lecture 19: Midterm review #2 and Exploitation 105:
This lecture covers ret2libc, return chaining, ROP, how calling conventions affect ROP, how ROP is used to defeat DEP, how ASLR affects ROP, how to defeat ASLR to enable ROP, stack pivoting, and etc... This lecture is just the concepts, next time is the demos.

Lecture 21:
Guest Lecturer Devin Cook on ROP and a brief history of exploitation: Devin Cook presented a recap of all the exploitation techniques covered thus far and lectured on ROP and presented demos on ROP exploitation. Lastly defenses against ROP were discussed.

Lecture 22: Metasploit:
This lecture covers the Metasploit framework.

Lecture 23: Meterpreter and Post Exploitation:
Post exploitation, Windows authentication / tokens, and pivoting techniques are covered. Demos of SET, Meterpreter, and etc are

Lecture 24: Volatility and Forensics:
Old video covering Volatility and performing forensic analysis on hacked machines.

Lecture 25: Revisiting Old Topics:
Wrapping up the course, revisiting old topics: stack cookies and going in depth on how they are bypassed, covering the SSL bugs, digitally signed malware, and then the big picture.

Lecture 26: Social Engineering

[/b]


Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos


I recommends Buy premimum account for High speed+parallel downloads!

rapidgator


Download From Nitroflare


uploaded


Direct Download


Tags: Offensive, Computer, Security, Spring, Lectures, Videos

Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos Fast Download via Rapidshare Hotfile Fileserve Filesonic Megaupload, Offensive Computer Security (CIS4930 - CIS5930). Spring 2014 Lectures & Videos Torrents and Emule Download or anything related.
Author: shareislove  |  Comments: 0  |  Views: 0  
Dear visitor, you went to the site as unregistered user.
We recommend you Register or enter the site under your name.
Information
Members of Guest cannot leave comments.