| Search (advanced search) | ||||
Use this Search form before posting, asking or make a new thread.
|
|
04-06-2014, 06:50 AM
Post: #1
|
|||
|
|||
Offensive Security (CIS4930 / CIS5930) - Florida State University (2013)
![[Image: Offensive_Security_CIS4930__CIS59.png]](http://i1133.photobucket.com/albums/m589/wowebooknet/tut4dl/Offensive_Security_CIS4930__CIS59.png) Video Format: MP4 File Size: 2.97 GB[/center] The primary incentive for an attacker to exploit a vulnerability, or series of vulnerabilities is to achieve a return on an investment (his/her time usually). This return need not be strictly monetary-an attacker may be interested in obtaining access to data, identities, or some other commodity that is valuable to them. The field of penetration testing involves authorized auditing and exploitation of systems to assess actual system security in order to protect against attackers. This requires thorough knowledge of vulnerabilities and how to exploit them. Thus, this course provides an introductory but comprehensive coverage of the fundamental methodologies, skills, legal issues, and tools used in white hat penetration testing, secure system administration, and incident response. Video description: Lecture 2: Linux Overview: This lecture covers the basics to an OS, Kernel vs user space, system calls, unix permissions, ruid vs euid etc…, ext file system (for the limited focus of forensics), persistence mechanisms used by malware, and /var/log, and more. Lecture 3: Windows Overview This lecture provides an overview of the registry and registry hives, persistence mechanisms used by malware, Portable Executable (PE) file format overview, window systems calls commonly used by malware, and the windows API. Lecture 4: Rootkits; Code Auditing The first half of this lecture covers rootkits and rootkit techniques for windows and linux. The second half covers code auditing concepts like design flaws, software analysis, vulnerability identification, signed bugs (int over/under flows), incorrect use of length params (strncpy, strncat, snprintf), format strings, … Lecture 5: x86 Reverse engineering This lecture is day one of our weeklong x86 reverse engineering workshop lead by guest lecturer Mitch Adair. Lecture 6: This lecture is day two of our weeklong x86 reverse engineering workshop lead by guest lecturer Mitch Adair. Lecture 7: Fuzzing and Exploit Development 101 This lecture covers a fuzzing overview, the basics of exploit development, environment variables, stack attacks, buffer overflow, nop-sleds, etc… Lecture 8: Shellcode and Exploit Development 102 Lectore topics: more on writing Shellcode (linux vs windows), win32 process memory map … Lecture 9: Exploit Development 103: SEH Exploitation, Heap Sprays, and Executable Security Mechanisms This lecture covers SEH exploitation, heap sprays, and executable security mechanisms like ASLR, DEP/NX, Stack Cookies… Lecture 12: Web application Hacking 101 This lecture addresses some of the big picture with the topics covered so far, and moves into web application security topics. Lecture 13: Web Application Hacking 102: Big picture of topics so far, SQLi, XSS This lecture's topices cover HTTP proxies, SQLi and XSS Lecture 14: Web Application Hacking 103: SSL attacks, advanced techniques This lecture's topics cover SSL/TLS, Certificate Authorities, and the serious problems with the Certificate Authority infrastructure, and a history of CA hacks / breaches, and SSL hacking tools like sslstrip … Lecture 15: Web Application Hacking 104 and Exploit Development 104 This class was two lectures in one. In the web application 104 lecture we cover topics like WAF, and IDS and how to evade them - which leads into the exploit development 104 lecture. In the exploit dev 104 section we cover topics like networking shellcode, polymorphic shellcode / encoders, and the methodology for defeating IDS/WAF Lecture 16: Midterm review and Exploit Development 105 (ROP) This lecture's first half is a review of topics for the midterm. The second half introduces Return Oriented Programming. Lecture 17: The Modern History of Cyber Warfare This lecture covers just a small sample of the major events one might consider part of the history of cyber warfare. The lecture discusses some of the potential tactical and strategic differences between traditional warfare and cyber warfare - as well as the policy and perspective hurdles we face today. This lecture happened shortly after the ground-breaking APT1 report from Mandiant. Lecture 18: Social Engineering The first portion of this video is a continuation of the previous lecture on cyber warfare. Afterwards, this lecture offers a new spin on social engineering - by staring with fundamental psychological flaws in the human brain, and discussing how they can be exploited… Lecture 19: Metasploit This lecture covers the metasploit framework, its interfaces, basic usage, and some of its utilities, along with a brief discussion of the social-engineering toolkit (SET)… Lecture 20: Meterpreter and Post Exploitation This lecture starts by finishing the SET discussion from last time, covers Windows access-tokens, then delves into meterpreter and post exploitation… Lecture 21: Volatility and Incident Response: This lecture covers an overview of Incident Response and delves into Volatility and memory analysis.. ![[Image: di-K1B6_zpsd6404f85.gif]](http://i1310.photobucket.com/albums/s650/shakir74/di-K1B6_zpsd6404f85.gif) If get link die or problem with unrar file , send request to >>>[[[Reported by Members as URL Shortener! Post the actual link!]]]<<</124uJzh Use 7zip for unrar if you get "Max 260 character" error Password for Unrar : tut4dl Code: [b][Uploaded][/b] |
|||
