Jul 18, 2024  
2019-2020 Course Catalog 
2019-2020 Course Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CVF 1205 - Scripting and Python for Cybersecurity Professionals

Credits: 3
Hours/Week: Lecture 2 Lab 2
Course Description: This course is designed to appeal to a wide variety of backgrounds ranging from students without any coding experience all the way up to skilled Python developers looking to increase their expertise and map their capabilities to penetration testing. This course includes several hands-on labs designed to teach students the skills required to develop Python programs and how to apply those skills in penetration testing engagements. Topics include introduction to Linux scripting, Windows scripting, basic concept of Python and progress to advanced topics and their applications.
MnTC Goals

Prerequisite(s): None
Corequisite(s): None
Recommendation: CVF 1085  with a grade of C or higher OR instructor consent. System administration experience on Microsoft Windows or Linux operating systems.

Major Content
  1. Python Scripting - Language Essentials
    • Introduction to Interpreted Languages and Python
    • Data Types and variables
    • Operators and Expressions
    • Program Structure and Control
    • Functions and Functional Programming
    • Classes, Objects and other OOPS concepts
    • Modules, Packages and Distribution
    • Python in Linux and Unixes
    • Python in Windows
    • Python in Mobiles: iPhone and Androids
    • Python in Embedded Devices: Routers
    • Program Portability
    • Lab Exercises Module
  2. System Programming and Security
    • I/O in Python
    • File and Directory Access
    • Multithreading and Concurrency
    • Inter Process Communication (IPC)
    • Permissions and Controls
    • Case Studies
    • Lab Exercises Module
  3. Network Security Programming - Sniffers and Packet Injectors
    • Raw Socket basics
    • Socket Libraries and Functionality
    • Programming Servers and Clients
    • Programming Wired and Wireless Sniffers
    • Programming arbitrary packet injectors
    • PCAP file parsing and analysis
    • Case Studies
    • Lab Exercises Modeule
  4. Web Application Security
    • Web Servers and Client scripting
    • Web Application Fuzzers
    • Scraping Web Applications - HTML and XML file analysis
    • Web Browser Emulation
    • Attacking Web Services
    • Application Proxies and Data Mangling
    • Automation of attacks such as SQL Injection, XSS etc.
    • Case Studies
    • Lab Exercises Module
  5. Exploitation Techniques
    • Exploit Development techniques
    • Immunity Debuggers and Libs
    • Writing plugins in Python
    • Binary data analysis
    • Exploit analysis Automation
    • Case Studies
    • Lab Exercises Module
  6. Malware Analysis and Reverse Engineering
    • Process Debugging basics
    • Pydbg and its applications
    • Analyzing live applications
    • Setting breakpoints, reading memory etc.
    • In-memory modifications and patching
    • Case Studies
    • Lab Exercises Module
  7. Attack Task Automation
    • Task Automation with Python
    • Libraries and Applications
    • Case Studies
    • Lab Exercises Module
  8. Further Study and Roadmap
    • Course consolidation
    • Interesting project ideas to pursue Module
  9. Exam Pattern and Mock Exam
    • Exam format
    • Example Questions
    • Mock Exam

Learning Outcomes
At the end of this course students will be able to:

  1. use Python to launch Metasploit basics and framework organization.
  2. create server and client side exploitation using Python.
  3. launch Meterpreter - extensions and scripting using Python.
  4. write a script to launch database integration and automated exploitation.
  5. write Python script to create Post Exploitation Kung-Fu.
  6. create a token stealing and impersonation, backdoors and rootkits, pivoting and port forwarding using Python.
  7. use Python script to create Railgun and custom scripting, backdoor an executable.
  8. write Metasploit modules - auxiliary and exploit using batch and Python script.
  9. create exploit research with Metasploit- buffer overflows, SEH using Python.
  10. design Social Engineering Toolkit (SET) and Armitage with Python script.
  11. use Python and scripting solution to solve a scenario-based hacking using Metasploit.

Competency 1 (1-6)
Competency 2 (7-10)

Courses and Registration

Add to Portfolio (opens a new window)