This past spring Prof. Xiuwen Liu and W. Owen Redwood taught the first of their Offensive Security classes at Florida State University. Courses like this are nothing new but the difference here is that they put the entire thing online … syllabus, videos, slides, assignments and all.
Included are 15 weeks of very technical content (about 20 actual 1 hour lectures and/or associated slides). Beyond the two books recommended in the syllabus (“Counter Hack Reloaded” by Ed Skoudis and Tom Liston and “Hacking: The Art of Exploitation, 2nd Edition” by Jon Erickson) the entire class is free.
I didn’t have a chance to go through the complete course but did spot check a few of the videos. Audio and video were of good quality and easy to follow. They plan on evolving this course over time each spring so expect content to improve from year to year. Also one thing to note … this class is not related to Offensive Security, the organization that maintains Backtrack and Kali Linux.
To wet your palate of what to expect here’s an embedded video of their Metasploit lecture as well as a quick overview of the topics covered each week.
- Week 1 Intro/Overview: Intro, Ethics, & Overview; Linux Overview
- Week 2 Overview/Code Auditing: Windows Overview; Rootkits; Code Auditing
- Week 3 Reverse Engineering Workshop Week: x86 Reverse engineering
- Week 4 Exploit Dev: Fuzzing/Exploit Dev 101; Shellcode/Exploit Dev 102
- Week 5 Exploit Dev / Networking: Exploit Dev 103 (SEH Exploitation, Heap Sprays, and Executable Security Mechanisms); Networking 101 (Data Layer, Link Layer, and IP layer)
- Week 6 Networking / Web App Hacking: Networking 102 (TCP layer, Important Protocols, Services, Portscanning, ARP); Web App Hacking 101
- Week 7 Web App Hacking: Web App Hacking 102 (SQLi, XSS); Web App Hacking 103 (SSL attacks, adv techniques)
- Week 8 Web App Hacking / Exploit Dev: Web App Hacking 104 & Exploit Dev 104; Midterm review & Exploit Dev 105 (ROP)
- Week 9 Special Topics: Modern History of Cyber Warfare; Social Engineering
- Week 10 Metaspl0it: Metasploit & Midterm
- Week 11 Post Exploitation/Forensics: Meterpreter/Post Exploitation; Volatility/IR
- Week 12 Physical Security: Lockpicking, USB mischief, & BacNET/SCADA security
- Week 13 Malware / Student Presentations
- Weeks 14 & 16: Student Presentations
To find out more on the FSU Offensive Security class, checkout their course site
Today’s post pic is from See ya!