EE595 - Cyber Threat and Attack Techniques


Description:


Dr G.S. Knight
knight-s@rmc.ca

Rm S4104

6245


Maj Guillaume Vigeant
Guillaume.vigeant@rmc.ca
Rm S3213
8349

The primary objectives of this course are:

EE595 Course Outline
Suggestions for Term Paper Topics


Lectures:

Tuesdays: 1300 - 1430 hrs  in SB4112
Thursdays: 0900 - 1030 hrs in SB4112
Friday: 1000 - 1100 hrs in SB4112 (with CSL Research Group) (Occasional - Optional)

Seminar Schedule

Date

Topic

Labs & Assignments

References

12 Sep 17
Threat Categories
Risk Management

Unix Permissions - Interuptable Path
Scenario 0 - Kali Linux Install
Scenario 1 - Interuptable Path
Assignment 1
14 Sep 17
Unix Permissions - SUID Issues
Scenario 2 - SUID Abuse
Unix Permissions
Assignment 2
19 Sep 17
Maintaining root Access
Scenario 3 - Maintaining root Access
Assignment 3 - Maintaining root Access
21 Sep 17
Privilege Escalation - Password Cracking
Scenario 4 - Password Cracking
Assignment 4 - Password Attacks
26 Sep 17
Pass the Hash Scenario 5 - Authentication Protocol Abuse - Pass the Hash Assignment 5 -  Pass the Hash
28 Sep 17
Intro to SQL Injection
Scenario 6 - Introduction to SQL Injection Assignment 6 - Introduction to SQL injection
SQLi_basics.ppt
03 Oct 17 Advanced SQL Injection Scenario 7 - Advanced SQL Injection Assignment 7 - Advanced SQL injection
05 Oct 17 Advanced SQL injection – blind timing sqli Scenario 7 - Advanced SQL Injection Assignment 8 - Advanced SQL injection – blind timing sqli
10 Oct 17
Target Exploitation Framework
Scenario 9 - Preparation of the Battlespace
Assignment 9 - Passive Reconnaissance and Target Exploitation Framework
Preparation of the Battlespace - ICS Attack Ukraine - Dec 2015
12 Oct 17
The Meterpreter Payload
Scenario 10 - Taking Your Toolkit onto the Target (Part One and Two only)
Assignment 10 - Metasploit tutorial
17 Oct 17 Pivoting Scenario 10 - Taking Your Toolkit onto the Target (Part three)
19 Oct -
10Nov 17
SCINS RED TEAM SCINS Master Plan Fall 2017
Red Team Support for SCINS - Situation
14 Nov 17 Buffer Overflow Exploits Scenario 11-Your_first_Linux_Buffer_overflow
Scenario_11.2Introducing_pwntools_and_peda
Assignment 11 - Linux Buffer Overflow
16 Nov 17 Format String Attacks Scenario 12 - Format String Attacks
Assignment 12 - Format String Attacks
Lecture_12-Format_string_attacks
22 Nov 17 Return Oriented Programming Scenario 13 - Return Oriented Programming
Assignment 13 - Return Oriented Programming
23 Nov 17 Review for Exam

29 Nov 17 fuzzing demonstration with AFL

7 Dec 17 Final Exam Brief (0900 - 0930) Final Scenario - Challenge Based Penetration Test Exam - ROE
11 Dec 17 Final Exam Binary release EE595_Final_mystery_binary.7z
Archive password will be emailed at 0900 on 11 Dec

13-15 Dec 17 Final Exam
(48H 0900 13 Dec 2017 to 0900 15 Dec 2017)







 Links: