Classes & Training

Table of Contents

• Cull
• General Security Classes
• General Sources/Repositories of Classes
• Incident Response and Forensics Training
• Penetration Testing Training
• Programming Classes/Training
• Reverse Engineering Classes/Training
• Exploitation Development Training
• UEFI/BIOS Training
• Web Security Focused Training
• Resources for instructors/Trainers

---

Sort

End Sort

---

Heads Up

These classes are all focused on computer/information security. If you're looking for online courses to learn material other than the mentioned, check out "coursera.com", Standford's online classes or MIT's online courses.

• Coursera
• MIT OpenCourseware
• Standford
• Udemy

---

General Sources/Repository of Classes

• Hackr.io
  • Share and discover the best programming tutorials and courses online.
• [Open Security Training](https://www.opensecuritytraining.info
• Class Central
  • Search engine for MooCs

General Classes

• Learning How to Learn
  • Free Coursera Course
  • About this course: This course gives you easy access to the invaluable learning techniques used by experts in art, music, literature, math, science, sports, and many other disciplines. We’ll learn about the how the brain uses two very different learning modes and how it encapsulates (“chunks”) information. We’ll also cover illusions of learning, memory techniques, dealing with procrastination, and best practices shown by research to be most effective in helping you master tough subjects.
• ENISA CERT Exercises and Training
  • ENISA CERT Exercises and training material was introduced in 2008, in 2012 and 2013 it was complemented with new exercise scenarios containing essential material for success in the CERT community and in the field of information security. In this page you will find the ENISA CERT Exercise material, containing Handbook for teachers, Toolset for students and Virtual Image to support hands on training sessions.
• SEEDLabs
  • People learn from mistakes. In security education, we study mistakes that lead to software vulnerabilities. Studying mistakes from the past not only help students understand why systems are vulnerable, why a "seemly-benign" mistake can turn into a disaster, and why many security mechanisms are needed. More importantly, it also helps students learn the common patterns of vulnerabilities, so they can avoid making similar mistakes in the future. Moreover, using vulnerabilities as case studies, students can learn the principles of secure design, secure programming, and security testing.
• Teach Yourself Computer Science
• Technical Development Guide - Google
• OSS University - Computer Science
  • Path to a free self-taught education in Computer Science!
• cs-video-courses
  • List of Computer Science courses with video lectures.

---

Incident Response/Forensics/NSM Training

• Android Forensics & Security Testing - OpenSecurityTraining.info
• CS 259D Data Mining for Cyber Security Autumn 2014

---

Mobile Application Security

• Mobile Security Trainings
  • Mobile security trainings based on android

---

Penetration Testing

• Pentester Lab
  • PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.
• FSU Offensive Security 2014
  • Florida State University Offensive Security 2014 Class materials
• FSU Offensive Security 2013
  • Florida State University Offensive Security 2013 Class materials
• HackSplaining
  • Security training aimed towards developers. Free.

---

Programming Classes/Courses

• asm - 0xAX
  • Learning assembly for linux-x64
• Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
  • This class serves as a foundation for the follow on Intermediate level x86 class. It teaches the basic concepts and describes the hardware that assembly code deals with. It also goes over many of the most common assembly instructions. Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations.
• Win32 ASM tutorials - Iczelion
• Network Examples - knorrie
  • Linux networking examples and tutorials
• Low-Level Programming University
  • This page is for beginners who want to be low-level programmers. I'm inspired by google-interview-university. I'd like to share my experience and show a roadmap to becoming a low-level programmer because I have found that these skills are not as common as they once were. In addition, many students and beginners ask me how they could become low-level programmers and Linux kernel engineers.

---

Regular Expressions

• RegEx Crossword
  • Learn RegEx through crosswords

---

Reverse Engineering

• Binary Auditing Training - Thorsten Schneider
  • The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses!
• exrs - Binary Exploitation/Reverse Engineering Challenge training
  • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
• mammon_'s tales to his grandson - Reverse Engineering
• Software Modeling and Verification - Static Analysis
• The Life of Binaries

* Topics include but are not limited to: 
*	Scanning and tokenizing source code. 
*	Parsing a grammar.  
*	Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code).  
*	Linking object files together to create a well-formed binary.  
*	Detailed descriptions of the high level similarities and low level differences between the Windows PE and Linux ELF binary formats. (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
	* How an OS loads a binary into memory and links it on the fly before executing it.   
	* Along the way we discuss the relevance of security at different stages of a binary’s life, from the tricks that can be played by a malicious compiler, to how viruses really work, to the way which malware “packers” duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR).

• Introduction to Reverse Engineering Software - Dartmouth
• CSCI 4974 / 6974 Hardware Reverse Engineering

---

Exploit Development Training

• exrs - Binary Exploitation/Reverse Engineering Challenge training
  • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
• BFH Exploiting & Defense Course - Dobin Rutishauser
• Modern Binary Exploitation - CSCI 4968 - Spring '15
  • The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux based userland binary exploitation. It will then transitionin to protections found on modern systems(Canaries, DEP, ASLR, RELRO, FortifySource, etc) and the techniques used to defeat them.Time permitting, the course will also cover other subjects in exploitation including kernel land and Windows based exploitation.
• armpwn
  • Repository to train/learn memory corruption exploitation on the ARM platform. This is the material of a workshop I prepared for my CTF Team.
• BinTut
  • Dynamic or live demonstration of classical exploitation techniques of typical memory corruption vulnerabilities, from debugging to payload generation and exploitation, for educational purposes

---

Machine Learning

• IntroductionToMachineLearningForSecurityPros

---

UEFI/BIOS Training

• firmware-security-training

Web Security Focused Training

• Google Gruyere - Web Application Exploits and Defenses
• Professionally Evil Web App Pen Testing 101 Course - secureideas
• OWASP Broken Web Applications Project
  • OWASP Broken Web Applications Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.
• OWASP Juiceshop
  • OWASP JuiceShop Gitbook walkthrough
  • Video Walk through by Sunny Wear
• hacker101
  • Hacker101 is structured as a set of video lessons -- some covering multiple topics, some covering a single one -- and can be consumed in two different ways. You can either watch them in the order produced as in a normal class (§ Sessions), or you can watch individual videos (§ Vulnerabilities). If you're new to security, we recommend the former; this provides a guided path through the content and covers more than just individual bugs.

Wireless

• Dissecting Industrial Wireless Implementations - DEF CON 25
  • https://github.com/vortessence/vortessence
• RFID INFOSEC
  • RFID INFOSEC is designed to teach undergraduate students about radio frequency identification (RFID) information systems security (INFOSEC). It provides a system-wide description of a RFID system using a layered reference model that describes the tag, media interface, reader, network, middleware, and application layers. In addition, it addresses RFID security and privacy threats, risks, and mitigation techniques. These materials include lesson plans, slides, homework, laboratories, and assessment rubrics organized into modules.

Data Science

• CS 259D Data Mining for Cyber Security Autumn 2014

---

Resources for Instructors and Trainers

• How To Give A Digital Security Training
• LevelUP
  • Resources for the global digital safety training community.
• Be a Better Trainer
• Teaching Evil - Chris Niemira
• The Distribution of Users’ Computer Skills: Worse Than You Think