Clone of https://github.com/rmusser01/Infosec_Reference . For those who would prefer to not be tracked by MS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

6.0 KiB

##Classes & Training

ToC

Cull General Sources/Repositories of Classes Incident Response and Forensics Training Programming Classes/Training Reverse Engineering Classes/Training

###Cull

exrs - Binary Exploitation/Reverse Engineering Challenge training

  • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.

ENISA CERT Exercises and Training

  • ENISA CERT Exercises and training material was introduced in 2008, in 2012 and 2013 it was complemented with new exercise scenarios containing essential material for success in the CERT community and in the field of information security. In this page you will find the ENISA CERT Exercise material, containing Handbook for teachers, Toolset for students and Virtual Image to support hands on training sessions.

Modern Binary Exploitation - CSCI 4968 - Spring '15

  • The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux based userland binary exploitation. It will then transitionin to protections found on modern systems(Canaries, DEP, ASLR, RELRO, FortifySource, etc) and the techniques used to defeat them.Time permitting, the course will also cover other subjects in exploitation including kernel land and Windows based exploitation.

armpwn

  • Repository to train/learn memory corruption exploitation on the ARM platform. This is the material of a workshop I prepared for my CTF Team.

DVWA

Hackingdojo

BVWA

mammon_'s tales to his grandson - Reverse Engineering

Software Modeling and Verification - Static Analysis

###General Sources/Repository of Classes

Hackr.io

  • Share and discover the best programming tutorials and courses online.

Open Security Training

Udemy

Coursera

Stanfordx

###General Classes

SEEDLabs

  • People learn from mistakes. In security education, we study mistakes that lead to software vulnerabilities. Studying mistakes from the past not only help students understand why systems are vulnerable, why a "seemly-benign" mistake can turn into a disaster, and why many security mechanisms are needed. More importantly, it also helps students learn the common patterns of vulnerabilities, so they can avoid making similar mistakes in the future. Moreover, using vulnerabilities as case studies, students can learn the principles of secure design, secure programming, and security testing.

###Incident Response/Forensics Training

Android Forensics & Security Testing - OpenSecurityTraining.info

###Penetration Testing Pentester Lab

  • PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.

FSU Offensive Security 2014

  • Florida State University Offensive Security 2014 Class materials

FSU Offensive Security 2013

  • Florida State University Offensive Security 2013 Class materials

###Programming Classes/Courses

asm - 0xAX

  • Learning assembly for linux-x64

Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration

  • This class serves as a foundation for the follow on Intermediate level x86 class. It teaches the basic concepts and describes the hardware that assembly code deals with. It also goes over many of the most common assembly instructions. Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations.

Win32 ASM tutorials - Iczelion

###Reverse Engineering

Binary Auditing Training - Thorsten Schneider

  • The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses!

exrs - Binary Exploitation/Reverse Engineering Challenge training

  • Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.

The Life of Binaries

  • Topics include but are not limited to:
  • Scanning and tokenizing source code.
  • Parsing a grammar.
  • Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code).
  • Linking object files together to create a well-formed binary.
  • Detailed descriptions of the high level similarities and low level differences between the Windows PE and Linux ELF binary formats. (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
  • How an OS loads a binary into memory and links it on the fly before executing it.
    *Along the way we discuss the relevance of security at different stages of a binary’s life, from the tricks that can be played by a malicious compiler, to how viruses really work, to the way which malware “packers” duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR).

###Web Security Focused Training

Google Gruyere - Web Application Exploits and Defenses