HITB⁺ CyberBattle of the Emirates

Menu

Hands-On Technical Training

End August - Early September 2019

All students will be required to undergo a technical assessment before being selected for the final training program.

A list of essential reading materials to help you prepare can be found at the bottom of this page.

High School Students

Overview

The boot camp gives knowledge level to get started in to capture the flag (CTF) challenges for High Schools and what it could mean to defend the system against attackers or be in offensive side and carry on different kind of attacks via different attack vectors and attack scenarios. During the boot camp participants will learn different areas in cyber security and face hands-on exercises while participating in this bootcamp. Complete course will include 12 capture the flag challenges as pre warm up and final CTF challenge facing other teams.

In this course, the attendees can learn cyber security basics, different programming and scripting language aspects, networking, server configuration and hardening, target scaning and enumeration and vulnerability discovery:

  • Get introduced to cyber security
  • Strengths of knowing programming languages, code review
  • Basic reverse engineering of applications
  • Understand networking basics and how devices are communicating over network layer
  • Perform virtual server setup and hardening
  • Target scanning and enumeration with Kali Linux and most common use of a tools used by penetration testers
  • Exploit vulnerabilities in controlled environment.
Prerequisite Knowledge
  • English language skills are required
  • Ideally, students should have some experience in different operating systems like Windows and Linux.
  • Programming skills in any standard scripting language like HTML, Javascript, PHP would be helpful.
  • The students’ workstation will be Windows or Linux – (Ubuntu workstation) in addition we will work with Kali Linux; therefore, knowledge level of working with Windows and Linux systems is expected as students should have very good experience using Graphical user interface and have basic knowledge of simple command line commands.
Training Agenda

Time planning

The Days will be divided into 4 sessions, small breaks and a lunch as following:

08:15 – 09:00 – Morning gathering and coffee

09:00 – 10:30 – Session 1

10:30 – 10:45 – Small break / coffe and snacks

10:45 – 12:15 – Session 2

12:15 – 13:15 – Lunch break

13:15 – 14:45 – Session 3

14:45 – 15:00 – Small break / coffee and snacks

15:00 – 16:00 – Session 4

Day 1:

·      Overall idea and concept of cyber security  

o   Threats in cyber space

o   Defensive cyber security basics

o   Offensive cyber security basics

·      Legal aspects of Cyber

·      Network topology

o   IP address segmentation

o   Network traffic analysis  

o   Network attack vectors

·       “ME” in Cyberspace

o   Why there is a need for cyber security professionals

o   Cyber security in military organizations

o   OSINT

·      Virtualization overview

o   Benefits of virtualization – Common software solutions and configurations

o   Virtual Machine Setup

Day 2

·      Intro to programming technologies

o   Reversing and debugging web applications

o   Vulnerability discovery

o   Web based backdoors

·      Understand how information is stored and accessed via local network

o   Understand storage concept

o   Permission importance and access control rules

·      Encryption methods

o   Ransomware examples – when Hackers encrypt

·      Web server setup

o   Web server hardening

o   Web server vulnerabilities

o   Attacking web servers (reconnaissance, scanning, exploitation)

Day 3

    ·      Breach compilation of recent cyber attacks

    o   Examples how companies get compromised

    o   Bad Operational Security

    o   How to “Stay under the Radar”

    ·      Hackers Toolbox

    o   Use of different tools in offensive operations

    ·      Capture The Flag (CTF) Challenges

    o   12 practical warm-up CTF Challenges

      Day 4

      • Final Capture The Flag (CTF)

      University Students

      Overview

      The boot camp gives an overview of how penetration testers and hackers think, practical work to develop participants’ imagination and what it could mean to defend against attackers. During the boot camp participants will face hands-on problems to solve using the previously introduced tools and knowledge.

      In this course, the attendees can observe how pen testers and hackers work in a closed-environment:

      • Get introduced to the phases of a penetration testing:
        • Reconnaissance
        • Scanning and Enumeration
        • Gaining Access
        • Privilege Escalation
        • Lateral Movement
      • Provide an overview of possible and common pen testers and attacker tools
      • Understand potential reconnaissance strategies
      • Understand, observe and conduct different approaches to network scanning
      • Understand memory corruption vulnerabilities
      • Explore web application security
      • Observe and conduct different methods of stealing credentials from Windows systems
      • Conduct man-in-the-middle attacks
      • Exploit vulnerabilities in custom-built web applications.
      Prerequisite Knowledge
      • Ideally, students should have experience in administrating Windows and Linux based systems, understand the main networking protocols (e.g. ARP, IP, ICMP, TCP, UDP, DNS, HTTP, SNMP, SMTP), and have some experience with web technologies (like HTML, PHP, JavaScript) as well as relational database management systems (MySQL)
      • Programming skills in any standard language would be helpful
      • Advanced English language skills are required
      • The students’ workstation will be based on Kali Linux; therefore, user-level knowledge of working with Linux systems is expected as a minimum
      Training Agenda

      Time planning

      The Days will be divided into 4 sessions, small breaks and a lunch as following:

      08:15 – 09:00 – Morning gathering and coffee

      09:00 – 10:30 – Session 1

      10:30 – 10:45 – Small break / coffe and snacks

      10:45 – 12:15 – Session 2

      12:15 – 13:15 – Lunch break

      13:15 – 14:45 – Session 3

      14:45 – 15:00 – Small break / coffee and snacks

      15:00 – 16:00 – Session 4

      Day 1:

        ·      Session 1 – Intro & Description of Lab Environment

        ·      Session 2 – Reconnaissance

        ·      Session 3 – Scanning and Enumeration

        o   Network scanning: host discovery, port scanning, version detection, scanning in IPv6 networks

        o   DNS and SNMP enumeration

         

        ·      Session 4 – Credential Attacks

        o   Methods for storing the passwords

        o   Pass-the-hash

          Day 2:

            ·      Session 1 – Attacks and Defence of Network Infrastructure

            o   Mac flooding, ARP attacks, VLAN hopping, man-in-the-middle attacks in IPv6 networks

            o   Port security, private VLANs, DHCP snooping and dynamic ARP inspection, 802.1x

             

            ·      Session 2 – Various Branded Vulnerabilities

            o   Kernel exploiting – Dirty COW,

            o   CGI-based web server exploiting – Shellshock,

            o   OpenSSL exploiting – Heartbleed

            ·      Session 3 – DNS

            o   DNS protocol overview

            o   DNS attacks: tunnelling, rebinding, snooping, cache poisonining

            ·      Session 4 – Memory Exploitation

            o   Binary patching

            o   Buffer overflow privilege escalation

              Day 3:

              • Session 1 – Web Application Security – Client Side
                • Main building blocks of web applications
                • Session management and authentication attacks
                • Cross-site scripting
              • Session 2-4 – Web Application Security – Server Side
              • Path traversal
              • Injection attacks:
                • SQL injection,
                  • Error-based SQLi
                  • Union-based SQLi
                  • Time-based Blind SQLi
                • OS command injection,
                • file inclusion,
                • insecure file upload functionalit

                  Day 4:

                    • Final Capture The Flag (CTF)

                    Participant Laptop Requirements

                    Laptop minimal requirements for the training that each participant should have:

                    • OS: MS Windows 10 x64 or GNU/Linux Ubuntu 18.04 x64 desktop or Kali rolling x64 (recommended – Kali rolling x64)
                    • CPU: Intel i5 (recommended – Intel i7)
                    • HDD: 500 GB (recommended – 1TB SSD)
                    • RAM: 8GB DDR4 (recommended – 16GB DDR4)
                    • NIC: RJ45 10/100 (recommended – RJ45 100/1000)

                    The laptops must have the following software installed:

                    1. RDP access (Windows: built-in mstsc, Linux: Remmina)
                    2. VNC access (Windows: TigerVNC, RealVNC, Linux: gvncviewer)
                    3. SSH access (Windows: PuTTy, Linux: SSH client)
                    4. VPN access (Windows: Cisco Anyconnect, Linux OpenConnect)
                    5. Burp Suite Community Edition
                    6. Web browser (Google Chrome or Firefox)

                     

                    You should have full administrative privileges and access to the laptop.

                    Don’t have a laptop with the right specifications? Email us.

                    Pre-Training Essential Reading

                    This list of reading materials will help you prepare for the per-assessment technical test and also give you insights into the areas you’ll need to understand to get the most of out of this training session.

                    Click the tabs above to show the list of reading materials

                    Basics

                    Networking basics

                    Basic networking essentials

                    OSI model & OSI model vulnerabilities

                    Students must know the layer structure and common risks

                    Virtualization (VirtualBox examples)

                    Students should be able to deploy virtual machine

                    Operating systems (CMD & Terminal basic commands)

                    Commands is a must

                    Vulnerabilities

                    Common vulnerabilities in web applications

                    CTF related information

                    Ideas, writeups and hands on practice tasks before bootcamp

                    Advanced

                    Networking

                    More on networking like how to pivot and IPv6  related information

                    Exploit development

                    Exploit development basics and Metasploit exploit development examples

                    Basics

                    Networking

                    OSI model & OSI model vulnerabilities

                    Operating systems

                    Web

                    Vulnerabilities

                    CTF related information

                    Advanced

                    Networking

                    Exploit development

                    Reverse engineering

                    Containers

                    Web

                    Cryptography

                    CTF related & Hands on

                    Your Trainers

                    Egils Malbergs

                    Senior Cyber Security Engineer, CybExer Technologies

                    Egils Malbergs is a Senior Cyber Security Engineer at CybExer Technologies. He is working with customers across industries to identify and report security flaws from computer systems, networks and infrastructure. Malbergs has extensive experience with institutions from government, defense, financial, critical infrastructure, education and other industries from Eurasia and Gulf region. He has carried out numerous technical exercises and trainings, performed penetration tests, red teaming and other defensive and offensive operations. Malbergs previous career encompasses deep knowledge from security engineering, systems administration, full stack development and also teaching and training.

                    Rain Nõmmsalu

                    Cyber Security Specialist, CybExer Technologies

                    Rain Nõmmsalu is a Cyber Security Specialist at CybExer Technologies. He designs and executes offensive operations for penetration testing and also develops red teaming and penetration testing automation solutions. Nõmmsalu has worked with institutions from government, defence, financial, critical infrastructure, education and other industries from Eurasia and Gulf region. He has also strong experience with maintaining and developing computer networks, firewalls, intrusion prevention system and other security tools. He has previously worked with government agency in cyber security incident response capacity. Nõmmsalu has studied Information Technology at Helsinki Metropolia University of Applied Sciences and holds Cisco CCNA Cyber Ops certificate.