Skip to content
O'Reilly home
CSA+ (CompTIA Cyber Security Analyst)

Cybersecurity Fundamentals Bootcamp

Published by O'Reilly Media, Inc.

Nov. 29 & 30, 2021

4 - 7 p.m. Coordinated Universal Time

64 Spots Remaining

Sign up for a free trial!

or sign in.

Registration closes Nov. 28, 2021 11 p.m. Coordinated Universal Time

What you’ll learn and how you can apply it

By the end of this live online course, you’ll understand:

  • How the web works
  • Basic file permissions in a Linux environment
  • How to create a lab environment to test the security of web applications
  • How and where to attack web applications
  • Why you should never trust user inputs
  • What a network packet is and how it encapsulates the OSI model
  • The difference between encoding and encryption
  • Malware classes and terminologies
  • Malicious strategies and tactics that malware authors use
  • How to capture scripts, malware samples, passwords, vulnerabilities, and commands attackers are using

And you’ll be able to:

  • Build a web server on a virtual machine
  • Install and configure web applications on a web server
  • Break web applications using a web browser and proxy
  • Reconstruct files and catch sensitive information from network traffic
  • Verify sensitive information without illegally logging into a system
  • Filter network traffic by IP address(es), protocol, and strings
  • Obtain IP addresses and associated domains in a set of network traffic
  • Spot and analyze malicious files and URLs
  • Reconstruct malware and malicious activities from network traffic
  • Build and set up a honeypot to lure attackers

This live event is for you because…

  • You’re a web developer who wants to know more about cybersecurity.
  • You’re a software engineer or web developer who wants to transition into cybersecurity.
  • You're interested in cybersecurity and penetration testing (ethical hacking).
  • You’re a security practitioner who seeks a more holistic understanding of the web.

Prerequisites

  • A basic understanding of web development (familiarity with HTML and JavaScript) and SQL (using SELECT and INSERT statements)
  • Familiarity with Git (using git clone)
  • A level of comfort using and installing software in a Linux environment using the command line
  • A computer with Wireshark installed (required to participate in exercises)

Recommended preparation:

Recommended follow-up:

Schedule

The timeframes are only estimates and may vary according to how the class is progressing.

How the web works (25 minutes)

  • Presentation and demo: Telephone conversation analogy; network basics—client, server, IP address, port number, and protocols; HTTP; request and response headers and bodies; status codes; developer tools on web browser
  • Hands-on exercises: Use HTTP and developer tools on web browser
  • Q&A

Virtual machines (10 minutes)

  • Presentation and demo: Why virtual machines?; creating a Linux server virtual machine
  • Q&A

The web server in a virtual machine (25 minutes)

  • Presentation and demos: NGINX overview; Linux file permissions; installing NGINX, PHP, and MySQL server; configuring NGINX web server
  • Hands-on exercise: Files on web server root
  • Q&A
  • Break

Installing Damn Vulnerable Web Application and Mutillidae (10 minutes)

  • Presentation and demos: DVWA and Mutillidae overview; downloading, installing, and configuring DVWA and Mutillidae; creating database user
  • Q&A

Basic web security (35 minutes)

  • Presentation: The state of web security; OWASP Top 10; cross-site scripting (XSS); SQL and command injection
  • Hands-on exercises: XSS (reflected and stored), SQL, and command injection on DVWA
  • Q&A

Web proxy and Burp Suite (25 minutes)

  • Presentation and demo: Web proxy overview; revisiting the XSS (stored) exercise on DVWA; using Burp Suite
  • Hands-on exercise: JavaScript on DVWA
  • Q&A
  • Break

Packet analysis and basic networking (30 minutes)

  • Presentation: Packet analysis; Wall of Sheep at DEF CON; the Mirai botnet; OSI model; TCP/IP; the three-way handshake; What is a PCAP file?

Wireshark (20 minutes)

  • Presentation and demo: Wireshark overview; walk-through of Wireshark interface
  • Hands-on exercise: Open simple PCAP file
  • Q&A

Day 2: Packet Analysis, Malware, and Threat Hunting

Reconstructing files (20 minutes)

  • Presentation and demo: Network protocols overview; reconstructing a conversation in Wireshark
  • Hands-on exercises: Extract pictures from FTP traffic; reconstruct a media file (unknown protocol used)
  • Q&A

Finding and verifying plaintext credentials (20 minutes)

  • Presentation: Base64 overview; basic HTTP authorization
  • Hands-on exercises: Find and verify credentials sent in plain text
  • Q&A

Finding and reconstructing content from a large network traffic set (25 minutes)

  • Presentation and demos: Shortcut for identifying credentials sent in plain text; string searching and filtering in Wireshark; getting a list of domains and IP addresses
  • Hands-on exercises: Find and verify credentials sent in plain text
  • Q&A
  • Break

Malware preliminaries (30 minutes)

  • Presentation and demo: Terminology; malware families; how do viruses and worms work?; a harmless virus
  • Hands-on exercises: Use VirusTotal; scan malicious traffic

Analyzing network traffic containing malware (15 minutes)

  • Presentation: Analyzing a PCAP containing malicious traffic; where to find more samples of malicious traffic
  • Q&A

Backdoors (15 minutes)

  • Presentation: Policy issues; Tini
  • Hands-on exercise: Analyze Tini
  • Q&A
  • Break

Android malware (25 minutes)

  • Presentation: Android app lifecycle, structure, and permissions; using Apktool
  • Hands-on exercise: Analyze a live Android malicious app
  • Q&A

Threat hunting and honeypots (30 minutes)

  • Presentation: Honeypots; threat hunting; countering the cyber kill chain; relevant data; setting up a Cowrie honeypot; Kippo-Graph
  • Hands-on exercises: Break into honeypot; analyze real malicious script
  • Group discussion: Review data
  • Q&A

Your Instructor

  • Ming Chow

    Ming Chow is an associate teaching professor within the Department of Computer Science at Tufts University. His areas of interest are web and mobile security. Ming has spoken at numerous organizations and conferences including the HTCIA, OWASP, InfoSec World, Design Automation Conference (DAC), DEF CON, Intel, SOURCE, HOPE, BSides, and ACM SIGCSE. He’s served as a mentor to a BSides Las Vegas Proving Ground track speaker since 2014, a track focused on helping new speakers in the information security and hacker communities acclimate to public speaking. Ming was recognized with the 2016 Henry and Madeline Fischer Award, given to the faculty member of the Tufts School of Engineering judged by graduating seniors to be “Engineering’s teacher of the year,” as well as the 2017 Lerman-Neubauer Prize for Outstanding Teaching and Advising recipient at Tufts, awarded to a faculty member who has had a profound intellectual impact on their students, both inside and outside the classroom.

Start your free 10-day trial

Get started

Want to learn more at events like these?

Get full access to O'Reilly online learning for 10 days—free.

  • checkmark50k+ videos, live online training, learning paths, books, and more.
  • checkmarkBuild playlists of content to share with friends and colleagues.
  • checkmarkLearn anywhere with our iOS and Android apps.
Start Free TrialNo credit card required.