Hello, friends. I am looking for those who have expressed interest in CS or information security in the past, in the hopes of gauging your interest in getting hands-on experience with infosec tools and practices, from both an attack and defense standpoint.
Even if you've never used a command-line in your life, I hope to guide you from start to finish in understanding basic technological principles, several programming languages, and red/blue team methodologies.
I have currently planned for the course to be 8-12 weeks total, and hopefully for at least 3H a week, overall. This is dependent upon everyone's schedules and interests in the material. This is of course ***entirely-free*** for the first few weeks. Depending on how demanding this is, I may ask for a small, one-time deposit of $75 4-6 weeks into the course. You can decide by then whether or not you think the education is worth a meager $75 compared to the thousands you'd pay at a university for a semester of class. This is due to my own time constraints, and wanting to produce the best results for all students -- I'm not *really* looking to make money from this, but I plan to invest time into helping you even outside of class and some extra food money sounds like a good way to justify teaching. I am also happy to work with anyone on payment options in the future, and I understand if it doesn't come in a lump-sum.
"But why?"
I'd like to try my hand at designing a custom coursework that helps students in the infosec or CS community acquire skills that sometimes seem so "out-of-reach". I personally studied at a college that gave me much to be desired in terms of my education, so I took my education (and then career) into my own hands. This will personally be a meaningful career-resource for me, as I can demonstrate my ability to teach others information security concepts, as well as produce and maintain a working coursework that can be used by my own evaluators to determine my working knowledge of modern concepts. I also want to provide you with the tools you need to grow outside of the classroom, on your own time.
If you think you'd be interested, feel free to message me and sign up below! Remember that this is will be free for the first 4-6 weeks. I am hoping to start sometime in mid-November (due to me moving IRL), and will create a group for those interested. Coursework will not take place during holidays, and we will work together to plan times that we can have class. I hope to potentially record these as well for you to review after-the-fact, as well as provide comprehensive documentation (potentially as a powerpoint?) to you to use as a learning resource.
I am only looking to take 5-7 students overall. I currently have a few positions filled and I am mostly looking to gauge interest from others.
Spoiler for Planned first 4W course work:
Concepts
--------
(Anything marked as "Bonus lesson" may have to extend into after-class time, as concepts can be time-consuming)
1. Introduction to the command line
a) Basic command line tools, OS functionality
b) Overview of shells (bash, sh)
c) Jumping into unknown tools
d) Shell scripting
Bonus lesson: Utilize scripting languages or even standalone scripts to create and improve CLI apps.
2. Introduction to high-level scripting
a) Intro to python (books and resources provided)
b) Overview of structures in python (iteratives like dict and list, explain custom object / constructor behavior)
c) Creating our first server-application
Bonus lesson: We can create a TCP proxy and learn to read network data from a real-world MMO example.
3. Introduction to security methodologies
a) Intro API application in Java (handling data, security implications)
b) Discuss hosting application servers and containerization
c) Approach intro application from attack and defense standpoints
d) Briefly discuss exploitation process (Recon, exploit, priv-esc, post-exploit, persistence, data-exfil, payload deployment, etc)
e) Some tooling / toolset (nmap, dirbuster, sqlmap, fuzzing, etc); touch on automation
Bonus lesson: We will evaluate Zenyte's various servers, systems, and platforms to discuss security implementations that have contributed to our overall best-in-industry security posture.
4. Our first attack!
a) Understanding and approaching attack surface
b) Implementing the tools we've learned into recon / planning
c) Attempt to exploit the web application
d) Evaluate environment after exploitation, can we have root?
e) Purposes of the attack (post exploitation, persistence, priv-esc, etc) cover the entire attack process and what can be considered "universal flags" like root
Bonus lesson: We will evaluate attack a real vulnerable environment on HackTheBox and work together (primarily student-led) to at least compromise the application / user flag.
I am NOT taking money up-front for this. I am looking to provide a resource to users if I decide that others here are interested. Who I choose is at my own discretion, and solely based on my available time to contribute to this. Anyone interested will receive a confirmation of these terms and others via Rune-Server to provide both of us liability.
Update: Per discussion with staff I'd like to make this more clear; the service for the first 4 weeks is completely free. I will not "decide to charge you" at a later time -- you will decide whether or not this is worth your money. If you get picked and you decide you don't want to spend the $75 for whatever reason, that's your call and you do not owe me anything.
Sounds like this is going to be fun. November is going to be interesting.
10-21-2019, 04:25 AM
Suic
Good luck noele
10-21-2019, 04:41 AM
Verite
Looks interesting, i'd give it a try if I had more time.. i'm sure you will find students quickly though.
10-21-2019, 09:28 AM
DestructionPS
Only $75 IF I want to continue after said trial period? Why the heck not! I am sure this class will fill up in a matter of days. Good luck Noele.
10-21-2019, 03:13 PM
Patrity
This looks great Noele! I'd be honored to learn from someone with your experience. Depending on the final schedule and how you plan to administer the lessons, I'm always up for furthering knowledge!
10-21-2019, 10:36 PM
Noele
Quote:
Originally Posted by Patrity[Only registered and activated users can see links. Click Here To Register...]
This looks great Noele! I'd be honored to learn from someone with your experience. Depending on the final schedule and how you plan to administer the lessons, I'm always up for furthering knowledge!
Just make sure to fill out the form as entries are organized chronologically and that is how I will contact everyone to gauge interest and available times. :) I'd be happy to have you bud
10-21-2019, 11:05 PM
Guardian
vouch for noele, she cares about her people <3
10-24-2019, 02:58 AM
Noele
Just an update, it looks like I've gotten my place lined up and I'll hopefully be finished moving by the expected timeframe (second week of Nov). In the meantime I've sent out friend requests to all applicants. I'll make a separate discord server sometime tonight and shoot out invites.
