Automating Information Security with Python Training
Automating Information Security with Python Training Course Hands-on
This Automating Information Security with Python Training course is designed to give you the skills you need for tweaking, customizing, or outright developing your own tools. We put you on the path of creating your own tools, empowering you in automating the daily routine of today’s information security professional, achieving more value in less time. Again and again, organizations serious about security emphasize their need for skilled tool builders. There is a huge demand for people who can understand a problem and then rapidly develop prototype code to attack or defend against it.
All security professionals, including Penetration Testers, Forensics Analysts, Network Defenders, Security Administrators, and Incident Responders, have one thing in common. CHANGE. Change is constant. Technology, threats, and tools are constantly evolving. If we don’t evolve with them, we’ll become ineffective and irrelevant, unable to provide the vital defenses our organizations increasingly require.
Maybe your chosen Operating Systems has a new feature that creates interesting forensics artifacts that would be invaluable for your investigation, if only you had a tool to access it. Often for new features and forensics artifacts, no such tool has yet been released. You could try moving your case forward without that evidence or hope that someone creates a tool before the case goes cold…or you can write a tool yourself.
With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.
Essentials Workshop with pyWars
The course begins with a brief introduction to Python and the pyWars capture the flag game. We set the stage for students to learn at their own pace in the 100% hands-on pyWars lab environment. As more advanced students take on Python-based Capture The Flag challenges, students who are new to programming will start from the very beginning with Python essentials, including:
● Python Syntax, Variables, Math Operators, Strings, Functions, Modules, Control Statements, Introspection
Essentials Workshop with MORE pyWars
You will never learn to program by staring at PowerPoint slides. The second day continues the hands-on, lab-centric approach established on day one. This section covers data structures and more detailed programming concepts. Next, we focus on invaluable tips and trick to make you a better Python programmer and how to debug your code. Day two includes topics such as:
● Lists, Loops, Tuples, Dictionaries, The Python Debugger, Coding Tips, Tricks and Shortcuts, System Arguments, and the ArgParser Module
Day three includes in-depth coverage about how defenders can use Python automation as we cover Python modules and techniques that everyone can use. Forensicators and offensive security professionals will also learn essential skills they will apply to their craft. We will play the role of a network defender who needs to find the attackers on their network. We will discuss how to analyses network logs and packets to discover where the attackers are coming from and what they are doing. We will build scripts to empower continuous monitoring and disrupt the attackers before they exfiltration your data. Day 3 topics include:
● File Operations, Python Sets, Regular Expressions, Log Parsing, Data Analysis tools and techniques, Long Tail/Short Tail Analysis, Geolocation acquisition, blacklists and whitelists, Packet Analysis, Packet reassembly, Payload extraction
On day four we will play the role of a forensics analyst who has to carve evidence from artifacts when no tool exists to do so. Even if you don’t do forensics you will find these skills covered on day four are foundational to every security role. We will discuss the process required to carve binary images, find appropriate data of interest in them, and extract that data. Once you have the artifact isolated, there is more analysis to be done. You will learn how to extract metadata from image files. Then we will discuss techniques for finding artifacts in other locations such as SQL databases and interacting with web pages. Day 4 subjects include:
● Acquiring Images from disk, memory and the network, File Carving, the STRUCT module, Raw Network Sockets and protocols, Image Forensics and PIL, SQL Queries, HTTP Communications with Python built in Libraries, Web communications with the Requests module
On day five we play the role of penetration tester whose normal tricks have failed. Their attempts to establish a foothold have been stopped by modern defenses. To bypass these defenses, you will build an agent to give you access to a remote system. Similar agents can be used for Incident response or systems administration, but our focus will be on offensive operations.Today’s subjects include:
● Network Socket Operations, Exception Handling, Process execution, Blocking and Non-blocking Sockets, Asynchronous operations, the select module, Python objects, Argument packing and unpacking
In this final section you will be placed on a team with other students. Working as a team, you will apply the skills you have mastered in a series of programming challenges. Participants will exercise the skills and code they have developed over the previous five days as they exploit vulnerable systems, break encryption cyphers, analyze packets, parse logs, and automate code execution on remote systems. Test your skills! Prove your might!
Whether you are looking for general information or have a specific question, we want to help
Request More Information