Fall 2025
Prof. Charles Nicholas
410-455-2594
nicholas@umbc.edu
ITE 356
Student office hours: MW 2:30-4pm, subject to change
I'll be holding office hours in-person and over WebEx. It's a good idea to send email before trying to meet with me, since my schedule may change at short notice.
To meet with me over WebEx: https://umbc.webex.com/meet/nicholas
The TAs will hold office hours on the Discord site. In-person meetings will be by appointment or on a schedule TBD. Subject to change, see the entries for specific weeks below.
|
Role/Title | Email Address |
Office Hours |
| Alex Henning | Undergrad Teaching Fellow | ahennin1@umbc.edu | Thu 6-8pm |
| Michael Mayhugh | Undergrad Teaching Fellow | mmayhug1@umbc.edu | Noon-2pm Discord |
| Charles Maxa | Undergrad Teaching Fellow | cmaxa1@umbc.edu | Tue 9-11pm Discord |
Rob Shovan |
Assistant Instructor | rshovan1@umbc.edu |
W 4-6pm |
Course Information
Class begins on Wednesday, August 27, 2025, 7:10-9:25pm.
The class is scheduled to meet in hybrid format.
No requirement for in-person participation is planned, and remote particpation will be the norm.
The assigned classroom is MP 101, but we probably won't use it!
If illness of any kind keeps you from finishing an assignment on time, let me know, and we'll try to be helpful.
This course uses WebEx for class presentations, and Discord for in-class discussions and meetings with TAs.
The WebEx and Discord links for the class and course assistant office hours are found here.
You will need UMBC credentials to access these links.
The WebEx portion(s) of each class will be recorded automatically, and made available after each class session.
A link to the course recordings appears after each session. All recordings will be in this Box directory.
Course website: https://courses.cs.umbc.edu/undergraduate/CMSC491activeCyber/indexFall25.html
(You are looking at this web page now :-)
Course Policies
Grading
Grading Scheme: 20% competition participation, 80% homeworks. Homeworks are equal weight, and there will be 8-10 of them. There are no exams.
You will be given time to work on each lab during the meetings. Some labs may have a group portion and an individual portion. You may collaborate with other students or CyberDawgs club members on the group portion of such labs. However, you must still complete the lab on your own virtual machine. You may not work on the individual portions of the labs with any other students or club members. Labs must be submitted by 7:00pm the following Wednesday. Whatever the number of lab assignments, the lowest lab grade will be dropped.
You are required to participate in at least one CTF or red team/blue team competition during the semester. At this time, we expect all such events to be online. Events hosted during regular club meetings do not count towards this requirement. Recommended competitions will be discussed in class. If you would like to compete in a competition that has not been mentioned, please email Dr. Nicholas.
Generative AI: For this class, if you use ChatGPT (or similar chatbots or AI-based generation tools), you must describe exactly how you used it, including providing the prompt, original generation, and your edits. This applies to prose, code, or any form of content creation. Not disclosing is an academic integrity violation. If you do disclose, your answer may receive anywhere from 0 to full credit, depending on the extent of substantive edits, achievement of learning outcomes, and overall circumvention of those outcomes.
Use of AI/automatic tools for grammatical assistance (such as spell-checkers or Grammarly) or small-scale predictive text (e.g., next word prediction, tab completion) is okay. Provided the use of these tools does not change the substance of your work, use of these tools may be, but is not required to be, disclosed.
We'll discuss other permitted and encouraged uses of ChatGPT, CoPilot, and other generative AI systems.
Academic Integrity
Students are expected to do their own assignments. We may allow collaboration on certain assignments during the semester, but we will tell you so as that happens. If you submit for credit work that is not your own, there will be consequences, perhaps including zero on that assignment, reduction in final grade, or forfeiture of current or future prospects for financial aid from CSEE. Here is a web site that explains UMBC's position on Academic Integrity.
Resources for Students
Do you know about Retriever Essentials? It's there if you need them. According to their web site, "Retriever Essentials is a faculty, staff, and student-led partnership that promotes food access in the UMBC community. However, we offer more than just free groceries, we also offer toiletries, baby items, and meal swipes. The services we provide that are listed below are 100% free. You can find more in-depth information regarding each of our services in the attached documents."
We hereby incorporate the Syllabus Language provided by the UMBC Office of Equity and Civil Rights for this semester, as given here:
https://ecr.umbc.edu/sample-title-ix-responsible-employee-syllabus-language/
Prerequisites:
Interest in cyberdefense, including inter-collegiate competition. Computer Science background equivalent to Data Structures CMSC 341 is assumed. A course in computer security is encouraged but not required.
Students are expected to have a working knowledge of the Windows and Unix operating systems, networks, and/or software development techniques, along with interest if not experience in planning and conducting both penetration testing and countermeasures development.
Abuse of the knowledge or experience you gain in this course may subject you to discipline under UMBC policy and/or criminal prosecution. Do not expect your status as a student to protect you if you break the law! Hacking into campus computers (other than systems approved for such a purpose) is a violation of UMBC policy, and may result in disciplinary action possibly including expulsion, in addition to possible criminal charges.
This class was taught for the first time in Fall 2017, and the web sites for Fall 2017, Fall 2018, Fall 2019, Fall 2020, Fall 2021, Fall 2022, Fall 2023, and Fall 2024 are still available.
Textbook(s): None
The following book(s) are not required, but may be helpful:
- Cyberoperations, by Mike O'Leary, second edition
- Windows Internals, Parts 1 and 2, by Mark Russinovich
- Hacking: the art of exploitation, by Jon Erickson.
Be careful when dowloading "free" copies of this or similar books! Additional resources, varying in quality, can be found on Wikibooks and other places.
Overview
- One of the purposes of this course is to provide a means of awarding academic credit to those who participate in the UMBC CyberDefense Club weekly meetings.
- CyberDawgs website: http://umbccd.umbc.edu/
- This is a HANDS ON course. You will need a laptop - or desktop - computer!
- furthermore, your laptop MUST be capable of running VirtualBox. Many Mac laptops do NOT support VirtualBox.
- Everybody will be required to participate in some fashion in the cyberdefense competition that the Cyberdawgs will be organizing this fall. Performance in that event may qualify you for membership in our Cyberdefense Team, which has won several regional and national competitions in recent years.
Class Schedule (Subject to Change)
- The recordings for each class session will be stored in this Box directory.
- You may need to use the UMBC VPN, or authenticate with myUMBC, in order to access the slides or the recordings.
- You may need to use the UMBC VPN, or authenticate with myUMBC, in order to access the slides or the recordings.
- Meeting 1 INTRODUCTION August 27
- Slides for Introduction
- and give people time to join the call
- and give people time to join the call
- Announcements
- Update on waiting lists. No plans to add more grad students, sorry.
Some undergrads need this class in order to graduate in December with the cyber track. The department process will do what it does. - Are you aware of SFS Scholarships? Citizens and PRs. Stipend plus tuition benefts!
- Undergrads, are you aware of the BS/MS degree? What about Study Abroad?
- Update on waiting lists. No plans to add more grad students, sorry.
- This will be an introduction and orientation session.
- Discuss how grades will be assigned, what homeworks might be given, and so forth. Attendance but also active participation are important!
People who master the material to the point where they can effectively help others are likely to be awarded a good grade.
I anticipate giving many As, several Bs, and few if any lower grades.
- Discuss how grades will be assigned, what homeworks might be given, and so forth. Attendance but also active participation are important!
- Since many of you will be participating from off campus, it may be necessary for you to access the campus network usig a VPN.
- Instructions for using the VPN are available with a quick search
- You will need to establish the VPN connection before you will be able to access the web page that has the WebEx or Discord links.
This is to prevent the rest of the world from accessing the instructional material that you are paying for with tuition dollars,
as well as make it more difficult for others to disrupt the class via WebEx-bombing. - That's why I sent the email on Monday with the links, so that students could join the WebEx call tonight!
- The UMBC Cyber Defense Club is now known officially as the UMBC CyberDawgs!
- There is a UMBCCD email list, which you can join from the club web page UMBC CyberDefense Club.
- The CyberDawgs have a myUMBC Group https://my3.my.umbc.edu/groups/umbccd
- We intend to give a demo of VirtualBox, and the Kali VM
- The Kali VM we've prepared for this year is found in an OVA file.
- We will upload the file to Box before class, and here is the link. (9.21 GB)
- You can also check out the Kali VM we used in Fall 2023, found here.
- For this VM, the username is "activecyber" and the password is"Sqordfish0!", without the quotes.
- You can also get your own Kali VM image from https://www.kali.org
- Take a look at the 'usermod' command if you want to change the name of a user...
- Be aware of resources such as this Kali Linux Cheat Sheet
- Mac users may need to use this version of VirtualBox
https://download.virtualbox.org/virtualbox/7.2.0/VirtualBox-7.2.0-170228-macOSArm64.dmg
please let us know if it works, or not!
- Homework: ungraded
- Download and install VirtualBox (free for students) often VBox is used as an abbreviation
- Guest Additions may be installed by default, but the Extensions pack is not necessary.
- The documentation for VBox is extensive. Details for VBox Networking
- Download and install the Kali VM provided
- Login to your Kali system, do any updates that are needed, and make a snapshot (or a clone) of the VM
- Create a new user with admin privileges
- It's okay to use the Kali documentation, or web search, or genAI. on this assignment.
- The recordings for each class session will be stored
here
- You may need to use the UMBC VPN, or authenticate with myUMBC, in order to access the slides or the recordings.
- You may need to use the UMBC VPN, or authenticate with myUMBC, in order to access the slides or the recordings.
- Slides for Introduction
- Meeting 2 VM and Linux Admin Crash Course September 3
- Announcements
- If any undergradutae students need this class to finish their cyber track, let me know!
- The class BlackBoard site should now be open. We use BB for managing grades, and submission of assignments. Quick preview.
- A CyberDawg representative will discuss the upcoming CyberPaws CTF
- The CyberDawgs will from time to time organize teams for upcoming cyber competitions. If any such thing is happening, we will discuss!
- Will count towards the class competition requirement! Rob can say more perhaps.
- Nicholas is not sure of the status of HackUMBC, but we know it usually takes place over the last weekend in September
- Please note that Hack-a-thons and cyber events are different! There is some but not a lot of overlap in interested students.
- Dr. Nicholas may be teaching tonight from his hotel room in Nottingham, UK!
See the Document Engineering 2025 program
- An informal history of the Cyber Defense Team
- Particpation in some sort of approved cyber competition is a requirement of this course.
- The NSA Codebreaker Challenge was created in 2013 and provides U.S based academic institutions exposure to unclassified problems that simulate the work performed at NSA. The challenge provides a realistic, NSA-centered scenario that inspires students to expand and demonstrate their technical abilities through tasks that require a mix of software reverse engineering, vulnerability analysis, exploitation development, and network analysis. Through the Codebreaker Challenge, we are able to build academic partnerships and talent communities, influence academic curriculum, raise awareness of NSA mission, instill trust and confidence in the Agency, and promote career opportunities. 5,000 students from 450 schools across the country participated in last year’s challenge and we hope this year’s challenge will be just as successful.
- The NSA Codebreaker Challenge was created in 2013 and provides U.S based academic institutions exposure to unclassified problems that simulate the work performed at NSA. The challenge provides a realistic, NSA-centered scenario that inspires students to expand and demonstrate their technical abilities through tasks that require a mix of software reverse engineering, vulnerability analysis, exploitation development, and network analysis. Through the Codebreaker Challenge, we are able to build academic partnerships and talent communities, influence academic curriculum, raise awareness of NSA mission, instill trust and confidence in the Agency, and promote career opportunities. 5,000 students from 450 schools across the country participated in last year’s challenge and we hope this year’s challenge will be just as successful.
- In Cyber, especially competition,
- learning everything you may ever need is impractical, so learn them as you need them
- more to come
- Announcements
- Knowing where to find information is useful. There are lots of resources available regarding different versions of UNIX and Linux
- In anticipation of next week and beyond, take a look at this comprehensive list of Linux Commands
- How many of these do you use a lot?
- How many of them have you never used?
- How would you find out which Linux commands are installed on your system?
- one answer
- but such methods may not be allowed in competition!
- You can view this evening's slides on Linux Administration
-
Demo: installing an FTP client - FileZilla
- sudo apt update
- what if it won't let me use sudo?
- Charles can explain!
- sudo apt upgrade (this could take a while! might be worth making a snapshot or even a clone when done)
- sudo apt install filezilla
- create a launcher for the Kali Desktop
- sudo apt update
- Demo: installing an FTP server - vsftpd
- see instructions at documentation.ubuntu.com
- sudo apt install vsftpd
- man vsftpd
- check and edit the configuration file /etc/vsftpd.conf as desired
- demo of other commands such as sudo, nano, ps, grep, and others
- test this FTP server using FileZilla
- start the service: sudo service vsftpd start
- other commands include stop, restart, and status
- test the service: sudo service vsftpd status
- see if we can connect:
- ftp localhost 21
- nmap localhost -p 21
- netstat -ltp (or ss -ltp)
- lsof -i :21
- may need to open port 21, but how? different flavors of Linux do this different ways!
- We find it convenient to have a minimal Ubuntu VM, along with Kali. Recommend two CPUs, at least 4GB of RAM
- Optional exercise, no points or deadlines: download and install a minimal version of Linux
- Several choices are available, see https://www.makeuseof.com/tag/linux-distro-space/
- We like the idea of creating a bootable USB drive using Etcher (Linux) or Rufus (Windows)
- Charles has had success with Lubuntu, a light-weight version of Ubuntu
- Demo VBox snapshots, clones, and applicances.
- The lab assignment for this week has an UPDATED LINK. Due at 7pm next Wednesday. Make sure, for this assignment and all the others, that the DATE on the assignment is for the current semester!
- We believe that the Blackboard site is open, so that students may submit lab assignments.
- We were not able to make a recording of this week's class. But the one from last year should be very much like it, so feel free to view last year's session if need be.
- Meeting 3 Windows Administration September 10
- Announcements
- We are aware of upcoming religious holidays, just let Dr. Nicholas know if you need extra time.
- We are aware of upcoming religious holidays, just let Dr. Nicholas know if you need extra time.
- You can view this evening's slides on Windows Administration
- Announcements
- Lots of concepts from UNIX found their way into Windows, such as environment variables among many others.
- This week's lab assignment was posted on BB earlier. Direct link.
- Please install this Windows 2016 server. (Active...ova)
- Beware! this file is about 11 gigs, and will take some time to download.
- For this VM, the username is Administrator and the password is Sqordfish0!
- We don't care that this is an expired evaluation version, do we?
- Okay to re-install Guest Additions
- If you prefer a fresh copy of Windows Server from Microsoft, you can visit their Evaluation Center.
- Windows Server 2012 R2 (really old) (about eight gigs, 9600...vhd)
- Windows Server 2016 (about seven gigs, Windows...ISO)
- Windows Server 2019 (about ten gigs, 17763...vhd)
- Windows Server 2022 (about 12 gigs, 20348...vhd)
- You may want to learn about the internals of Windows.
- Meeting 4 Network-Base Firewalls September 17
- In the past, we have allowed students to participate in the Flash CTF sponsored by MetaCTF. Exact times and dates TBD.
- This competition will last 2 hours, and if you do the competitions in October and November, that will satisfy the competition requirement.
- There will be 5 challenges covering a range of difficulties and topics. Sign up at (link TBD)
- Registration for CDE 2025 is now open!
- In the past, we have allowed students to participate in the Flash CTF sponsored by MetaCTF. Exact times and dates TBD.
- MetaCTF Flash CTF https://app.metactf.com/join/sep2025
- hackUMBC (27th@9am-28th@5pm) https://hackumbc.tech/
- For the competition requirement, we need a 2-page writeup. Discuss your experience in the competition, how this course did or did not help you, and any lessons learned. More on this later.
- We'll be using these slides,
- review of OSI
- IPs and ports
- perimeter- vs. host-based firewalls
- rules can specify ports, protocols, IP ranges, and more
- The lab assignment for this week has been released.
- Demos: using Kali to run port scan (YouTube 1) (YouTube 2)
- Do NOT run a port scan on any host without permission.
- You always have permission to scan 127.0.0.1, in fact, that's a good first try!
- You may want to check out this set of five videos on Ethical Hacking!
- A networking overview on YouTube
- The drawing tool https://app.diagrams.net/
- The network diagram example
- Firewall vendors offer lots of documentation, for example Palo Alto
- We described an open-source firewall called pfSense
- We described an open-source firewall called pfSense
- Check out this CIDR Calculator
- Meeting 5 Linux Hardening September 24
- Announcements
- Happy New Year to those who are celebrating!
- We may have more information about upcoming cyber competitions.
- You may have heard of the NSA Codebreaker Challenge!
- This one definitely counts towards the course competition requirement - with a good faith effort
- The Office of Academic Engagements (OAE) is pleased to announce the National Security Agency (NSA), in collaboration with the Air Force Cyber Operations Squadron, "2025 CODEBREAKER CHALLENGE" from September 24, 2025, to January 14, 2026.
The Codebreaker Challenge comprises a series of tasks, each worth a varying number of points based on its difficulty. The Air Force Cyber Operations Squadron has identified malicious activity and is working to mitigate the threat to DoD networks worldwide by collaborating with the NSA. Stop them from infiltrating and sabotaging U.S. military operations by leveraging skills in Reverse Engineering; Vulnerability Research & Exploitation; Cryptanalysis; Forensics; and Programming
This year, as usual, the tasks are designed to be strictly sequential, adding an extra layer of challenge and engagement. One task must be solved before the next one becomes available. Participating Schools will be ranked according to the total number of points accrued by their students. Each task in this year's challenge will be a unique opportunity for growth and learning. You will need to draw upon all your technical expertise, intuition, and common sense, making this a truly enriching experience.
Those interested in attending, click on Register Here. (This site seems to block access over a V PN.)
- Previous years' challenges, solutions and leaderboard stats may also be available.
- For Active Cyber participation credit, solve at least the first two levels. If you do them all, I will award an A in the class!
- NightWing is hosting a competition at HackUMBC this weekend.
- Announcements
- There may still be some openings in CDE
- Some new slides. Comments and suggestions are welcome.
- The homework for this week has been released! Make sure the assigned and due dates are right.
- Details for VBox Networking
- Using Google Compute for Malware Analysis
- check out this detailed report!
- check out this detailed report!
- Some of us recommend the documentation for Arch as a general Linux reference
- The study guides for the Red Hat certification(s) are useful, if you prefer reading a book!
- Consider this example.
- For information on lots of Linux distributions, see Distro Watch
- Do we all know about Docker?
- A useful introduction from Linux Format magazine, but assumes a Linux host
- A useful introduction from Linux Format magazine, but assumes a Linux host
- Meeting 6 Windows Hardening October 1
- Announcements
- Blessings of the day, to those observing!
- Blessings of the day, to those observing!
- The slides for tonight.
- The lab assignment for tonight.
- A link to Windows documentation for Firewall
- Do you know about Hack the Box?
- Announcements
- Watch videos from @ippsec
- A session (from Spring 2021) on Windows Shenanigans
- A tool for Windows Hardening Hardening Kitty
- Meeting 7 Linux Incident Response October 8
- Announcements
- The Linux IR slides for tonight
- How might Nicholas use chatGPT for lecture prep? example
- Linux Threat Intelligence example here
- Not be confused with CTI using Linux, especially Kali
- Nicholas has a high opinion of SANS and the training it offers, free and otherwise
- when it comes to Linux IR, for example, this cheat sheet may be useful
- when it comes to Linux IR, for example, this cheat sheet may be useful
- A Linux IR Checklist
- A Jupyter Notebook for malware triage (link)
- feel free to install this on a Kali VM
- feel free to install this on a Kali VM
- Other resources on IR are available, but seem to vary in quality
- this site on GitHub might be useful, but I can't vouch for it
- except this highly-rated but maybe a bit older book (Amazon link)
Incident Response & Computer Forensics, Third Edition
- The lab assignment for tonight. The Debian VM needed is here (ova)
- Tonight Dr. Nicholas might host an "Ask Me Anything" regarding graduate school!
- Is a graduate degree worthwhile?
- How do I pay for grad school?
- I'm already a grad student. Why are you telling me this?
- Some might want to look at this link to an example master's thesis.
- The recordings from previous class sessions have been uploaded to here.
- Meeting 8 Windows Incident Response October 15
- Announcements
- The slides for tonight.
- The lab assignment for tonight has been released. The VM you need to use is here (OVA)
- We have a high opinion of TryHackMe
- Optional! Dr. Joyce's demo of Windows XP malware from Fall 2023 (mp4) (vtt)
- Competition Writeup is worth 20% of the grade. We expect no more than two pages of text, PDF please.
- What competition did you participate in? If there's a specific date, e.g. the CDE held on 4 October, mention that.
- What was the format of the competition? CTF, Red vs. Blue, or something else?
- What part of the competition did you enjoy the most? what part did you enjoy the least?
- Is there a topic or a cyber-skill that you found most useful?
- Is there a topic or a cyber-skill that you wished you had more of?
- Was the competition a learning experience? If so, how?
- The writeup will be submitted using BlackBoard, as usual, due date 11:59pm Monday of the last week of class
- If you turn in the competition writeup before class on Monday December 3, you'll be eligible for extra credit
- If you do more than one competition, include them all in your one competition
- Meeting 9 October 22
Offensive Security
- Slides for this week.
- The homework assignment for tonight. We're giving you two weeks for this one.
- Working in pairs is allowed if mentioned in both reports.
- This Ubuntu VM will be needed for the assignment.
- If the VM fails to boot on your VirtualBox, make sure you are running the latest version of VirtualBox.
- A screen snap must accompany any complaint :-)
- Prof. Nicholas may present some slides on Password Cracking
- Meeting 10 October 29 Cyber Threat Intelligence and Working in Cyber
- Slides for tonight
- Google's Cybersecurity Forecast 2025 (available from Google, pdf for users at UMBC)
- Microsoft's recent Digital Defense Report for 2025.
- Compare to Microsoft's CTI Blog, which is more specific to incidents and/or threat actors
- Cyber Threat Hunting, one of several useful documents from CrowdStrike (pdf, UMBC only)
- It would be good to become familiar with the MITRE ATT&CK Framework! and the D3FEND Framework...
- Rob Shovan has prepared some slides
- Meeting 11 Windows Malware November 5
- Meeting 12 Guest Speaker November 12
- Another special topic! Nicholas slides
- Guest Speaker: Robleh Esa from MITRE
- Windows Systems Programming (ppt)
- Possible topics for other speakers. What do you think?
- Social Engineering
- Example of a Process Injector
- What's it like to be a Red Teamer?
- Gov vs. contractor vs. private industry
- Secure Coding in RUST?
- CERTs 8570, vs. CISSP, vs. CEH (Homer from TC?)
- others?
- Meeting 13 November 19 Round Table
- Optional! Special topic! Nicholas, Fuzzy Similarity Metrics (Trello)
- Round Table Discussion
- Questions:
- What was your favorite part of the class, and why?
- Did you have a favorite homework assignment?
- What was the hardest homework assignment, for you?
- What improvements can be made in the assignments?
- Did you have any trouble finding a cyber competition to participate in, as required?
- Did you have a favorite lecture?
- Is there something that we did not need to cover?
- Was there something that we should have covered in class, but did not?
- Other questions and comments?
- PLEASE, be sure to complete the course survey for CMSC 491/691, if you have not yet done so!
- November 26 NO CLASS
- Thanksgiving Eve, and UMBC is closed this week!
- At some point, you will get an email from the campus, asking you to fill out the SEEQ. Please do this!
- Recall that the Student Evaluation of Educational Quality (SEEQ) is a standardized course evaluation instrument used to provide measures of an instructor’s teaching effectiveness.
- The Direct Instructor Feedback Forms (DIFFs) were designed to provide feedback to instructors.
The responses to the SEEQ and the DIFFs will be kept confidential and will not be distributed until final grades are posted.
- Meeting 14 In-class CTF December 3
- The slides for this week
- The assignment (link) for this week.
The CTF itself is accessed through this CTF link - The top THREE high-scoring teams will be awarded extra credit!
- The last day of classes this semester is Tuesday December 9. So this is the last Active Cyber class for the semester!
- There is NO final exam in this class...but anybody who does well on the in-class CTF held in late November will have reason to hope for a good grade!
- Competition Writeup will be due 11:59pm Monday of the last week of school, that is, December 8, 2025.
- This refers to the competition requirement, which is NOT the same as the class CTF.
- This refers to the competition requirement, which is NOT the same as the class CTF.
- Online Student Course Evaluations (SCE's) for fall semester are open until Tuesday, December 9 at 11:59pm. You can complete the SCE any time before the Tuesday 11:59pm deadline.
PLEASE, be sure to complete the course survey for CMSC 491/691, which provides valuable feedback for me, the TAs. and the university.
We appreciate the time that you take to complete these surveys, and the department and I take them seriously as a way to keep improving CS courses.
While you're at it, please complete the course surveys for all of your courses, and ask your friends to do the same! The administration actually does look at the data and we do our best to work with departments and faculty both to address problems, and to recognize excellent teaching.
Resources that don't fit into the schedule, but may still be helpful! I haven't tried them all, so watch your step!
- Some Tools for Red Teams
- A Windows Privilege Escalation Tool
- How to Create a Virtual Hacking Lab
- A list of Hacker-Oriented Search Engines
- A series on Windows Rootkit Development part 1, part 2, part 3, part 4
- The Mandiant Blog has lots of cool material! Such as this
- A lot of cyber information gets posted on
TwitterX, such as this - Preparing for the Certified Red Team Pentesting Exam? Take a look at these CRTP Notes
- Take a look at this Windows Internal Crash Course (youtube)
- A recent doctoral dissertation related to DNS
- A tool for monitoring Linux systems
- Some Awesome Cybersecurity Handbooks
- More to come!
Geetings from Bosco!
We intend to keep this web page active into the indefinite future. Who knows? You may find it useful!