Course Objectives:

Upon successfully completing this course, cadets will be able to:

 

Course Overview

An ethical hacker is simply a hacker who breaks into a computer network to test its security instead of the with the malicious or criminal intent traditionally associated with hacking. At a high level, this is a hacking course. This course will teach you offensive tools and techniques that will enable you to break into computer network and system. The difference is that this course will teach you these techniques with the purpose of helping to better understand these attack vectors to build more defensible systems. Ethical hacking is also commonly use synonymously with Penetration Testing (pen test) which is the practice of testing and penetrating (compromising) a computer network or system to find and fix the vulnerabilities that a malicious attacker would exploit.

In terms of implementation, this course is primarily a guided journey through Offensive Security's Penetration Testing with Kali Linux (PWK) course and is split into 3 blocks. The first block focuses on the provided material and exercises that lay the foundation for a successful pen test. In this block, you will learn how to conduct information gathering (scanning), vulnerability analysis, exploitation (i.e. buffer overflows and command injection) and post-exploitation (i.e. privilege escalation, password attacks, and pivoting). The second block is then an open ended dive into the immersive PWK public lab with over 70 machines for the user to compromise. The final block consist of one of two options depending on the ability of the student. Overall, this block's purpose is to demonstrate master of these skills and the ability to apply the offensive skills you learned to improve defensive systems.

This course is run very much like a team based competition. There is a scoreboard that tracks each student's and team's progress throughout the materials. This course is also honestly taught using the Thayer method and at a graduate level. You will use the provide materials to teach yourself each of the concepts, and class is only discussion to go deeper into the topics and answer questions. The material is also very hard. Offensive's Securities moto is Try Harder. The course work is the basic foundation - you will need to do independent research outside of the provided course material to get through more than a handful of the public lab machines.

Overall, this course is an extremely rewarding course if you are a mature enough learner to handle open ended assignments without complete instruction. The enrollment in the course includes an opportunity to earn the OSCP certification. Space is very limited so please contact me as soon as possible if you are interested.

Grading

This course is out of a total of 1000 points with the break down as follows:

EventDue DatePoints
PWK Course Material Block (60%)
PWK Exercises08 JAN - 03 APR300
PWK Lab Solves and Write-ups24 JAN - 11 MAY300
Performance Block (40%)
NSX Competition Performance21 MAY50
PenTest WPR06 APR150
PWK Lab Solves Presentation12 APR - 07 MAY80
OSCP Examination ScoreNLT 11 MAY70
Instructor Points11 MAY50
Total1000

PWK Block (60% of Overall Grade)

Return to Grade Chart




PWK Exercises (300 Points)

Each student will earn complete the assigned PWK exercises as listed on the lessons page. You will submit a pdf with screenshots (proof of work) that you completed each exercise to your student folder located at \\usmasvddeecs\eecs\Cadet\Courses\CS\CS485\AY182\Students. There are 45 assigned exercises worth 6 points each for a total of 270 points. The remaining points will be earned through bonus points. Two bonus points will be awarded for the first two complete submissions of each exercise. In addition, five bonus points will also be awarded to the team with the highest average completion percentage at the end of each week (0000 Monday Morning). You will lose 1 point (20% of the exercise) per week for each exercise turned in after the assigned due date.
NOTE TO STUDENTS: Bonus points as well as late points are awarded based on the timestamp of the submission to your share folder. Modifying your submission may change the award of bonus points.


Lab Solves and Write-ups (300 Points)

This exercise is very similar to the intitial PWK exercises but, instead of exercise proof-of-works, you will need to exploit and do a write-up (tutorial style report) on your successful exploit of each machine. You are required to exploit twenty (20) machines and will receive up to 14 points per machine (6 per proof.txt and 6 points per writeup.) The first and second blood on each each machine will receive 2 bonus points each. Your time for first blood will be based on the submission of the proof.txt. All documents will be named after the last octet of the IP with leading zeros so 013.txt for 10.11.1.13's proof.txt and 005.pdf for 10.11.1.5's write-up. You can also lose your first blood points on final grading if you do not also have a sufficiently detailed write-up. In addition, you can also earn 2 bonus points for each alternative exploit vector per machine and 5 bonus points per machine compromised over the required twenty. As before, you will lose 1 point per week for each exercises turned in after the assigned due date.

Public Lab Block (40% of Overall Grade)

Return to Grade Chart




NSX Competition Performance (50 Points)

This event will be a chance for you to demonstrate your skills in a live competition. As the final portion of the NSX, the members of this course will break into 3 seperate teams of 4 students to compete against Air Force, Coast Guard, and Navy in an 8-hour Pentration Test competition. More details to follow but this event is one of the main focuses of this course.

PenTest WPR (Exam) (150 Points)

There will be a performance based WPR on all Penetration testing concepts focusing on what was learning from the PWK pdf (Chapters 1-16). These will be multiple choice or fill-in-the-blank questions that force you to demonstrate a complete understanding of the materials. There will also be some performance based tasks that require you to actually execute these skills. This WPR will be open notes, computer and internet with no live-chatting or forum postings allowed.

Lab Presentation (80 Points)

There will be one rounds of Lab Presentations in teams of 2. For these lab presentations, your team will pick their favorite (i.e. most challenging) lab machine that was NOT previously disccussed and do a formal presentation on this machine from recon to exploitation to post exploitation. The select machine needs to be one of the more complicated, multi-step exploits and not simply an exploit-to-shell machine (i.e. a simply metasploit pop). These presentations need to last approximently 25 minutes.


OSCP Examination Score (70 Points)

This event is the second main focus of this course. The OSCP exam is a 24 hour live penetration test on five new, never seen systems similar to the ones you worked on in the lab. You will have 3 chances to take the OSCP exam this semester (one per voucher code). To pass, you need to score a 70/100 on the OSCP exam. If you pass, you will receive 25 extra bonus points on this event. If you fail, I will assign you a score based on the number of proofs obtained during your examination. I will take the best score from your two (up to three) attempts. If you plan to use your first attempt, you should schedule your exam ASAP but NLT 26 JAN. You should schedule to take the second attempt NLT 25 APR, and you should schedule to take your last attempt NLT 12 MAY.

Return to Grade Chart


Pre-requisites:

Knowledge:

  • Basic Networking
    • Understanding of OSI Model
    • Understanding of Layer 3 and 4 interactions (ip addr vs. port)
    • Understanding of Roles of Services (DNS, SSH, Web, etc.)
  • Linux and Windows Familiarity
    • Intermediate Command Line Familiarity
    • Basic Account Administration
    • File Permissions
    • Interact with Services
  • Familiarity with BASH scripting
    • Python scripting
    • Understand (can read) other languages (html, SQL, C)
  • Basic understanding of Assembly / Machine Code

Coures:

  • CS301 or IT300
  • CS384 or IT384
  • CS484 or IT350 (co-requisite)
  • CS380 (co-requisite)
  • By Interview Only
 

© 2018 CPT Michael Kranch (ArchAng31)
Template design by Andreas Viklund