Wednesday, July 21, 2021

Python for SecuritySpecialists Cybrary Review

This really is my report on the  Cybrary course, Python for Security Professionals, For starters, I truly appreciate the Cybrary.it model, the lessons are free and you can purchase a certificate of completion (which may help validate the 15 CPEs the course is worth, if you want to justify that type of thing) if you prefer at the end. However, the entire site model is interesting in as you are able to "complete" the courses (lol actually, I've "completed" all of the courses), and choose the relevant certificate, without ever having clicked the video links. That seemingly large security mistake kind of invalidates the certificates, as anyone can obviously say the've completed the course and have the certificate with no done so. All of this aside, I love the thought of free education material and we will now be delving into the information of the Python for Security Professionals course. Like my other reviews, I'm likely to review the material and recommend this based on your experience and time commitment. The course contains 10 hours of video content, which are pretty decent particularly if you are attempting to learn Python from scratch, but slightly less when you are attempting to learn the nuances of Information Security. All the modules are video focused, but have PDFs of slides, activities in python programs, and the completed solutions to the activities in python programs. Overall, the initial four modules are extremely basic and mostly just cover programming in python vs security specific tasks. Another issue is that currently all of the videos are pretty blurry and it's hard to read the code / command line utilized in the video series. Because of this you've to view the videos in HD, nonetheless they address this in the comments and mention how they will soon be re-releasing the videos in a higher resolution. By the end of the weekend, I'd recommend this course to an individual who is attempting to learn Python from scratch by having an Information Security focus, however for someone with an increase of of a background in Python, I would actually recommend a text more like Black Hat Python, for more of an Information Security focus. Having said that, even if you are knowledgeable about Python and Information Security, you may find the final two modules interesting (The Packet Gathering Module and the Info Gathering Module).


The initial module, Intro and Setup, is pretty basic and be easily skipped if you have any prior Python experience. Here he goes over how exactly to setup and install Python, along with why it's a good language for rapid prototyping and security professionals.

Another module, Apprentice Python, can also be very basic and still doesn't touch on anything security related. This module is about basic usage and arithmetic in Python. There's also a stumbling block in the 2nd video, as it's a little odd when he googles for solutions and then reads stack overflow throughout the tutorial.

The Journeyman Python module is interesting, but nevertheless doesn't delve into anything necessarily Information Security specific. In this module he talks a lot about networking protocols and RFCs that govern these. These modules are interesting in they are informative, but fairly incomplete in the information they relay, an example of this will be when he starts speaing frankly about ports and protocols he doesn't differentiate which transport protocol the applying protocols are traveling over, despite discussing the differences between the TCP and UDP transport protocols. In this chapter you're shown you how for connecting to arbitrary TCP ports, that could be ideal for banner grabbing. The final activity in this module demonstrates to you how to be controlled by a TCP port and thus create your own arbitrary file server, however these lack really any security controls.

With Advanced Python he covers ctypes, regular expressions, multi-threading, and finally fuzzing. The multi-threading exercise in this module is pretty interesting, but nevertheless nothing really advanced, just a quick launching of multiple independent threads (vs something that's to take into account deadlocks). The fuzzing section can also be pretty interesting as this can be quite a core Information Security technique, so I appreciate the videos for Slides part 3, jperry even alludes to a stream overflow in this video. Unfortunately, he also says fairly uneducated things like fuzzing and password cracking are similar theoretically (the technique of bruteforce might be similar, but that hardly scratches the idea involved in either subject) or that writing a code cracker is against the CFAA, which is certainly false as industry professionals use password cracking all the time in penetration testing (trafficking hacked information or the particular act of hacking another person's system is illegal, not writing a code cracker). In this module's activities he also writes a reasonably insecure file server implementation. I say it's insecure not since it allows you to arbitrary read / write to an entire drive, but since it uses no authentication or encryption to safeguard the communications, meaning anyone could trivially hijack your fileserver activities scamrisk.com.

Packet Analyzer module is where things get really cool. In part two, jperry starts implementing an IP protocol parser and demonstrates bitwise manipulation to read exact fields out from the protocol. This is a pretty awesome tutorial for writing a network protocol parser in Python and something I would truly call Python for Security Professionals. I would recommend this section for anyone thinking about finding a more comprehensive handle of protocols and automated parsers.

The Info Gathering module can also be really interesting, as here jperry writes an instant post-exploitation RAT in Python for Windows. This really is excellent and where the class really starts digginging into the Python applied to security specific applications. I enjoy where he uses python to parse the Windows registry key values, this is super ideal for various security applications. Overall, I do believe this is a pretty good Python for Security Professionals video. This module also covers a lot of the content from the Post Exploitation Hacking course in this script. I would recommend this module for moderately experienced hackers looking to begin writing their particular implants.

Overall, the modules were congratulations and I appreciate the relaxed approach of the course and exercises. Having said that, I do believe the complete course is great for someone trying to learn Python from scratch, however in the event that you already are a novice Python / Information Security enthusiast you ought to checkout something more like Black Hat Python, and even if you are well versed with Python and Information Security you may find the final two modules interesting. As for Cybrary.it, I truly appreciate what they're doing with free education, I do believe this is a superb program and it deserves lots of support, however I don't think the certifications are worth anything, on the basis of the not enough business-logic security preventing anyone from just acquiring the certificates and never having to go through the courses.

Python for SecuritySpecialists Cybrary Review

This really is my report on the  Cybrary course, Python for Security Professionals, For starters, I truly appreciate the Cybrary.it model, t...