PYTHON FOR PENTESTERS

PYTHON FOR PENTESTERS

10 March 2015 — 25 October 2015

Special Focus

The Python for Pentesters aims to teach you how to apply the powerful Python language to security research, penetration testing and attack automation using a fully hands-on practical approach with a gradual learning curve. This course has something for everyone – from the novice to the expert user! This course is ideal for penetration testers, security enthusiasts and network administrators who want to learn to automate tasks or go beyond just using ready made tools. We will be covering topics in system security, network security, attacking web applications and services, exploitation techniques, malware and binary analysis and task automation.

This training course is part of six-month program:



Price 150.00 Eur
Application deadline 02/10/2015
(This course has ended)

Course Details


☆  Topics

Module 1: Python Scripting – Language Essentials
Module 2: System Programming and Security
Module 3: Network Security Programming – Sniffers and Packet Injectors
Module 4: Attacking Web Applications
Module 5: Exploitation Techniques
Module 6: Malware Analysis and Reverse Engineering
Module 7: Attack Task Automation
Module 8: Further Study and Roadmap

☆  Python Scripting – Language Essentials

Introduction to Interpreted Languages and Python
Data Types and variables
Operators and Expressions
Program Structure and Control
Functions and Functional Programming
Classes, Objects and other OOPS concepts
Modules, Packages and Distribution
Python in Linux and Unixes
Python in Windows
Python in Mobiles: iPhone and Androids
Python in Embedded Devices: Routers
Program Portability
Lab Exercises

☆  System Programming and Security

I/O in Python
File and Directory Access
Multithreading and Concurrency
Inter Process Communication (IPC)
Permissions and Controls
Case Studies
Lab Exercises

☆  Network Security Programming – Sniffers and Packet Injectors

Raw Socket basics
Socket Libraries and Functionality
Programming Servers and Clients
Programming Wired and Wireless Sniffers
Programming arbitrary packet injectors
PCAP file parsing and analysis
Case Studies
Lab Exercises

☆  Web Application Security

Web Servers and Client scripting
Web Application Fuzzers
Scraping Web Applications – HTML and XML file analysis
Web Browser Emulation
Attacking Web Services
Application Proxies and Data Mangling
Automation of attacks such as SQL Injection, XSS etc.
Case Studies
Lab Exercises

☆  Exploitation Techniques

Exploit Development techniques
Immunity Debuggers and Libs
Writing plugins in Python
Binary data analysis
Exploit analysis Automation
Case Studies
Lab Exercises

☆  Malware Analysis and Reverse Engineering

Process Debugging basics
Pydbg and its applications
Analyzing live applications
Setting breakpoints, reading memory etc.
In-memory modifications and patching
Case Studies
Lab Exercises

☆  Attack Task Automation

Task Automation with Python
Libraries and Applications
Case Studies
Lab Exercises

☆  Instructor Profile

Drinor Selmanaj has experience in cyber security. He has been working with FLOSSK for 2 years now he is one of many contributors in Kosovo in many open source projects, he has been doing workshops around Kosovo in data security, also being a FLOSSKie he has been maintaining the network of the SFK (Software Freedom Kosova) the annual conference about open source in Kosovo. His expertise are networks and computer security. While on workdays he is the CEO of HelloWorld, a company which is focused on application development. His passion about computer security and networks never stops. He will be showing some awesome stuff at advanced cyber security training.

☆  Duration

24 hours

Saturday & Sunday, starting 17:00 – 20:00

03 October 2015 – 25 October 2015

☆  Contact Information

Innovation Centre Kosovo; Rexhep Mala str. 28A, 10000, Prishtina

training@ickosovo.com; 049 765 567




PYTHON FOR PENTESTERS

Drinor Selmanaj

Instructor

Drinor Selmanaj is a lecturer, entrepreneur and information security specialist from Kosovo.
He has spent his years consulting, auditing, and hardening IT-infrastructures in companies and organizations across the region.
As a lecturer, he has established a Penetration Testing programme at ICK which seeks to hone the skills of young technology enthusiasts looking into entering the field of cybersecurity.
His entrepreneurial spirit led him to found a software development company called “Hello World!” centered around creating secure and highly functional digital products for local companies and businesses.
He is the CTO and co-founder of “Sentry L.L.C” - one of the first companies in Kosovo to regionally offer products and an extensive list of services in information security.
As a citizen of Kosovo and a member of various hacker communities, Drinor is able to see both the needs of legitimate businesses as well as the needs of a darker digital underground.






BOLD

© ICK — Innovation Centre Kosovo