Update CyBOK metadata

scenarios/ctf/access_can_roll.xml

@@ -34,7 +34,7 @@ Your password on both systems is: tiaspbiqe2r
     <keyword>setuid/setgid</keyword>
     <keyword>Hardlink protections</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>public-key signatures</keyword>
   </CyBOK>
 

scenarios/ctf/analyse_this.xml

@@ -20,7 +20,7 @@
   <CyBOK KA="F" topic="Artifact Analysis">
     <keyword>Encoding and alternative data formats</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <!-- pcap -->

scenarios/ctf/encoding_challenges.xml

@@ -15,10 +15,10 @@
   <type>crypto-ctf</type>
   <difficulty>easy</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>public-key encryption</keyword>
   </CyBOK>
   <CyBOK KA="AAA" topic="Authentication">

scenarios/ctf/feeling_blu.xml

@@ -59,7 +59,7 @@
   </CyBOK>
 
   <!-- decrypt zip file -->
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="AAA" topic="Authentication">

scenarios/ctf/ff_decode_me.xml

@@ -15,7 +15,7 @@
   <type>pwn-ctf</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="F" topic="Artifact Analysis">

scenarios/ctf/ff_hackme_corp.xml

@@ -18,7 +18,7 @@ Happy hacking!
   <type>pwn-ctf</type>
   <difficulty>easy</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="F" topic="Artifact Analysis">

scenarios/ctf/ff_in_the_wild.xml

@@ -15,7 +15,7 @@
   <type>pwn-ctf</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="F" topic="Artifact Analysis">

scenarios/ctf/flawed_fortress.xml

@@ -17,7 +17,7 @@
   <type>pwn-ctf</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="F" topic="Artifact Analysis">

scenarios/ctf/nw_cyber_games.xml

@@ -15,7 +15,7 @@
   <type>web-hints</type>
   <difficulty>easy</difficulty>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="AAA" topic="Authentication">

scenarios/ctf/performance_peril.xml

@@ -37,7 +37,7 @@
     <CyBOK KA="F" topic="Artifact Analysis">
         <keyword>Encoding and alternative data formats</keyword>
     </CyBOK>
-    <CyBOK KA="C" topic="Symmetric Cryptography">
+    <CyBOK KA="AC" topic="Symmetric Cryptography">
         <keyword>symmetric encryption and authentication</keyword>
     </CyBOK>
 

scenarios/ctf/post_it.xml

@@ -39,7 +39,7 @@
     <keyword>Post-exploitation: pivoting attacks, information gathering</keyword>
   </CyBOK>
   <!-- decrypt zip file -->
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="AAA" topic="Authentication">

scenarios/ctf/rooting_for_a_win.xml

@@ -35,7 +35,7 @@
   <CyBOK KA="F" topic="Artifact Analysis">
     <keyword>Encoding and alternative data formats</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
 

scenarios/ctf/time_to_patch.xml

@@ -63,7 +63,7 @@
   </CyBOK>
 
   <!-- decrypt zip file -->
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>
   <CyBOK KA="AAA" topic="Authentication">

scenarios/examples/cybok_example.xml

@@ -21,7 +21,7 @@
 		<keyword>ACCESS CONTROL - DAC (DISCRETIONARY ACCESS CONTROL)</keyword>
 		<keyword>Unix File Permissions</keyword>
 	</CyBOK>
-	<CyBOK KA="C" topic="Cryptography">
+	<CyBOK KA="AC" topic="Cryptography">
 		<keyword>stream ciphers</keyword>
 		<keyword>substitution ciphers</keyword>
 	</CyBOK>

scenarios/labs/cyber_security_landscape/3_phishing.xml

@@ -29,7 +29,12 @@
     <keyword>MALCODE/MALWARE - SOCIAL ENGINEERING - BAITING</keyword>
     <keyword>MALCODE/MALWARE - SOCIAL ENGINEERING - PRETEXTING</keyword>
     <keyword>MALCODE/MALWARE - VIRUSES - COUNTERMEASUMALCODE/MALWARE - VIRUSES - MACRO VIRUSES</keyword>
-    <keyword>MALCODE/MALWARE - SPAM . . . . .MALCODE/MALWARE - SPOOFING</keyword>
+    <keyword>MALCODE/MALWARE - SPAM</keyword>
+    <keyword>MALCODE/MALWARE - SPOOFING</keyword>
+  </CyBOK>
+  <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
+    <keyword>E-MAIL - PHISHING</keyword>
+    <keyword>E-MAIL - SPOOFING</keyword>
   </CyBOK>
 
   <system>

scenarios/labs/cyber_security_landscape/4_encoding_encryption.xml

@@ -31,6 +31,10 @@
   <CyBOK KA="F" topic="Artifact Analysis">
     <keyword>Encoding and alternative data formats</keyword>
   </CyBOK>
+  <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+    <keyword>ENCODING</keyword>
+    <keyword>BASE64</keyword>
+  </CyBOK>
 
   <system>
     <system_name>desktop</system_name>

scenarios/labs/cyber_security_landscape/6_symmetric_enc_aes.xml

@@ -19,6 +19,20 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
+  <CyBOK KA="AC" topic="Algorithms, Schemes and Protocols">
+    <keyword>ADVANCED ENCRYPTION STANDARD (AES)</keyword>
+    <keyword>ECB (ELECTRONIC CODE BOOK) BLOCK CIPHER MODE</keyword>
+  </CyBOK>
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
+    <keyword>symmetric primitives</keyword>
+    <keyword>symmetric encryption and authentication</keyword>
+  </CyBOK>
+  <CyBOK KA="AC" topic="Cryptographic Implementation">
+    <keyword>Cryptographic Libraries</keyword>
+    <keyword>ENCRYPTION - TOOLS</keyword>
+  </CyBOK>
+  
+
   <system>
     <system_name>desktop</system_name>
     <base distro="Debian 10" type="desktop" name="KDE"/>

scenarios/labs/cyber_security_landscape/7_asymmetric_enc_rsa.xml

@@ -19,6 +19,25 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
+  <CyBOK KA="AC" topic="Algorithms, Schemes and Protocols">
+    <keyword>CRYPTOGRAPHY - ASYMMETRIC - RSA</keyword>
+    <keyword>DIFFIE-HELLMAN ALGORITHM</keyword>
+  </CyBOK>
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
+    <keyword>public-key encryption</keyword>
+    <keyword>public-key signatures</keyword>
+    <keyword>RSA MODULUS</keyword>
+    <keyword>RSA PROBLEM</keyword>
+    <keyword>RSA TRANSFORM</keyword>
+  </CyBOK>
+  <CyBOK KA="AC" topic="Key Management">
+    <keyword>key generation</keyword>
+  </CyBOK>
+  <CyBOK KA="AC" topic="Cryptographic Implementation">
+    <keyword>Cryptographic Libraries</keyword>
+    <keyword>ENCRYPTION - TOOLS</keyword>
+  </CyBOK>
+
   <system>
     <system_name>desktop</system_name>
     <base distro="Debian 10" type="desktop" name="KDE"/>

scenarios/labs/labtainers/cyberciege.xml

@@ -19,7 +19,7 @@
   <CyBOK KA="AAA" topic="Authorisation">
     <keyword>ACCESS CONTROL - MAC (MANDATORY ACCESS CONTROL)</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Schemes">
+  <CyBOK KA="AC" topic="Algorithms, Schemes and Protocols">
     <keyword>TLS</keyword>
   </CyBOK>
   <CyBOK KA="CPS" topic="Cyber-Physical Systems">

scenarios/labs/labtainers/macs-hash.xml

@@ -16,7 +16,7 @@
     <keyword>user authentication</keyword>
     <keyword>Cryptography and authentication (hashes and attacks against authentication schemes / passwords)</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
     <keyword>MESSAGE AUTHENTICATION CODE (MAC)</keyword>
     <keyword>HASHED MESSAGE AUTHENTICATION CODE (HMAC)</keyword>

scenarios/labs/labtainers/onewayhash.xml

@@ -16,7 +16,7 @@
     <keyword>user authentication</keyword>
     <keyword>Cryptography and authentication (hashes and attacks against authentication schemes / passwords)</keyword>
   </CyBOK>
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>symmetric encryption and authentication</keyword>
     <keyword>MESSAGE AUTHENTICATION CODE (MAC)</keyword>
   </CyBOK>

scenarios/labs/labtainers/pubkey.xml

@@ -12,7 +12,7 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Schemes">
+  <CyBOK KA="AC" topic="Algorithms, Schemes and Protocols">
     <keyword>TLS</keyword>
   </CyBOK>
   <CyBOK KA="NS" topic="Internet Architecture">

scenarios/labs/labtainers/ssh-agent.xml

@@ -12,7 +12,7 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>public-key encryption</keyword>
     <keyword>public-key signatures</keyword>
   </CyBOK>

scenarios/labs/labtainers/sshlab.xml

@@ -12,7 +12,7 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>public-key encryption</keyword>
     <keyword>public-key signatures</keyword>
   </CyBOK>

scenarios/labs/labtainers/ssl.xml

@@ -12,7 +12,7 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Public-Key Cryptography">
+  <CyBOK KA="AC" topic="Public-Key Cryptography">
     <keyword>public-key encryption</keyword>
     <keyword>public-key signatures</keyword>
   </CyBOK>

scenarios/labs/labtainers/symkeylab.xml

@@ -12,11 +12,11 @@
   <type>lab-sheet</type>
   <difficulty>intermediate</difficulty>
 
-  <CyBOK KA="C" topic="Schemes">
+  <CyBOK KA="AC" topic="Algorithms, Schemes and Protocols">
     <keyword>AES</keyword>
   </CyBOK>
 
-  <CyBOK KA="C" topic="Symmetric Cryptography">
+  <CyBOK KA="AC" topic="Symmetric Cryptography">
     <keyword>symmetric primitives</keyword>
     <keyword>symmetric encryption and authentication</keyword>
   </CyBOK>

scenarios/labs/web_security/1_intro_web_security.xml

@@ -18,6 +18,25 @@ Throughout this lab, you will learn by doing, actively engaging in activities. A
     <type>lab-sheet</type>
     <difficulty>intermediate</difficulty>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>JAVASCRIPT</keyword>
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>CASCADING STYLE SHEETS (CSS)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>Broken Access Control / Insecure Direct Object References</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster" />

scenarios/labs/web_security/2_sessions_and_cookies.xml

@@ -16,6 +16,28 @@ Throughout the lab, you will learn to self-host PHP pages, use OWASP Zap to anal
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>cookies</keyword>
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>Broken Access Control / Insecure Direct Object References</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
+        <keyword>client-side storage</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/3_xss.xml

@@ -17,6 +17,35 @@ Throughout this lab, you will engage with various learning resources, including
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>cookies</keyword>
+        <keyword>JAVASCRIPT</keyword>
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
+        <keyword>client-side storage</keyword>
+        <keyword>CLIENT-SIDE VALIDATION</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>injection vulnerabilities</keyword>
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+        <keyword>CROSS-SITE SCRIPTING (XSS)</keyword>
+        <keyword>BACK-END</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Prevention of Vulnerabilities">
+        <keyword>coding practices</keyword>
+        <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/4_sqli.xml

@@ -17,6 +17,31 @@ Throughout this lab, you will engage in a series of tasks across various platfor
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>DATABASE</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>injection vulnerabilities</keyword>
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+        <keyword>SQL-INJECTION</keyword>
+        <keyword>BACK-END</keyword>
+        <keyword>BLIND ATTACKS</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Prevention of Vulnerabilities">
+        <keyword>coding practices</keyword>
+        <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/5_sqli_advanced.xml

@@ -17,6 +17,32 @@ Throughout the lab, you will engage with various vulnerable environments, includ
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>DATABASE</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>injection vulnerabilities</keyword>
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+        <keyword>COMMAND INJECTION</keyword>
+        <keyword>SQL-INJECTION</keyword>
+        <keyword>BACK-END</keyword>
+        <keyword>BLIND ATTACKS</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Prevention of Vulnerabilities">
+        <keyword>coding practices</keyword>
+        <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/6_csrf.xml

@@ -17,6 +17,39 @@ Throughout the lab, you will engage in hands-on tasks that mirror real-world sce
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>cookies</keyword>
+        <keyword>JAVASCRIPT</keyword>
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>DATABASE</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
+        <keyword>client-side storage</keyword>
+        <keyword>CLIENT-SIDE VALIDATION</keyword>
+        <keyword>clickjacking</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>injection vulnerabilities</keyword>
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+        <keyword>CROSS-SITE SCRIPTING (XSS)</keyword>
+        <keyword>CROSS-SITE REQUEST FORGERY (CSRF)</keyword>
+        <keyword>CONFUSED DEPUTY ATTACKS</keyword>
+        <keyword>BACK-END</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Prevention of Vulnerabilities">
+        <keyword>coding practices</keyword>
+        <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/7_additional_web.xml

@@ -15,6 +15,75 @@ Web and Network Security additional CTF challenges.
     <type>lab-environment</type>
     <type>ctf-lab</type>
 
+    <!-- TODO: update cybok -->
+    <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
+        <keyword>web PKI and HTTPS</keyword>
+        <keyword>authentication</keyword>
+        <keyword>ACCESS CONTROL</keyword>
+        <keyword>cookies</keyword>
+        <keyword>passwords and alternatives</keyword>
+        <keyword>JAVASCRIPT</keyword>
+        <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+        <keyword>CASCADING STYLE SHEETS (CSS)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP)</keyword>
+        <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+        <keyword>DATABASE</keyword>
+        <keyword>Broken Access Control / Insecure Direct Object References</keyword>
+        <keyword>SESSION HIJACKING</keyword>
+        <keyword>CERTIFICATES</keyword>
+        <keyword>REPRESENTATIONAL STATE TRANSFER (REST)</keyword>
+        <keyword>PERMISSION DIALOG BASED ACCESS CONTROL</keyword>
+        <keyword>CLIENT-SERVER MODELS</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
+        <keyword>client-side storage</keyword>
+        <keyword>CLIENT-SIDE VALIDATION</keyword>
+        <keyword>clickjacking</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+        <keyword>injection vulnerabilities</keyword>
+        <keyword>server-side misconfiguration and vulnerable components</keyword>
+        <keyword>CROSS-SITE SCRIPTING (XSS)</keyword>
+        <keyword>SAME ORIGIN POLICY (SOP)</keyword>
+        <keyword>COMMAND INJECTION</keyword>
+        <keyword>SQL-INJECTION</keyword>
+        <keyword>CROSS-SITE REQUEST FORGERY (CSRF)</keyword>
+        <keyword>CONFUSED DEPUTY ATTACKS</keyword>
+        <keyword>BACK-END</keyword>
+        <keyword>BLIND ATTACKS</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+        <keyword>Web vulnerabilities / OWASP Top 10</keyword>
+        <keyword>API vulnerabilities</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Prevention of Vulnerabilities">
+        <keyword>coding practices</keyword>
+        <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
+        <keyword>API design</keyword>
+    </CyBOK>
+    <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+        <keyword>dynamic detection</keyword>
+    </CyBOK>
+    <!-- labtainers -->
+    <CyBOK KA="SOIM" topic="Monitor: Data Sources">
+        <keyword>network traffic</keyword>
+    </CyBOK>
+    <CyBOK KA="F" topic="Main Memory Forensics">
+        <keyword>network connections</keyword>
+        <keyword>data recovery and file content carving</keyword>
+    </CyBOK>
+    <CyBOK KA="NS" topic="Network Defence Tools">
+        <keyword>FIREWALLS</keyword>
+        <keyword>IPTables</keyword>
+        <keyword>VIRTUAL - PRIVATE NETWORK (VPN)</keyword>
+    </CyBOK>
+    <CyBOK KA="NS" topic="Internet Architecture">
+        <keyword>network layer security</keyword>
+    </CyBOK>
+    <CyBOK KA="WAM" topic="FIREWALLS">
+        <keyword>FIREWALLS</keyword>
+    </CyBOK>
+    
     <system>
         <system_name>web_server</system_name>
         <base distro="Debian 10 Buster amd64" />

scenarios/labs/web_security/websec_lab.xml

@@ -15,14 +15,21 @@
   <CyBOK KA="WAM" topic="Fundamental Concepts and Approaches">
     <keyword>web PKI and HTTPS</keyword>
     <keyword>authentication</keyword>
+    <keyword>ACCESS CONTROL</keyword>
     <keyword>cookies</keyword>
     <keyword>passwords and alternatives</keyword>
-    <keyword>JAVASCRIPT / HYPERTEXT MARKUP LANGUAGE (HTML) / CASCADING STYLE SHEETS (CSS) / HYPERTEXT TRANSFER PROTOCOL (HTTP)
-    COOKIES</keyword>
+    <keyword>JAVASCRIPT</keyword>
+    <keyword>HYPERTEXT MARKUP LANGUAGE (HTML)</keyword>
+    <keyword>CASCADING STYLE SHEETS (CSS)</keyword>
+    <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP)</keyword>
     <keyword>HYPERTEXT TRANSFER PROTOCOL (HTTP) - PROXYING</keyword>
+    <keyword>DATABASE</keyword>
     <keyword>Broken Access Control / Insecure Direct Object References</keyword>
     <keyword>SESSION HIJACKING</keyword>
+    <keyword>CERTIFICATES</keyword>
     <keyword>REPRESENTATIONAL STATE TRANSFER (REST)</keyword>
+    <keyword>PERMISSION DIALOG BASED ACCESS CONTROL</keyword>
+    <keyword>CLIENT-SERVER MODELS</keyword>
   </CyBOK>
   <CyBOK KA="WAM" topic="Client-Side Vulnerabilities and Mitigations">
     <keyword>client-side storage</keyword>
@@ -38,6 +45,8 @@
     <keyword>SQL-INJECTION</keyword>
     <keyword>CROSS-SITE REQUEST FORGERY (CSRF)</keyword>
     <keyword>CONFUSED DEPUTY ATTACKS</keyword>
+    <keyword>BACK-END</keyword>
+    <keyword>BLIND ATTACKS</keyword>
   </CyBOK>
   <CyBOK KA="SS" topic="Categories of Vulnerabilities">
     <keyword>Web vulnerabilities / OWASP Top 10</keyword>
@@ -48,6 +57,28 @@
     <keyword>Protecting against session management attacks, XSS, SQLi, CSRF</keyword>
     <keyword>API design</keyword>
   </CyBOK>
+  <CyBOK KA="SS" topic="Detection of Vulnerabilities">
+      <keyword>dynamic detection</keyword>
+  </CyBOK>
+  <!-- labtainers -->
+  <CyBOK KA="SOIM" topic="Monitor: Data Sources">
+      <keyword>network traffic</keyword>
+  </CyBOK>
+  <CyBOK KA="F" topic="Main Memory Forensics">
+      <keyword>network connections</keyword>
+      <keyword>data recovery and file content carving</keyword>
+  </CyBOK>
+  <CyBOK KA="NS" topic="Network Defence Tools">
+      <keyword>FIREWALLS</keyword>
+      <keyword>IPTables</keyword>
+      <keyword>VIRTUAL - PRIVATE NETWORK (VPN)</keyword>
+  </CyBOK>
+  <CyBOK KA="NS" topic="Internet Architecture">
+      <keyword>network layer security</keyword>
+  </CyBOK>
+  <CyBOK KA="WAM" topic="FIREWALLS">
+      <keyword>FIREWALLS</keyword>
+  </CyBOK>
 
   <system>
     <system_name>kali</system_name>