update lecture videos

2026-02-21 11:18:06 +00:00 · 2022-01-06 13:21:21 +00:00
parent f34e3e9cd0
commit 9cf588c9cd
4 changed files with 50 additions and 50 deletions
--- a/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml
+++ b/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml
@@ -26,13 +26,29 @@
  </CyBOK>

  <video>
-    <title>Secure Design Principles</title>
+    <title>Threat modeling using STRIDE and Attack Trees</title>
    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/ywLXfSR5YWk</url>
+    <url>https://youtu.be/oi_CfBe_umU</url>
    <type>lecture-prerecorded</type>
-    <CyBOK KA="OSV" topic="OS Security Principles">
-      <keyword>Saltzer and Schroeder’s principles</keyword>
-      <keyword>newer principles</keyword>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+    </CyBOK>
+    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
+      <keyword>THREAT MODEL</keyword>
+      <keyword>ATTACK TREES</keyword>
+    </CyBOK>
+  </video>
+  <video>
+    <title>STRIDE Threat Modeling using Microsoft Threat Modeling Tool</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/Wry2get_RRc</url>
+    <type>demo-prerecorded</type>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+    </CyBOK>
+    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
+      <keyword>THREAT MODEL</keyword>
+      <keyword>ATTACK TREES</keyword>
    </CyBOK>
  </video>

--- a/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml
+++ b/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml
@@ -32,26 +32,13 @@
  </CyBOK>

  <video>
-    <title>Secure Development Lifecycles</title>
+    <title>Secure Design Principles</title>
    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/v2rChKDAmFg</url>
+    <url>https://youtu.be/ywLXfSR5YWk</url>
    <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Motivations for Secure Software Lifecycle">
-      <keyword>vulnerabilities can be exploited without being noticed</keyword>
-    </CyBOK>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-      <keyword>SAFECode</keyword>
-      <keyword>Touchpoints</keyword>
-    </CyBOK>
-  </video>
-  <video>
-    <title>Open source development and security practices</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/xwsBaNQZozg</url>
-    <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Open source secure development</keyword>
+    <CyBOK KA="OSV" topic="OS Security Principles">
+      <keyword>Saltzer and Schroeder’s principles</keyword>
+      <keyword>newer principles</keyword>
    </CyBOK>
  </video>

--- a/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml
+++ b/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml
@@ -31,6 +31,30 @@
    <keyword>Mitigation bypass: ASLR</keyword>
  </CyBOK>

+  <video>
+    <title>Secure Development Lifecycles</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/v2rChKDAmFg</url>
+    <type>lecture-prerecorded</type>
+    <CyBOK KA="SSL" topic="Motivations for Secure Software Lifecycle">
+      <keyword>vulnerabilities can be exploited without being noticed</keyword>
+    </CyBOK>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+      <keyword>SAFECode</keyword>
+      <keyword>Touchpoints</keyword>
+    </CyBOK>
+  </video>
+  <video>
+    <title>Open source development and security practices</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/xwsBaNQZozg</url>
+    <type>lecture-prerecorded</type>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Open source secure development</keyword>
+    </CyBOK>
+  </video>
+
  <system>
    <system_name>metactf_desktop</system_name>
    <base platform="linux" type="desktop" distro="Buster"/>
--- a/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml
+++ b/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml
@@ -26,33 +26,6 @@
    <keyword>Metasploit Framework development</keyword>
  </CyBOK>

-  <video>
-    <title>Threat modeling using STRIDE and Attack Trees</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/oi_CfBe_umU</url>
-    <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-    </CyBOK>
-    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
-      <keyword>THREAT MODEL</keyword>
-      <keyword>ATTACK TREES</keyword>
-    </CyBOK>
-  </video>
-  <video>
-    <title>STRIDE Threat Modeling using Microsoft Threat Modeling Tool</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/Wry2get_RRc</url>
-    <type>demo-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-    </CyBOK>
-    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
-      <keyword>THREAT MODEL</keyword>
-      <keyword>ATTACK TREES</keyword>
-    </CyBOK>
-  </video>
-
  <system>
    <system_name>metactf_desktop</system_name>
    <base platform="linux" type="desktop" distro="Buster"/>