From 9cf588c9cd538b0bb92e6d2a4447ad2732e98b2b Mon Sep 17 00:00:00 2001
From: "Z. Cliffe Schreuders" <code.cliffe@schreuders.org>
Date: Thu, 6 Jan 2022 13:21:21 +0000
Subject: [PATCH] update lecture videos

---
 .../5_linux_stack_bof.xml                     | 26 ++++++++++++++----
 .../6_linux_nx_bypass.xml                     | 23 ++++------------
 .../7_linux_aslr_bypass.xml                   | 24 +++++++++++++++++
 .../8_linux_bof_format.xml                    | 27 -------------------
 4 files changed, 50 insertions(+), 50 deletions(-)

diff --git a/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml b/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml
index 0ceac0489..b6bc6007b 100644
--- a/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml
+++ b/scenarios/labs/software_security_exploitation/5_linux_stack_bof.xml
@@ -26,13 +26,29 @@
   </CyBOK>
 
   <video>
-    <title>Secure Design Principles</title>
+    <title>Threat modeling using STRIDE and Attack Trees</title>
     <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/ywLXfSR5YWk</url>
+    <url>https://youtu.be/oi_CfBe_umU</url>
     <type>lecture-prerecorded</type>
-    <CyBOK KA="OSV" topic="OS Security Principles">
-      <keyword>Saltzer and Schroeder’s principles</keyword>
-      <keyword>newer principles</keyword>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+    </CyBOK>
+    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
+      <keyword>THREAT MODEL</keyword>
+      <keyword>ATTACK TREES</keyword>
+    </CyBOK>
+  </video>
+  <video>
+    <title>STRIDE Threat Modeling using Microsoft Threat Modeling Tool</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/Wry2get_RRc</url>
+    <type>demo-prerecorded</type>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+    </CyBOK>
+    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
+      <keyword>THREAT MODEL</keyword>
+      <keyword>ATTACK TREES</keyword>
     </CyBOK>
   </video>
 
diff --git a/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml b/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml
index 229d78526..7cfecf2cc 100644
--- a/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml
+++ b/scenarios/labs/software_security_exploitation/6_linux_nx_bypass.xml
@@ -32,26 +32,13 @@
   </CyBOK>
 
   <video>
-    <title>Secure Development Lifecycles</title>
+    <title>Secure Design Principles</title>
     <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/v2rChKDAmFg</url>
+    <url>https://youtu.be/ywLXfSR5YWk</url>
     <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Motivations for Secure Software Lifecycle">
-      <keyword>vulnerabilities can be exploited without being noticed</keyword>
-    </CyBOK>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-      <keyword>SAFECode</keyword>
-      <keyword>Touchpoints</keyword>
-    </CyBOK>
-  </video>
-  <video>
-    <title>Open source development and security practices</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/xwsBaNQZozg</url>
-    <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Open source secure development</keyword>
+    <CyBOK KA="OSV" topic="OS Security Principles">
+      <keyword>Saltzer and Schroeder’s principles</keyword>
+      <keyword>newer principles</keyword>
     </CyBOK>
   </video>
 
diff --git a/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml b/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml
index 72100628b..40a59f6aa 100644
--- a/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml
+++ b/scenarios/labs/software_security_exploitation/7_linux_aslr_bypass.xml
@@ -31,6 +31,30 @@
     <keyword>Mitigation bypass: ASLR</keyword>
   </CyBOK>
 
+  <video>
+    <title>Secure Development Lifecycles</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/v2rChKDAmFg</url>
+    <type>lecture-prerecorded</type>
+    <CyBOK KA="SSL" topic="Motivations for Secure Software Lifecycle">
+      <keyword>vulnerabilities can be exploited without being noticed</keyword>
+    </CyBOK>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Microsoft SDL</keyword>
+      <keyword>SAFECode</keyword>
+      <keyword>Touchpoints</keyword>
+    </CyBOK>
+  </video>
+  <video>
+    <title>Open source development and security practices</title>
+    <by>Z. Cliffe Schreuders</by>
+    <url>https://youtu.be/xwsBaNQZozg</url>
+    <type>lecture-prerecorded</type>
+    <CyBOK KA="SSL" topic="Prescriptive Processes">
+      <keyword>Open source secure development</keyword>
+    </CyBOK>
+  </video>
+
   <system>
     <system_name>metactf_desktop</system_name>
     <base platform="linux" type="desktop" distro="Buster"/>
diff --git a/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml b/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml
index 9ca07427a..3103900af 100644
--- a/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml
+++ b/scenarios/labs/software_security_exploitation/8_linux_bof_format.xml
@@ -26,33 +26,6 @@
     <keyword>Metasploit Framework development</keyword>
   </CyBOK>
 
-  <video>
-    <title>Threat modeling using STRIDE and Attack Trees</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/oi_CfBe_umU</url>
-    <type>lecture-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-    </CyBOK>
-    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
-      <keyword>THREAT MODEL</keyword>
-      <keyword>ATTACK TREES</keyword>
-    </CyBOK>
-  </video>
-  <video>
-    <title>STRIDE Threat Modeling using Microsoft Threat Modeling Tool</title>
-    <by>Z. Cliffe Schreuders</by>
-    <url>https://youtu.be/Wry2get_RRc</url>
-    <type>demo-prerecorded</type>
-    <CyBOK KA="SSL" topic="Prescriptive Processes">
-      <keyword>Microsoft SDL</keyword>
-    </CyBOK>
-    <CyBOK KA="RMG" topic="THREAT ANALYSIS">
-      <keyword>THREAT MODEL</keyword>
-      <keyword>ATTACK TREES</keyword>
-    </CyBOK>
-  </video>
-
   <system>
     <system_name>metactf_desktop</system_name>
     <base platform="linux" type="desktop" distro="Buster"/>