mirror of https://github.com/cliffe/SecGen.git synced 2026-02-20 13:50:45 +00:00

Files

Z. Cliffe Schreuders 878ebf9c92 CyBOK

2021-04-27 01:29:35 +01:00

128 KiB

Raw Blame History

SecGen Lab Scenarios and CyBOK

The Cyber Security Body of Knowledge (CyBOK) is a body of knowledge that aims to encapsulate the various knowledge areas present within cyber security. Scenarios within SecGen now contain XML elements linking them to CyBOK knowledge areas and specific topics within those knowledge areas. Additionally, video content and readings for each scenario are tagged with their CyBOK associations.

This file is an autogenerated index and cross referencing of the 91 SecGen scenarios that have CyBOK metadata (mostly practical labs) .

You can browse the list below in terms of the CyBOK Knowledge Areas, and Topics. The list of scenarios in the second half of this document includes keywords (also known as "indicative topics" in CyBOK terminology).

The all lowercase topics and keywords are provided by NCSC for CyBOK mapping, while all caps indicates it is taken from the CyBOK mapping reference, mixed case keywords are ones that we have added.

Cyber Securtiy Body of Knowledge (CyBOK) Issue 1.0 is Crown Copyright, The National Cyber Security Centre 2021, licensed under the Open Government Licence http://www.nationalarchives.gov.uk/doc/open-government-licence/.

Scenarios Indexed By CyBOK Knowledge Area (KA)

Authentication, Authorisation & Accountability (AAA)

AAA Scenarios

AAA Scenarios by Topics

Topic	Scenario
Authentication	labs/authentication_and_access_controls/ads_1_authentication.xml labs/authentication_and_access_controls/ads_2_pam.xml labs/labtainers/file-integrity.xml labs/labtainers/ldap.xml labs/labtainers/macs-hash.xml labs/labtainers/onewayhash.xml labs/labtainers/radius.xml
Authorisation	labs/authentication_and_access_controls/ads_3_access_controls.xml labs/authentication_and_access_controls/ads_4_suid.xml labs/authentication_and_access_controls/ads_5_facls.xml labs/authentication_and_access_controls/ads_6_containers.xml labs/authentication_and_access_controls/ads_7_apparmor.xml labs/labtainers/acl-hackerbot-flags.xml labs/labtainers/acl.xml labs/labtainers/ldap.xml labs/labtainers/nix-commands.xml labs/labtainers/setuid-env.xml labs/response_and_investigation/1_integrity_protection.xml
Accountability	labs/response_and_investigation/7_live_analysis.xml labs/response_and_investigation/8_dead_analysis.xml

(OSVS)

OSVS Scenarios

labs/authentication_and_access_controls/ads_1_authentication.xml
labs/authentication_and_access_controls/ads_2_pam.xml
labs/authentication_and_access_controls/ads_3_access_controls.xml
labs/authentication_and_access_controls/ads_4_suid.xml
labs/authentication_and_access_controls/ads_5_facls.xml
labs/authentication_and_access_controls/ads_6_containers.xml
labs/authentication_and_access_controls/ads_7_apparmor.xml
labs/labtainers/acl-hackerbot-flags.xml
labs/labtainers/acl.xml
labs/labtainers/capabilities.xml
labs/labtainers/setuid-env.xml
labs/response_and_investigation/1_integrity_protection.xml
labs/response_and_investigation/2_integrity_detection.xml
labs/response_and_investigation/7_live_analysis.xml

OSVS Scenarios by Topics

Topic	Scenario
Primitives for Isolation and Mediation	labs/authentication_and_access_controls/ads_1_authentication.xml labs/authentication_and_access_controls/ads_2_pam.xml labs/authentication_and_access_controls/ads_3_access_controls.xml labs/authentication_and_access_controls/ads_4_suid.xml labs/authentication_and_access_controls/ads_5_facls.xml labs/authentication_and_access_controls/ads_6_containers.xml labs/authentication_and_access_controls/ads_7_apparmor.xml labs/labtainers/acl-hackerbot-flags.xml labs/labtainers/acl.xml labs/labtainers/capabilities.xml labs/labtainers/setuid-env.xml labs/response_and_investigation/1_integrity_protection.xml
Role of Operating Systems	labs/authentication_and_access_controls/ads_3_access_controls.xml labs/authentication_and_access_controls/ads_6_containers.xml labs/labtainers/acl-hackerbot-flags.xml labs/labtainers/acl.xml
OS Hardening	labs/response_and_investigation/2_integrity_detection.xml labs/response_and_investigation/7_live_analysis.xml

(WMS)

WMS Scenarios

labs/authentication_and_access_controls/ads_6_containers.xml
labs/labtainers/sql-inject.xml
labs/web_security/websec_lab.xml

WMS Scenarios by Topics

Topic	Scenario
Fundamental Concepts and Approaches	labs/authentication_and_access_controls/ads_6_containers.xml labs/web_security/websec_lab.xml
Server-Side Vulnerabilities and Mitigations	labs/labtainers/sql-inject.xml labs/web_security/websec_lab.xml
Client-Side Vulnerabilities and Mitigations	labs/web_security/websec_lab.xml

Software Security (SS)

SS Scenarios

SS Scenarios by Topics

Topic	Scenario
Mitigating Exploitation	labs/authentication_and_access_controls/ads_7_apparmor.xml labs/labtainers/bufoverflow.xml labs/labtainers/retlibc.xml labs/software_security_exploitation/7_linux_nx_bypass.xml labs/software_security_exploitation/8_linux_aslr_bypass.xml
Categories of Vulnerabilities	labs/introducing_attacks/6_exploitation.xml labs/labtainers/bufoverflow.xml labs/labtainers/formatstring.xml labs/labtainers/retlibc.xml labs/labtainers/sql-inject.xml labs/software_security_exploitation/1_c_asm_iof.xml labs/software_security_exploitation/2_race_conditions_format_str.xml labs/software_security_exploitation/4_exploit_development.xml labs/software_security_exploitation/5_linux_bof_format.xml labs/software_security_exploitation/6_linux_stack_bof.xml labs/software_security_exploitation/7_linux_nx_bypass.xml labs/software_security_exploitation/8_linux_aslr_bypass.xml labs/web_security/websec_lab.xml
Authentication	labs/labtainers/pass-crack.xml
Prevention of Vulnerabilities	labs/labtainers/sql-inject.xml labs/software_security_exploitation/1_c_asm_iof.xml labs/software_security_exploitation/2_race_conditions_format_str.xml labs/web_security/websec_lab.xml
Detection of Vulnerabilities	labs/software_security_exploitation/3_bug_hunting_and_fuzzing.xml

Network Security (NS)

NS Scenarios

NS Scenarios by Topics

Topic	Scenario
Network Protocols and Vulnerability	labs/introducing_attacks/1_intro_linux.xml labs/labtainers/arp-spoof.xml labs/labtainers/local-dns.xml labs/labtainers/remote-dns.xml
PENETRATION TESTING	labs/introducing_attacks/4_dns_footprinting.xml labs/introducing_attacks/5_scanning.xml labs/labtainers/nix-commands.xml labs/labtainers/nmap-discovery.xml labs/labtainers/nmap-ssh.xml
Network Defence Tools	labs/labtainers/denyhost.xml labs/labtainers/dmz-example.xml labs/labtainers/dmz-lab.xml labs/labtainers/iptables-ics.xml labs/labtainers/iptables.xml labs/labtainers/iptables2.xml labs/labtainers/snort.xml labs/response_and_investigation/4_ids.xml labs/response_and_investigation/5_ids_rules.xml labs/response_and_investigation/6_exfiltration_detection.xml
Internet Architecture	labs/labtainers/iptables-ics.xml labs/labtainers/iptables.xml labs/labtainers/iptables2.xml labs/labtainers/pubkey.xml labs/labtainers/radius.xml labs/labtainers/routing-basics.xml labs/labtainers/routing-basics2.xml
OSI (OPEN SYSTEM INTERCONNECT) MODEL	labs/labtainers/pcapanalysis.xml

Security Operations & Incident Management (SOIM)

SOIM Scenarios

SOIM Scenarios by Topics

Topic	Scenario
PENETRATION TESTING	labs/introducing_attacks/1_intro_linux.xml labs/introducing_attacks/2_malware_msf_payloads.xml labs/introducing_attacks/3_vulnerabilities.xml labs/introducing_attacks/4_dns_footprinting.xml labs/introducing_attacks/5_scanning.xml labs/introducing_attacks/6_exploitation.xml labs/introducing_attacks/7_post-exploitation.xml labs/introducing_attacks/8_vulnerability_analysis.xml labs/labtainers/metasploit.xml
Monitor: Data Sources	labs/labtainers/arp-spoof.xml labs/labtainers/capabilities.xml labs/labtainers/centos-log.xml labs/labtainers/centos-log2.xml labs/labtainers/cyberciege.xml labs/labtainers/file-integrity.xml labs/labtainers/ldap.xml labs/labtainers/packet-introspection.xml labs/labtainers/pcapanalysis.xml labs/labtainers/snort.xml labs/response_and_investigation/2_integrity_detection.xml labs/response_and_investigation/4_ids.xml labs/response_and_investigation/5_ids_rules.xml labs/response_and_investigation/6_exfiltration_detection.xml
Execute: Mitigation and Countermeasures	labs/labtainers/backups.xml labs/labtainers/backups2.xml labs/labtainers/denyhost.xml labs/labtainers/snort.xml labs/response_and_investigation/3_backups_and_recovery.xml labs/response_and_investigation/4_ids.xml
INCIDENT RESPONSE	labs/labtainers/backups.xml labs/labtainers/backups2.xml
CM (CONFIGURATION MANAGEMENT)	labs/labtainers/denyhost.xml labs/labtainers/nmap-ssh.xml
Analyse: Analysis Methods	labs/labtainers/snort.xml labs/response_and_investigation/4_ids.xml labs/response_and_investigation/5_ids_rules.xml labs/response_and_investigation/6_exfiltration_detection.xml

Malware & Attack Technology (MAT)

MAT Scenarios

MAT Scenarios by Topics

Topic	Scenario
Malware Taxonomy	labs/introducing_attacks/2_malware_msf_payloads.xml labs/software_and_malware_analysis/1_dynamic_and_static_analysis.xml labs/software_and_malware_analysis/9_malware_behaviour.xml
Malware Analysis	labs/introducing_attacks/2_malware_msf_payloads.xml labs/labtainers/gdblesson.xml labs/labtainers/ida.xml labs/software_and_malware_analysis/1_dynamic_and_static_analysis.xml labs/software_and_malware_analysis/3_c_and_asm.xml labs/software_and_malware_analysis/4_asm.xml labs/software_and_malware_analysis/5_ghidra.xml labs/software_and_malware_analysis/6_ghidra_analysis.xml labs/software_and_malware_analysis/6_ghidra_with_live_malware_samples.xml labs/software_and_malware_analysis/7_dynamic.xml labs/software_and_malware_analysis/8_anti_sre.xml labs/software_and_malware_analysis/9_malware_behaviour.xml
Attacks and exploitation	labs/introducing_attacks/2_malware_msf_payloads.xml labs/introducing_attacks/3_vulnerabilities.xml labs/introducing_attacks/6_exploitation.xml labs/introducing_attacks/7_post-exploitation.xml labs/introducing_attacks/8_vulnerability_analysis.xml labs/labtainers/bufoverflow.xml labs/labtainers/formatstring.xml labs/labtainers/metasploit.xml labs/labtainers/retlibc.xml labs/software_security_exploitation/4_exploit_development.xml labs/software_security_exploitation/5_linux_bof_format.xml labs/software_security_exploitation/6_linux_stack_bof.xml labs/software_security_exploitation/7_linux_nx_bypass.xml labs/software_security_exploitation/8_linux_aslr_bypass.xml
Malicious Activities by Malware	labs/introducing_attacks/5_scanning.xml labs/introducing_attacks/6_exploitation.xml labs/introducing_attacks/7_post-exploitation.xml labs/labtainers/metasploit.xml
MALCODE/MALWARE	labs/labtainers/acl-hackerbot-flags.xml labs/labtainers/acl.xml
Malware Detection	labs/labtainers/snort.xml labs/response_and_investigation/4_ids.xml labs/response_and_investigation/5_ids_rules.xml labs/response_and_investigation/7_live_analysis.xml labs/response_and_investigation/8_dead_analysis.xml

Forensics (F)

F Scenarios

labs/labtainers/file-deletion.xml
labs/labtainers/file-integrity.xml
labs/labtainers/macs-hash.xml
labs/labtainers/onewayhash.xml
labs/labtainers/packet-introspection.xml
labs/labtainers/pass-crack.xml
labs/labtainers/pcapanalysis.xml
labs/response_and_investigation/2_integrity_detection.xml
labs/response_and_investigation/6_exfiltration_detection.xml
labs/response_and_investigation/7_live_analysis.xml
labs/response_and_investigation/8_dead_analysis.xml

F Scenarios by Topics

Topic	Scenario
Operating System Analysis	labs/labtainers/file-deletion.xml labs/labtainers/file-integrity.xml labs/response_and_investigation/8_dead_analysis.xml
Artifact Analysis	labs/labtainers/macs-hash.xml labs/labtainers/onewayhash.xml labs/labtainers/pass-crack.xml labs/response_and_investigation/2_integrity_detection.xml labs/response_and_investigation/6_exfiltration_detection.xml
Main Memory Forensics	labs/labtainers/packet-introspection.xml labs/labtainers/pcapanalysis.xml labs/response_and_investigation/7_live_analysis.xml

Cyber-Physical Systems Security (CPS)

CPS Scenarios

labs/labtainers/iptables-ics.xml
labs/labtainers/plc-app.xml
labs/labtainers/plc-forensics-adv.xml
labs/labtainers/plc-forensics.xml
labs/labtainers/plc.xml
labs/labtainers/softplc.xml
labs/labtainers/softplc2.xml
labs/labtainers/ssl.xml

CPS Scenarios by Topics

Topic	Scenario
Cyber-Physical Systems Domains	labs/labtainers/iptables-ics.xml labs/labtainers/plc-app.xml labs/labtainers/plc-forensics-adv.xml labs/labtainers/plc-forensics.xml labs/labtainers/plc.xml labs/labtainers/softplc.xml labs/labtainers/softplc2.xml labs/labtainers/ssl.xml
Cyber-Physical Systems	labs/labtainers/iptables-ics.xml labs/labtainers/plc-app.xml labs/labtainers/plc-forensics-adv.xml labs/labtainers/plc-forensics.xml labs/labtainers/plc.xml labs/labtainers/softplc.xml labs/labtainers/softplc2.xml labs/labtainers/ssl.xml

Web & Mobile Security (WAM)

WAM Scenarios

labs/labtainers/iptables-ics.xml
labs/labtainers/iptables.xml
labs/labtainers/iptables2.xml

WAM Scenarios by Topics

Topic	Scenario
FIREWALLS	labs/labtainers/iptables-ics.xml labs/labtainers/iptables.xml labs/labtainers/iptables2.xml

Cryptography (C)

C Scenarios

labs/labtainers/macs-hash.xml
labs/labtainers/onewayhash.xml
labs/labtainers/pubkey.xml
labs/labtainers/ssh-agent.xml
labs/labtainers/sshlab.xml
labs/labtainers/ssl.xml

C Scenarios by Topics

Topic	Scenario
Public-Key Cryptography	labs/labtainers/macs-hash.xml labs/labtainers/onewayhash.xml labs/labtainers/ssh-agent.xml labs/labtainers/sshlab.xml labs/labtainers/ssl.xml
Schemes	labs/labtainers/pubkey.xml

Human Factors (HF)

HF Scenarios

labs/labtainers/ssl.xml

HF Scenarios by Topics

Topic	Scenario
Fitting the Task to the Human	labs/labtainers/ssl.xml

Scenario CyBOK Keywords

labs/authentication_and_access_controls/ads_1_authentication.xml

Details

Key	Data
Name	Authentication lab
Description	Lecture Slides here Reading Chapter 11 "Authentication": Bishop, M. (2004), Introduction to Computer Security, Addison-Wesley. (ISBN-10: 0321247442) Lab A Hackerbot lab. Work through the lab instructions, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/2I_JSdTu-oI; https://youtu.be/pGcJEML1mRo; https://youtu.be/icC2Zrno_uM; https://youtu.be/Wrg6XZu6Luw
VM names	desktop; server; hackerbot_server; kali_cracker

CyBOK KAs, Topics, and Keywords

KA	Topic	Keywords
Authentication, Authorisation & Accountability (AAA)	Authentication	identity management; user authentication; facets of authentication; Cryptography and authentication (hashes and attacks against authentication schemes / passwords)

Command to start scenario:

ruby secgen.rb -s scenario/labs/authentication_and_access_controls/ads_1_authentication.xml run

Key	Data
Name	Pluggable Authentication Modules lab
Description	Lecture Watch authentication part 3 Slides continued here Reading Chapter 4 "Users, Passwords, and Authentication": Garfinkel, S. Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234) Lab A short lab this week, exploring PAM. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/z4L6Yv5ry1A; https://youtu.be/-zcnfmoLjYI; https://youtu.be/xHs3LB4Yyrk; https://youtu.be/c2dPdQmaVyo; https://youtu.be/dCBabesIXo8; https://youtu.be/rhdcxhSDqp4; https://youtu.be/PCXK2cK8tpE
VM names	desktop; server; hackerbot_server

Key	Data
Name	Access Controls lab
Description	Lecture Watch access controls part 1 Slides here Reading Chapter 1 "Foundations of Security and Access Control in Computing": Benantar, M. (2006), Access Control Systems: Security, Identity Management and Trust Models, Springer. (ISBN-10: 0387004459) Lab A Hackerbot lab. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/yWJyZEFbchQ; https://youtu.be/i0kO_3ExJv4
VM names	shared_desktop; server; hackerbot_server

Key	Data
Name	Set User ID lab
Description	Lecture Watch access controls part 2 Slides continued here Reading Chapter 6 "Filesystems and Security": Garfinkel, S. Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234) Lab A Hackerbot lab. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/viSkkNB777k; https://youtu.be/PGHsb3bg_h4
VM names	shared_desktop; server; hackerbot_server

Key	Data
Name	Access Control Lists (ACLs) lab
Description	Lecture Watch access controls part 3 Slides continued here Reading Grunbacher, Andreas. "POSIX Access Control Lists on Linux." USENIX Annual Technical Conference, FREENIX Track. 2003. Lab A Hackerbot lab. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/Bn3NJhgmdLk; https://youtu.be/OT7ifs8PkHI
VM names	shared_desktop; server; hackerbot_server

Key	Data
Name	Containers lab
Description	Lecture Sandboxing Slides here Reading Z. C. Schreuders, T. McGill, and C. Payne, "The State of the Art of Application Restrictions and Sandboxes: A Survey of Application-oriented Access Controls and their Shortfalls," Computers and Security, Volume 32, Elsevier B.V., 2013. DOI: 10.1016/j.cose.2012.09.007 Lab A Hackerbot lab. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/f4yBcKkb12g
VM names	desktop; hackerbot_server; chroot_esc_server; docker_esc_server

Key	Data
Name	AppArmor lab
Description	Lecture Rule-based sandboxes Mobile device sandboxes Slides continued here Lectures for the next two weeks Secure software development Secure design principles Slides Lab A Hackerbot lab. Work through the labsheet, then when prompted interact with Hackerbot.
Type	ctf-lab; hackerbot-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos	https://youtu.be/Xgs5akM6ayc
VM names	desktop; hackerbot_server

Key	Data
Name	Introduction to Linux and Security lab
Description	Introduction This topic covers lots of ground regarding fundamentals of Linux and free open source software (FOSS). Lecture Slides here Reading Chapters 1 "Introduction" and 2 "Unix History and Lineage": Garfinkel, S. and Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234) Suggested: Chapter 1 "An Overview of Computer Security": Bishop, M. (2005), Introduction to Computer Security, Addison-Wesley. (ISBN-10: 0321247442) Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop; kali

Key	Data
Name	Malware and an Introduction to Metasploit and Payloads
Description	Introduction This week we will cover the ever present danger of malicious code, the problems with the traditional approaches such as anti-malware, and you will try your hand at using the Metasploit Framework to create a Trojan horse program. Lecture Slides here Reading Chapter 23 "Protecting Against Programmed Threats": Garfinkel, S. and Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234) Available online via the library Suggested: Chapter 3 "Program Security": Pfleeger, C.P. and Pfleeger, S.L. (2007), Security in Computing, Prentice Hall. (ISBN-10: 0132390779) Chapter 19 "Malicious Logic": Bishop, M. (2005), Introduction to Computer Security, Addison-Wesley. (ISBN-10: 0321247442) Lab Lab sheet here.
Type	lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	windows_victim; kali

Key	Data
Name	Vulnerabilities, Exploits, and Remote Access Payloads
Description	Introduction This week we will cover one of the major threats in computer security: software vulnerabilities. You will learn about the danger these pose, and start to learn about the power of the Metasploit framework, a popular hacking and penetration testing tool. You will learn and apply a number of important concepts such as payloads, shell code, bind and reverse shells, and both remote and local (client-side) exploits. Lecture Slides here Reading Chapter 8: Using Metasploit. Harper, A. and Harris, S. and Ness, J. and Eagle, C. and Lenkey, G, and Williams, T. (2011), Gray hat hacking : the ethical hacker's handbook, McGraw-Hill. (ISBN: 978-0-07-174256-6) Available online via the library Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	windows_victim; linux_victim_server; kali

Key	Data
Name	Information Gathering: Footprinting
Description	Introduction The topic of information gathering spans two weeks, and covers practical steps that an attacker needs to take in order to attack a system, starting with footprinting (discovering systems to attack) and scanning (learning more about the systems such as what kinds of attacks they are vulnerable to). Lecture Slides here Reading Part I Casing the establishment. McClure, S. and Scambray, J. and Kurtz, G. (2009), Hacking exposed, McGraw-Hill. (ISBN: 978-0-07-161375-0) Available online via the library Lab Lab sheet here.
Type	lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	kali

Key	Data
Name	Information Gathering: Scanning
Description	Introduction This week we learn how to scan networks to get an understanding of and to map out a network. Scanning is a critical stage for an attacker, since it can give them the information they need in order to launch an attack. Reading Chapter 2 Reconnaissance and Chapter 3 Scanning. Engebretson, P. (2011), The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, Elsevier Inc. (ISBN: 978-1-59749-655-1) Available online via the library Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	linux_victim_server; kali

Key	Data
Name	From Scanning to Exploitation
Description	Introduction This week we learn how we can scan networks to discover vulnerable services, and exploit them. Reading Chapter 2 Reconnaissance and Chapter 3 Scanning. Engebretson, P. (2011), The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, Elsevier Inc. (ISBN: 978-1-59749-655-1) Available online via the library Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	windows_server; linux_server; kali

Key	Data
Name	Post-exploitation
Description	Introduction Once an attacker has a foothold in a system, they can misuse the privileges they have “appropriated” to take actions on the system, or go on to try to gain even more access on this or other connected systems. You will learn the skills used by an attacker or security tester, to take action once an expliot has been successful. Suggested reading An excellent resource is Metaploit Unleashed. Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	windows_server; linux_server; kali

Key	Data
Name	Vulnerability Analysis
Description	Introduction It is important for organisations to manage the security of their systems and for security professionals to efficiently scan networks for vulnerabilities. Lab Lab sheet here.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	linux_server; kali

Key	Data
Name	Labtainers lab: acl
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop; hackerbot_server

Key	Data
Name	Labtainers lab: arp-spoof
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: backups
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: backups2
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: bufoverflow
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: capabilities
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

128 KiB Raw Blame History

SecGen Lab Scenarios and CyBOK

Scenarios Indexed By CyBOK Knowledge Area (KA)

Authentication, Authorisation & Accountability (AAA)

AAA Scenarios

AAA Scenarios by Topics

(OSVS)

OSVS Scenarios

OSVS Scenarios by Topics

(WMS)

WMS Scenarios

WMS Scenarios by Topics

Software Security (SS)

SS Scenarios

SS Scenarios by Topics

Network Security (NS)

NS Scenarios

NS Scenarios by Topics

Security Operations & Incident Management (SOIM)

SOIM Scenarios

SOIM Scenarios by Topics

Malware & Attack Technology (MAT)

MAT Scenarios

MAT Scenarios by Topics

Forensics (F)

F Scenarios

F Scenarios by Topics

Cyber-Physical Systems Security (CPS)

CPS Scenarios

CPS Scenarios by Topics

Web & Mobile Security (WAM)

WAM Scenarios

WAM Scenarios by Topics

Cryptography (C)

C Scenarios

C Scenarios by Topics

Human Factors (HF)

HF Scenarios

HF Scenarios by Topics

Scenario CyBOK Keywords

labs/authentication_and_access_controls/ads_1_authentication.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_2_pam.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_3_access_controls.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_4_suid.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_5_facls.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_6_containers.xml

Details

CyBOK KAs, Topics, and Keywords

labs/authentication_and_access_controls/ads_7_apparmor.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/1_intro_linux.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/2_malware_msf_payloads.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/3_vulnerabilities.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/4_dns_footprinting.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/5_scanning.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/6_exploitation.xml

Details

CyBOK KAs, Topics, and Keywords

labs/introducing_attacks/7_post-exploitation.xml

128 KiB

Raw Blame History

Key	Data
Name	Labtainers lab: centos-log
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: centos-log2
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: cyberciege
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: denyhost
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: dmz-example
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: dmz-lab
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: file-deletion
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: file-integrity
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: formatstring
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop

Key	Data
Name	Labtainers lab: gdblesson
Description	A Labtainers lab.
Type	ctf-lab; lab-sheet
Author	Z. Cliffe Schreuders
Linked videos
VM names	desktop