This really is my review of the Cybrary course, Python for Security Professionals, First of all, I truly appreciate the Cybrary.it model, the lessons are typical free and you can purchase a certificate of completion (which may help validate the 15 CPEs the course may be worth, if you need to justify that kind of thing) if you like at the end. However, the entire site model is interesting in as possible "complete" any of the courses (lol in reality, I've "completed" all the courses), and buy the relevant certificate, without ever having clicked any of the video links. That seemingly large security mistake sort of invalidates the certificates, as everyone can obviously say the've completed the course and have the certificate with no done so. All of the aside, I really like the notion of free education material and we shall now be delving into the content of the Python for Security Professionals course. Like my other reviews, I'm going to review the material and recommend this based in your experience and time commitment. The course contains 10 hours of video content, which are pretty decent particularly if you want to learn Python from scratch, but slightly less when you want to learn the nuances of Information Security. All of the modules are video focused, but have PDFs of slides, activities in python programs, and the completed solutions to the activities in python programs. Overall, the very first four modules are very basic and mostly just cover programming in python vs security specific tasks. Another issue is that currently every one of the videos are pretty blurry and it's hard to read the code / command line utilized in the video series. Because of this you've to view the videos in HD, nevertheless they address this in the comments and mention how they will be re-releasing the videos in an increased resolution. At the conclusion of the weekend, I'd recommend this course to a person who is attempting to master Python from scratch by having an Information Security focus, but for someone with more of a background in Python, I'd actually recommend a text more like Black Hat Python, for more of an Information Security focus. Nevertheless, even though you are experienced with Python and Information Security, you may find the final two modules interesting (The Packet Gathering Module and the Info Gathering Module).
The initial module, Intro and Setup, is pretty basic and be easily skipped if you have any prior Python experience. Here he goes over how to setup and install Python, along with why it's an excellent language for rapid prototyping and security professionals.
The next module, Apprentice Python, can be very basic and still doesn't touch on anything security related. This module is all about basic usage and arithmetic in Python. There's also a stumbling block in the next video, as it's a little odd when he googles for solutions and then reads stack overflow during the tutorial.
The Journeyman Python module is interesting, but still doesn't delve into anything necessarily Information Security specific. In this module he talks a great deal about networking protocols and RFCs that govern these. These modules are interesting in they are informative, but fairly incomplete in the info they relay, a good example of this will be when he starts speaing frankly about ports and protocols he doesn't differentiate which transport protocol the application protocols are traveling over, despite discussing the differences involving the TCP and UDP transport protocols. In this chapter you're shown you how to get in touch to arbitrary TCP ports, which could be helpful for banner grabbing. The last activity in this module shows you how to hear a TCP port and thus create your own arbitrary file server, however these lack really any security controls.
With Advanced Python he covers ctypes, regular expressions, multi-threading, and finally fuzzing. The multi-threading exercise in this module is pretty interesting, but still nothing really advanced, merely a quick launching of multiple independent threads (vs something that has to think about deadlocks). The fuzzing section can be pretty interesting as this can be quite a core Information Security technique, so I appreciate the videos for Slides part 3, jperry even alludes to a buffer overflow in this video. Unfortunately, he also says fairly uneducated things like fuzzing and password cracking are similar in theory (the manner of bruteforce may be similar, but that hardly scratches the idea involved with either subject) or that writing a code cracker is against the CFAA, which is unquestionably false as industry professionals use password cracking constantly in penetration testing (trafficking hacked information or the particular act of hacking another person's system is illegal, not writing a code cracker). In this module's activities he also writes a fairly insecure file server implementation. I say it's insecure not as it enables you to arbitrary read / write to an entire drive, but as it uses no authentication or encryption to protect the communications, meaning anyone could trivially hijack your fileserver activities.
Packet Analyzer module is where things get really cool. Partly two, jperry starts implementing an IP protocol parser and demonstrates bitwise manipulation to read exact fields out from the protocol. This is a pretty awesome tutorial for writing a network protocol parser in Python and something I'd truly call Python for Security Professionals. I would recommend this section for those enthusiastic about getting a more in depth handle of protocols and automated parsers.
The Info Gathering module can be really interesting, as here jperry writes a fast post-exploitation RAT in Python for Windows. This really is excellent and where in actuality the class really starts digginging into the Python put on security specific applications. I enjoy where he uses python to parse the Windows registry key values, that is super helpful for various security applications. Overall, I believe this is a very good Python for Security Professionals video. This module also covers all of the content from the Post Exploitation Hacking course in this script. I would recommend this module for moderately experienced hackers looking to start writing their own implants.
Overall, the modules were done well and I appreciate the relaxed approach of the course and exercises. Nevertheless, I believe the whole course is great for someone trying to master Python from scratch, however in the event that you already are a newcomer Python / Information Security enthusiast you should checkout something more like Black Hat Python, and even though you are well versed with Python and Information Security you may find the final two modules interesting. For Cybrary.it, I truly appreciate what they are doing with free education, I believe this is a good program and it deserves plenty of support, however I don't think the certifications are worth anything go now, on the basis of the lack of business-logic security preventing anyone from just acquiring the certificates without having to have the courses.
Comments
Post a Comment