System and Network Security, Spring 2022

CSP 544 System and Network Security

Week 1 Announcement

Jan 10 · 0 min read

Get set up with SEED Labs
Create an account on Hack the Box

Welcome!

This is the webpage for CSP 544: System and Network Security at IIT. We are online for the first two weeks of the semester. After that, we will meet in SB 113.

Communication

We will be using Discord for course communication. You can find the invite link on Blackboard.

Books

Required

See here.

Other Useful Books

Security Engineering by Ross Anderson
Hand-On Ethical Hacking and Network Defense by Simpson and Antill
The Hacker Playbook 2 by Peter Kim
Hacking: The Art of Exploitation by Jon Erickson
RTFM by Ben Clark

Development Environment

We will primarily be using virtual machine images to set up vulernable environments for you to exploit. Thus, in order to do the labs, you’ll need to set up a hypervisor/VMM on your machine to complete the labs. You should be able to use VirtualBox, VMware, or libvirt. We’ll be using the SEED Labs for most of the class, but we will augment them with our own. You can see here to get set up for the labs.

Tools

Metasploit: A widely used penetration testing framework written in Ruby
Kali Linux: A Linux distro aimed at ethical hacking and pentesting
Defuse: An online x86 disassembler
Godbolt: An online compiler explorer
pwntools: a Python exploitation framework, meant for CTFs
shtest: A shellcode tester
Wireshark: Widely used network packet capture and analysis tool
SET: Social engineering toolkit
PTF: Penetration tester framework
GEF: GDB wrapper for reverse engineering and exploit development
Radare2: Reverse engineering framework
strace: Linux system call tracer
ltrace: Linux library call tracer
Shodan: Vulnerability scanner
Hydra: brute force cracking for remote services
Mimikatz: Windows credential dumper
hashcat: password cracker
American Fuzzy Loop: widely used software fuzzer
syzkaller: Linux kernel fuzzing