This course is primarily aimed at cybersecurity professionals, advanced students, and individuals with foundational knowledge in cybersecurity looking to expand their expertise in ethical hacking and defense strategies. Advanced Cybersecurity Topics provides in-depth coverage of sophisticated security challenges, including rootkits, operating system security, buffer overflow vulnerabilities, race conditions, and post-exploitation techniques. It’s ideal for those who want to deepen their understanding of modern cybersecurity threats and defenses, and are ready to tackle complex scenarios involving system vulnerabilities, privilege escalation, and mitigation strategies. Through hands-on labs and real-world case studies, participants will gain practical experience using the MITRE ATT&CK Enterprise Framework and other ethical hacking methodologies to analyze and defend against advanced attacks. Whether you are a seasoned professional aiming to advance your skills or a cybersecurity student looking to deepen your knowledge, this course equips you with critical tools to face complex security challenges.
Overview
Syllabus
- Course Introduction
- The specialization “Introduction to Ethical Hacking” helps you to master essential cybersecurity skills across three comprehensive courses. Begin with Cybersecurity Fundamentals, covering motives, penetration testing, cryptography, information gathering, and social engineering. Progress to Advanced Techniques exploring mobile security, DNS attacks, network exploitation, and web exploitation. Conclude with Advanced Topics on rootkits, OS security, buffer overflow, race conditions, and post-exploitation strategies, preparing you for diverse cybersecurity challenges.
- Rootkits
- Discusses the history, types, forms, and goals of rootkits. Covers system calls, kernel vs. user space, hooking, loadable kernel modules, testing system calls, and tweaking files.
- OS Security
- Discusses the goals, purposes, techniques, and tools used for conducting OS security activities. Covers trusted computing, design, access control, SETUID, certification service, authenticate boot service, root shell, password shadow file, and single-user mode.
- Buffer Overflow
- Discusses the goals, objectives, history, methods/approaches, and tools used to conduct buffer overflow activities. Covers “smashing the stack,” X86 Architecture, memory organization, stack behavior, Seg Fault example, modifying execution flow, shell code, and null characters.
- Race Conditions
- Discusses the goals, objectives, history, methods/approaches, and tools used to conduct Return-Oriented Programming (ROP) & Race Condition activities.
- Post Exploitation (Escalate/Pivot)
- Discusses of the history, types, forms, goals, and tools used for privilege escalation activities. Covers preventing and examples of escalation, island hopping/pivoting, maintaining persistence/C2, data hiding, and maintaining your presence (i.e., log control).
Taught by
Jason Crossland