Objective: Given a scenario, the student will analyze potential indicators associated with application attacks.
Resources:
See PowerPoint presentations: 1.3.7 – Replay Attacks and Pass the Hash.pptx, and Lab – Pass the Hash.pptx
Assignment:
Begin by reading the 1.3.7 – Replay Attacks and Pass the Hash.pptx presentation.
Read and complete the lab activity in the Lab – Pass the Hash.pptx document.
To confirm completion the lab activity, upload a screenshot with today’s date showing the results of the getuid and sysinfo commands demonstrating that you have Administrator-level access in the Windows 7 environment to today’s Google Classroom post.
Please do your best to complete this Lab by the end of the class period on Wednesday.
Assigned: April 18th, 2023 Teacher Pacing Due Date: April 19th, 2023
Objective: Given a scenario, the student will analyze potential indicators associated with application attacks.
Resources:
See PowerPoint presentations: 1.3.1 – Privilege Escalation.pptx, and Lab – Privilege Escalation.pptx
Assignment:
Begin by reading the 1.3.1 – Privilege Escalation.pptx presentation.
Read and complete the lab activity in the Lab – Privilege Escalation.pptx document.
To confirm completion the lab activity, upload a screenshot of the Meterpreter session with the escalated privileges that demonstrates that you have Administrator-level access to today’s Google Classroom post.
Please do your best to complete this Lab by the end of the class period on Wednesday.
Assigned: April 12th, 2023 Teacher Pacing Due Date: April 12th, 2023
Objective: Given a scenario, the student will analyze potential indicators to determine the type of attack.
Resources:
See PowerPoint presentations: Lab – Keylogger Application.pptx
Assignment:
Read and complete the lab activity in the Lab – Keylogger Application.pptx document.
This lab is similar to the Intro to Keyloggers lab we did last week, but it uses a different, non-Java based application to harvest keystrokes.
To do this, you will need to activate a backdoor session. Follow the steps at the end of the Powerpoint document to quickly establish a backdoor session on the vulnerable Windows 7 machine, then proceed with the steps to locate and shut down the active backdoor session using the available tools within Windows.
To confirm completion the lab activity, activate the keylogger, then visit https://netop.mistermarmolejo.com in the Vulnerable Windows 7 environment while the keylogger is active. Upload a screenshot of the Meterpreter session showing the captured keystrokes of your visit to the Netop website to today’s Google Classroom post.
Please do your best to complete this Lab by the end of the class period today.
Assigned: April 10th, 2023 Teacher Pacing Due Date: April 11th, 2023
Objective: Given a scenario, the student will analyze potential indicators to determine the type of attack.
Resources:
See PowerPoint presentations: Lab – Backdoor Removal.pptx
Assignment:
Read and complete the lab activity in the Lab – Backdoor Removal.pptx document.
This lab will walk you through the process of locating and removing an active backdoor session.
To do this, you will need to activate a backdoor session. Follow the steps at the end of the Powerpoint document to quickly establish a backdoor session on the vulnerable Windows 7 machine, then proceed with the steps to locate and shut down the active backdoor session using the available tools within Windows.
To confirm completion the lab activity, upload a screenshot of both the active Meterpreter Attack session that shows the backdoor session in action, and the TimeoutError messages demonstrating that the attack has been terminated to today’s Google Classroom post.
Please do your best to complete this Lab by the end of the class period on Friday.
Assigned: April 5th, 2023 Teacher Pacing Due Date: April 6th, 2023
Objective: Given a scenario, the student will analyze potential indicators to determine the type of attack, and use the appropriate tool to assess organizational security. .
Resources:
See PowerPoint presentations: 1.2.3 – Trojans, Backdoors, and RATs.pptx, 4.1.6 – Exploitation Frameworks.pptx, and Lab – Backdoor.pptx
Assignment:
Begin by reading the 1.2.3 – Trojans, Backdoors, and RATs.pptx and 4.1.6 – Exploitation Frameworks.pptx presentations.
Read and complete the lab activity in the Lab – Backdoor.pptx document.
To confirm completion the lab activity, upload a screenshot (with today’s date) of the open meterpreter session that activates on the Kali system when the trojan payload is activated in the Windows environment to today’s Google Classroom post.
Please do your best to complete this Lab by the end of the class period on Wednesday.
Assigned: March 28th, 2023 Teacher Pacing Due Date: March 29th, 2023
Objective: Given a scenario, the student will analyze potential indicators to determine the type of attack.
Resources:
See PowerPoint presentations: 1.2.2 Ransomware and Crypto-Malware and Lab – Ransomware Attack.pptx
Assignment:
Begin reading the 1.2.2 Ransomware and Crypto-Malware.pptx presentation.
Read and complete the lab activity in the Lab – Ransomware Attack.pptx document.
To confirm completion the lab activity, upload a screenshot of the activated Ransomware attack (with today’s date) to today’s Google Classroom post.
Please note that upon completion of this lab, you will need me to reset your Windows 7 Virtual Environment. Please notify me when you are ready for me to reset the environment.
Please do your best to complete this Lab by the end of the class period today.
Assigned: March 22nd, 2023 Teacher Pacing Due Date: March 22nd, 2023
Compare and contrast different types of social engineering techniques.
Resources:
See PowerPoint presentations: 1.1.8 Credential Harvesting.pptx, Lab – Credential Harvesting
Assignment:
Begin reading the 1.1.8 Credential Harvesting.pptx presentation. This lesson will introduce you to social engineering-based attacks designed to acquire login credentials from victims.
Next, begin the Lab – Credential Harvesting.pptx lab. This lab will introduce you to the Social Engineering Toolkit, a powerful set of tools that you can use to set up a number of credential-stealing attacks. In this activity, you will use the Social Engineering Toolkit to launch a phishing attack within the confines of the CYBER.ORG Cyber Range.
Play the victim, and upload a screenshot of the successful attack screen with the “GOT A HIT!” message to today’s Google Classroom assignment post to confirm completion of the lab.
Assigned: December 7th, 2022 Teacher Pacing Due Date: December 9th, 2022
Compare and contrast different types of social engineering techniques.
Resources:
See PowerPoint presentations: 1.1.8 Credential Harvesting.pptx, Lab – Credential Harvesting
Assignment:
Begin reading the 1.1.8 Credential Harvesting.pptx presentation. This lesson will introduce you to social engineering-based attacks designed to acquire login credentials from victims.
Next, begin the Lab – Credential Harvesting.pptx lab.Use the Social Engineering Toolkit to launch a phishing attack.
Play the victim, and upload a screenshot of the successful attack screen with the “GOT A HIT!” message to today’s Google Classroom assignment post to confirm completion of the lab.
Assigned: November 30th, 2021 Teacher Pacing Due Date: December 2nd, 2021
Objective: Compare and contrast basic cryptography concepts.
Resources:
See PowerPoint presentation: Lab – Steganography
Assignment:
Begin reading and complete the lab in the Lab – Steganography.pptx presentation.
Turn in the resulting “image4.jpg” file with a message of your choice hidden in the image using the steghide app. Upload this image to today’s Google Classroom assignment post.
Please include the message/password along with your image so Mister can test it! We will use these images in Thursday’s class session. (So keep your messages classy!)
On Thursday, we will read the Case Study – Steganography document and be prepared to answer the questions at the end.
A Google Form will be provided to answer the Case Study questions Thursday afternoon. This will be the last assignment of this three-week grading period.
Assigned: November 16th, 2021 Teacher Pacing Due Date: November 18th, 2021
Given a scenario, analyze potential indicators to determine the type of attack.
Given a scenario, use the appropriate tool to assess organizational security.
Resources:
See PowerPoint presentation: Lab – Brute Force Online.pptx
Assignment:
Read the Lab – Brute Force Online.pptx presentation.
Use your Kali Linux console at https://uscyberrange.org to follow along with the presentation and learn how to use a combination of Brute Force and a Dictionary-style attack to crack an online service’s password.
Continue through to the “Log into DVWA” slide. Take a screenshot of the DVWA login landing screen demonstrating that you have successfully logged in using the stolen credentials.
Upload this screenshot to today’s assignment post on our Google Classroom page to confirm completion of the lab.
Assigned: November 2nd, 2021 Teacher Pacing Due Date: November 4th, 2021
