From: Joseph McCray (joe@learnsecurityonline.com)
Date: Mon Oct 23 2006 - 01:17:23 EDT
Hey guys for quite some time now I've been working on Security Skills
assessment network. It integrates a scoring system that uses perl
scripts to perform checks on each of the host machines in the lab in
order to determine if the required task was successfully completed by
the user. I'm submitting this generic outline to this list to ask for
comments on it. Basically let me know if you think there are things that
are missing, skills that you feel are more important than others, etc.
This network test the users in the following skill areas:
I.Unix Command-line Basics
a.Basic Commands
b.Taring/Untaring
c.Compiling
II.Windows Command-line Basics
a.Basic Commands
b.Cygwin
III.Cryptography Tools
a.SSH
b.SCP
c.SFTP
d.Secure POP/Secure SMTP/Secure IMAP
e.PGP
f.GPG
g.StrongSWAN
h.MD5SUM
i.SHA1SUM
j.STUNNEL
IV.TCP/IP For Security
a.Packet Reading Basics
b.Port Scanning
c.Passive OS Fingerprinting
d.Layer 2 Attacks
e.Intrusion Detection Systems
f.Firewalls
g.Packet Crafting
V.Testing Methodologies
a.OSSTMM
b.OWASP
c.CEH
VI.Security Tools
a.Footprinting Tools
i.Samspade.org
ii.Google.com
b.Scanning Tools
i.NMap
ii.Xprobe
iii.Hping
c.Enumeration Tools
i.Netcat
ii.Smbclient
iii.User2Sid/Sid2User
d.Vulnerability Scanners
i.Nessus
ii.Nitko
e.Penetration Tools
i.Password crackers
ii.Metasploit
f.Utility/Multi-purpose Tools
i.Netcat
ii.PSTools Suite
g.Sniffing Tools
i.TCPDump
ii.Dsniff Suite
iii.Ettercap
h.Maintaining Access Tools
i.Backdoors
ii.Log Cleaners
iii.RootKits
i.Host Hardening Tools
i.Unix
1.Bastille
ii.Windows
1.MSBA
2.IIS LockDown
VII.Programming For Security
a.C
i.Language Basics
ii.C sockets
iii.In-line ASM
b.Basic Exploitation
i.Stack Overflows
ii.Heap Overflows
iii.Format Strings
c.Shellcoding
i.Linux
ii.Windows
iii.Mac OS X
d. Scripting Languages
i.Perl
i.Language Basics
ii.Network Programming With Perl
iii.Example Security Uses
iv.Vulnerability Checking
v.Exploits
i.Python
i.Language Basics
ii.Network Programming With Python
iii.Example Security Uses
iv.Vulnerability Checking
v.Exploits
e.NASL
f.Metasploit
i. Ruby
i.Language Basics
ii.Network Programming With Python
iii.Example Security Uses
iv.Vulnerability Checking
v.Exploits
g.Web Languages
i.HTML
ii.Javascript
iii.VBscript
iv.PHP
v.ASP
h.Databases
i.MySQL
ii.MS SQL
iii.Oracle
i.Web Application Security
VIII.Host Hardening
a.Unix Hardening
b.Unix Patch Management
c.Windows Hardening
d.Windows Patch Management
e.Windows Anti-Virus
IX.Network Hardening
a.Firewall
b.IDS
c.IPS
d.Patch Management
e.Anti-Virus
X.Incident Response/Forensics
a.Windows
i.Live Incident Response
ii.Forensics
b.Unix
i.Live Incident Response
ii.Forensics
-- Joe McCray Toll Free: 1-866-892-2132 Email: joe@learnsecurityonline.com Web: https://www.learnsecurityonline.com Learn Security Online, Inc. * Security Games * Simulators * Challenge Servers * Courses * Hacking Competitions * Hacklab Access
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:14 EDT