Cyber Offence
Enrol
This course currently has no scheduled dates. To express interest in this course or to discuss bespoke options for yourself or your organisation, please submit an expression of interest or contact the Professional Education Team on +61 2 5114 5573 or profedcourses@adfa.edu.au
5 days
Face-to-face
Canberra
$4,750.00
$4,750.00
Accelerate your career, learn new skills, and expand your knowledge.
First in Australia for research excellence and impact.
Top 50 in the world. 2020 QS World University Rankings.
Overview
This course provides the foundation for offensive tactical cyber operations to develop knowledge and skills of various tools, techniques and procedures (TTP) involved with offensive cyber operations, and to develop competence in addressing strategic, operational and tactical issues of cyber operations. Students will be walked through the various stages of the Cyber Kill Chain, which is an industry-accepted methodology for understanding how an attacker conducts the activities necessary to cause harm to an organisation. For every stage, students will receive hands-on experience with various TTPs as employed by cyber threat actors.
Course content
Day 1: Cyber Offence Basics
This session introduces the Cyber Kill Chain and legal aspects of Cyber Offence. We'll then look at Windows and Kali Linux File System navigation and manipulation, and go through basic computer networking principles. Students will utilise virtual machines to do exercises with Netcat and Wireshark.
Topics
Command Line, Standard input/output, Pipes, IP Addresses, Ports, Network Commands, Services, Netcat, Wireshark.
Day 2: Reconnaissance
This session introduces the main reconnaissance techniques, including Social Engineering, OSINT, network enumeration, vulnerability scanning, email harvesting, and OS (and service) fingerprinting. Practical exercises include passive recon on real targets and active recon on the virtual machines.
Topics
SMTP, SMB, SNMP and DNS Enumeration, nmap, nikto, SET, phishing, OpenVAS, the Harvester.
Day 3: Access and Exploitation
This session introduces students to Searching for Exploits, Execution Techniques and Transfer Methods. Practical exercises include creating a reverse shell using msfvenom, outputting and executing payloads and detecting them with Metasploit.
Topics
Exploit Sources, Bind vs Reverse, Staged vs Stageless, Executable Formats, Metasploit, Msfvenom, Catching Shells.
Days 4 & 5: Perseverance and Exfiltration
This session covers basic Windows and Linux escalation techniques such as Kernel Exploits, Privileged Exploits, Attacking Hashes, and Pivoting. Students learn to understand password hacking using Meterpreter and Medusa. We will also look at avoiding detection, website attacks, and exfiltration.
Topics
Kernel Exploits, High Privileged Programs Credential Theft, Insecure Configurations, Privileged Exploits, Metasploit, Proxytunnels.
Please download the Cyber Offence course PDF.
Learning outcomes
Skills/competencies/knowledge that would be gained through this course:
- conduct simple computer network operations by defining the suitable operation goals and outcomes
- identify opportunities in defeating cyber threat actor tradecraft by understanding the full spectrum of offensive activities
- improve an organisation’s security by understanding and acting on artefacts and signatures generated by cyber offensive activities
- provide advice to policy makers on strategic issues regarding cyber capabilities, doctrine, and partnerships
- plan computer network operations using industry and government best practices.
Who should attend
This course is well suited to experienced IT professionals who wish to specialise in offensive and defensive tactical Cyber Operations.
Cancellation policy
Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.