diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..8697595 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "python.pythonPath": "c:\\Users\\dang\\Documents\\GitHub\\245CT\\env\\Scripts\\python.exe" +} \ No newline at end of file diff --git a/Aula-Slides/DADA_Intro.md b/Aula-Slides/DADA_Intro.md new file mode 100644 index 0000000..f5b735c --- /dev/null +++ b/Aula-Slides/DADA_Intro.md @@ -0,0 +1,106 @@ +--- +author: 'Dan Goldsmith' +title: 'A152CEM:' +subtitle: "Introduction to Cyber Security" +email: 'aa9863@coventry.ac.uk' +--- + +# Introduction +## Welcome + +> Welcome to the Module + +## Module Name + + - Officially its "Introduction to Cyber Security" + - May also be known as + - "Cyber Security for Everyone" + - "Defence against the Dark Arts" + +## Course Team + - Dan Goldsmith (aa9863@coventry.ac.uk) + - James Shuttleworth (csx239@coventry.ac.uk) + - Adam Barns + +## About Dan + + - Computer Scientist and Ethical Hacker + - Favourite topics are the "Red Team" + - Breaking things + - Reverse Engineering + - Malware and Exploit Development. + +## About James + - Not a hacker in the modern sense of the word. Prefer's the term + "spicy computer scientist." + - Absolutely a hacker in the old sense of the word. Someone who + likes to make computers do interesting things. + + +# How will you be taught? +## No Lectures + - Except for this one.... + - Co-Delivery approach. + - Course materials delivered via Coventry University Online + - Use Aula for "Community Driven Learning" + +## Pre Reading for Labs + - So this means you need to do some pre-reading (or watching videos) + - Work through the online materials, before the Lab session + - Will bring this all together in the Lab sessions + +## Aula + + - Collaborative learning platform + - Each week there will be topics to discuss + - Use the feed to create posts (using #tags), and comment on others. + +## Lab Activities + + - Review of the Week + - Group Discussion of topics for that week + - Presentations? + + +# What will we be doing? +## What is Security? + - What are the Threats? + - Who are the Threats? + - How much does this cost? + +## Social Engineering + + - Are you Naked online? + - Social Engineering + - OS-Int + - Phishing + +## Cryptography + + - Securing Data + - Securing Communications + - Passwords + +## The Legal Bit + + - GDPR + - Ethics + - Law around Hacking + - Business Factors + +## H4ck th3 Pl4n3t!!! + + - Real world Web Application Hacking + +## Malware + + - Worms + - Viruses + - Antivirus / Malware + +# Assessment: +## Report + + - One Coursework Element + - Due at the end of the Module (8th April 2021) + - Report on Cyber Security threats to a fictional Organisation diff --git a/Aula-Slides/Mary.png b/Aula-Slides/Mary.png new file mode 100644 index 0000000..9e31f64 Binary files /dev/null and b/Aula-Slides/Mary.png differ diff --git a/labs/Session5_GDPR/Slides.md b/Aula-Slides/Session5_GDPR/Slides.md similarity index 95% rename from labs/Session5_GDPR/Slides.md rename to Aula-Slides/Session5_GDPR/Slides.md index 9b41f8a..ee516ab 100644 --- a/labs/Session5_GDPR/Slides.md +++ b/Aula-Slides/Session5_GDPR/Slides.md @@ -1,5 +1,8 @@ --- -titie: Week 5. GDPR and Privacy +author: 'Dan Goldsmith' +title: 'A152CEM:' +subtitle: "Introduction to Cyber Security" +email: 'aa9863@coventry.ac.uk' --- diff --git a/labs/Session9_CaseStudies/CaseStudys.md b/Aula-Slides/Session9_CaseStudies/CaseStudys.md similarity index 100% rename from labs/Session9_CaseStudies/CaseStudys.md rename to Aula-Slides/Session9_CaseStudies/CaseStudys.md diff --git a/Aula-Slides/Session9_CaseStudies/Slides.hmtl b/Aula-Slides/Session9_CaseStudies/Slides.hmtl new file mode 100644 index 0000000..81db597 --- /dev/null +++ b/Aula-Slides/Session9_CaseStudies/Slides.hmtl @@ -0,0 +1,216 @@ + + + + + + + Hackers and the Hacked + + + + + + + + + +
+
+ +
+

Hackers and the Hacked

+

Dan Goldsmith

+
+ +
+
+

Case Studies

+ +
+
+

This weeks Future learn

+
    +
  • We looked at a few case studies
    • +
  • Different views on Hacking and the Hacked
    • +
+
+
+
+

Mangham Case:

+ +
+
+

Mangham Case

+
    +
  • Glenn Mangham, Sentenced to 8 months for breaking into Facebook
    • +
  • Reduced to 4 Months on appeal
    • +
  • Prior to FB Bug Bounty Program
    • +
+
+
+

Details:

+
    +
  • Flaw in a separate subsystem of Facebook, used for puzzles.
    • +
  • Gained Access to an employee account
    • +
  • Accessed Mail Servers and Internal Tools
    • +
  • Estimated cost of $200,000
    • +
+
+
+

More Factors

+
    +
  • Had previously taken part in Bug Bounty programs. +
      +
    • Paid for finding flaws by Yahoo
      • +
    • +
  • However, Did not report Flaws to Facebook
    • +
+
+
+

Prosecution

+
+

“This was not just a bit of harmless experimentation - you accessed the very heart of the system of an international business of massive size.”

+

“This was not just fiddling about in the business records of some tiny business of no great importance and you acquired a great deal of sensitive and confidential information to which you were simply not entitled… Potentially what you did could have been utterly disastrous to Facebook.”

+
+
+
+

Appeal

+
+

“The judge was entitled to conclude that his motive was not to inform Facebook of the defects in the system, but to prove that he could beat the system.

+
+
+

“In our view, the combination of the aggravating factors and mitigating factors is such that the more appropriate starting point, in our view, would have been six months, reduced to four months given the appellant’s plea.

+
+
+

“In particular, we would underline the point which the judge mentioned that the information had not been passed on to anyone and there was no financial gain involved.”

+
+
+
+
+

Phone Hacking

+ +
+
+

Phone Hacking

+
    +
  • 2005 Leaked information on Prince William
    • +
  • Other Celebrity activities leaked
    • +
  • 2010 - 2011 Investigation
    • +
+
+
+

How

+
    +
  • Default PIN on voicemail messages
    • +
  • Used to access devices
    • +
+
+
+

Issues

+
    +
  • Moral and Ethical Issues
    • +
  • Legal Issues?
    • +
  • Who paid attention to the Laws in the Case study?
    • +
+
+
+

Laws Broken

+
    +
  • Regulation of Investigatory powers +
      +
    • Intercept communication over telecoms, unless legal investigation by security services
      • +
    • +
  • DPA +
      +
    • Personal Information
      • +
    • +
  • CMA
    • +
+
+
+
+

Password Phishing

+ +
+
+

Phishing 4 Passwords

+
    +
  • Which of these did you find most interesting?
    • +
+
+
+

Easy to Guess Passwords

+
    +
  • Picked a common PW, “Summer16”
    • +
  • Gained access to 50 or 800 accounts
    • +
  • Used this to escalate privileges to admin level
    • +
  • What was it about password policy that caused this?
    • +
+
+
+

Phishing Via Email

+
    +
  • Standard method
    • +
  • Learn something about the Organisation
    • +
  • Craft an Email
    • +
  • Wait for it to be clicked
    • +
  • What was the payload here?
    • +
+
+
+

Phishing Via Phone

+
    +
  • Called organisation posing as Partner
    • +
  • Claimed software wouldn’t install
    • +
  • Was given admin password to help install process.
    • +
  • Who was at fault here?
    • +
+
+
+
+

Task

+ +
+
+

Task

+

Coursework Preparation time.

+

In Groups: - Pick one of the case studies above, or choose your own. - Research this and look for the elements required for the coursework - Prepare a short presentation (~5 Mins) on the topic addressing the points

+
+
+

Reminder of the topics needed for the coursework:

+
    +
  • Technical Details of the Hack Itself
    • +
  • Legal and Ethical Issues
    • +
  • Can we think of Similar Hacks that may have happened
    • +
+
+
+
+ + + + // reveal.js plugins + + + + + + + + diff --git a/labs/Session9_CaseStudies/Slides.md b/Aula-Slides/Session9_CaseStudies/Slides.md similarity index 94% rename from labs/Session9_CaseStudies/Slides.md rename to Aula-Slides/Session9_CaseStudies/Slides.md index 22cd4a4..dba102e 100644 --- a/labs/Session9_CaseStudies/Slides.md +++ b/Aula-Slides/Session9_CaseStudies/Slides.md @@ -1,7 +1,15 @@ --- -titie: Case Studies +title: Hackers and the Hacked +author: Dan Goldsmith --- +# Case Studies + +## This weeks Future learn + + - We looked at a few case studies + - Different views on Hacking and the Hacked + # Mangham Case: ## Mangham Case diff --git a/Aula-Slides/Week1_Discussion.md b/Aula-Slides/Week1_Discussion.md new file mode 100644 index 0000000..d06a401 --- /dev/null +++ b/Aula-Slides/Week1_Discussion.md @@ -0,0 +1,57 @@ +--- +title: "Lab 1: Is the Threat Real" +--- + +# Introduction +## Introduction +This week we have had a look at cyber security in general, and +examined some of the threats to our computer systems and data. + +In this lab we are going to take a closer look at these factors. + + +## Pre Task (Introductions) + + - Group Task + - Random Group allocation, (hopefully, through breakout rooms) + - No bearing on the coursework etc. + +# Main Tasks +## Introduction + +In your groups research and discuss each topic. + + - Find Examples of the problem + - Research figures to support your views + +At the end of each session, be prepared for a short (<5 Mins) +presentation on your findings. + +## How to Present + + - No Right or Wrong Ideas. + - You have a whiteboard, + - Text, Images, Hand Drawn. + +## Task 1: What is Cyber? + +![Could be In Cyber](images/../image/fatima.png) + + +## Task 1: + + - First let get your views on what "Cyber" is? + - What does it mean ? + - What do "Cyber" people do? + - What kind of things might be important? + - What do "Normal" people have to worry about. + + +## Task 2: (30 Mins) + +In this weeks articles we introduced the OWASP Top 10. +In your Groups: + + - What as a group did you find the most interesting Vulnerability. + - What examples of real world instances of these Vulnerabilities can you think of? + diff --git a/Aula-Slides/Week2_Naked.md b/Aula-Slides/Week2_Naked.md new file mode 100644 index 0000000..76e3c98 --- /dev/null +++ b/Aula-Slides/Week2_Naked.md @@ -0,0 +1,69 @@ +--- +title: "Open Source Intelligence" +subtitle: "A152CEM" +--- + +# Introduction + +## Session Plan + + 1. Discuss Topics + 2. Activity + 3. Break + 4. GOTO 1 + +# What data is Online? + +## Introduction + +This week we are having a look at OS-Int, Also known as Open +Source Intelligence. + +In this lab we are going to take a closer look at tools and techniques that are +used to gather information freely and legally available on the internet + +## Pre Task + + - Companies can judge you for the data that you leave freely available online. + - Data you leave freely available online could also in extreme cases be used + against you. + - This task can be done solo or in groups, you often find more by talking to + your peers. + + +## Tasks + +In your groups or on your own, use OSInt techniques to investigate +yourself and see what you can find. + +At the end of each session, be prepared for a short (<5 Mins) +presentation on your findings in your groups. . . Avoid oversharing. + +## Tasks + + - Be respectful of peoples privacy next to you + - Share techniques to try and find out as much as you can that’s online about you + - Consider ways you could get sensitive information removed/taken down from sites + + +## Demo Time: + + - https://medium.com/the-first-digit/osint-how-to-find-information-on-anyone-5029a3c7fd56 + - https://mango.pdf.zone/operation-luigi-how-i-hacked-my-friend-without-her-noticing + +## Task 1: (60 Mins) + +In your Groups/solo: + + - Investigate yourselves using open source intelligence and see what kinds of data you can see + - See how far you can go, can you only using the data you’ve collected find your house for instance + - Think of the ways in which you can stop this information from being leaked + - Can it be taken off the sites? + +## Task 2: (30 Mins) + + - What data did you find? + - Many different social media profiles, Location information, Phone numbers? + - What do you think you can do to prevent this data from being open source? + - Can you limit the data that is collected about you? + - In future, what steps might you take to change your online habits? diff --git a/Aula-Slides/Week3_Phishing.md b/Aula-Slides/Week3_Phishing.md new file mode 100644 index 0000000..406aa85 --- /dev/null +++ b/Aula-Slides/Week3_Phishing.md @@ -0,0 +1,82 @@ +--- +title: Week 3. Gone Phishing +--- + + +# Introduction + +## Question + + - So What is Phishing? + - Where does it happen? + +## Your examples: + + - Do you have any recent examples of Phishing attempts + +## Where does Phishing Happen ? + + - Slide Thing + +## Where does Phishing Happen ? + + - Email + - Phone Calls + - Text Message + - Social Media + - Dodgy Applications + - The Bloke in the Pub + +## Tips to Spot Phishing ? + + - Slide Thing + + + + +# Tasks: + +## Task 1: + Complete the Phishing Quiz at: + + - https://phishingquiz.withgoogle.com/ + - https://www.opendns.com/phishing-quiz/ + - https://www.phishingbox.com/phishing-test + +## Task 1a: + +Take a note of the examples in the quizzes: + + - What "traits" to phishing emails have + - What about Phishing Websites + - How can we use these to spot possible Phishing attempts + + +## Task 2: + +OS Int and Google hacking. + +Our Target: + +![Mary](Mary.png) + + +## Task 2a: + + - Who do they work for? + - What social media profiles do they have? + - What hobbies and interests do they have? + - How could we use this to plan a Phishing attack. + + +## Task 2b: + + Using the information gathered, design a phishing email + + - Who is the Sender + - What is the Topic + - What is the Content. + +## Task 2c: + +> PRESENTATIONS!! diff --git a/labs/Session7_Guilty/lab_w7_court.md b/Aula-Slides/Week6_Courrt.md similarity index 100% rename from labs/Session7_Guilty/lab_w7_court.md rename to Aula-Slides/Week6_Courrt.md diff --git a/Aula-Slides/convert.ps1 b/Aula-Slides/convert.ps1 new file mode 100644 index 0000000..485b546 --- /dev/null +++ b/Aula-Slides/convert.ps1 @@ -0,0 +1,42 @@ +<# +.SYNOPSIS + Script to convert markdown file to word document +.DESCRIPTION + Convertes a markdown file into an word document using pandoc as converter. The process uses a word template file +.PARAMETER i + Specifies the input file. This is the markdown file +.PARAMETER o + Specifies the output file. This is the word document +.PARAMETER t + specifies the name of the word template used to convert the markdown file to a word document +.EXAMPLE + C:\PS> ./build.ps1 -i myfile.md -o myfile.docx -t mytemplate.docx + Example that converts the file myfile.md +.NOTES + Author: Oliver Graf + Date: November 19, 2016 + +REVEAL_URL=https://github.coventry.ac.uk/pages/aa9863/RevealTemplate/reveal.js +HTML_PANDOC_OPTIONS = -t revealjs -V revealjs-url=$(REVEAL_URL) -V +theme=$(REVEAL_THEME) --template newReveal.html --standalone + +pandoc $(HTML_PANDOC_OPTIONS) $(SOURCES) -o $(TARGET) + +#> + +param( + [Parameter(Mandatory=$true)][string]$i, + [Parameter(Mandatory=$true)][string]$o, + [String]$theme = "night", + [string]$template = " C:\Users\dang\Documents\GitHub\245CT\slides\revealTemplate.html", + [string]$revealURL = "https://github.coventry.ac.uk/pages/aa9863/RevealTemplate/reveal.js" + +) + +Write-Host ("Processing file {0} with template {1} and convert to {2}" -f $i, $t, $o) +pandoc --standalone -t revealjs -V theme=$theme -V revealjs-url=$revealURL --template $template $i -o $o + +# We can do the SED equivilent +# https://www.kittell.net/code/powershell-unix-sed-equivalent-change-text-file/ + +(Get-Content $o).replace('data-auto-animate"', '" data-auto-animate') | Set-Content $o \ No newline at end of file diff --git a/Aula-Slides/image/fatima.png b/Aula-Slides/image/fatima.png new file mode 100644 index 0000000..92a308e Binary files /dev/null and b/Aula-Slides/image/fatima.png differ diff --git a/CW/CW_Jan2021.md b/CW/CW_Jan2021.md new file mode 100644 index 0000000..1151e6b --- /dev/null +++ b/CW/CW_Jan2021.md @@ -0,0 +1,156 @@ +--- +# Template Stuff +template: coursework/CourseworkBrief.jinja2 + +# Fields for the coursework +module_title: Introduction to Cybersecurity +module_code: A152CEM +module_leader: Dan Goldsmith + +cohort: Jan-May +handout: February +due: 9th April 2021 + +title: Coursework Report +type: Report +group: false +#effort: 20 Hours +percentage: 100% +effort: 10 Hours + +submit_via: Moodle +feedback_date: 1st May +feedback_method: "Feedback Via Aula" + +wordlimit: 1500 +short: A report that shows how awesome markdown is. +ilos: + - 1. Identify a range of cyber security threats faced by individuals + and organisations. + - 2. Evaluate prevention, identification and mitigation methods + appropriate to a variety of security scenarios + - 3. Demonstrate an understanding of the legal and ethical issues + surrounding cyber security + +--- + +# Task and Mark Distribution + +The assessment requires students to individually produce a security +assessment of an organisation. The output will be in the form of a +report of approximately 1500 words. + +## Scenario + + +The Cirrus Cybernetic Corporation is an organisation that develops +next generation robotics. + +The organisation has several hundred employees, and includes departments for: + - Management + - HR + - Accounting + - Maintenance + +The organisation has a Website, showing company information, and +providing "Chat" and Forums for Customers to ask questions. + +There is also a staff Portal accessible VIA the web interface. The +staff portal allows authenticated staff members to search and display +customer account information. Access to the staff area is through a +single sign on system (IE the staff member has the same Username and +password for their Desktop PC and the Intranet) + +Recently there was a web security incident, where an attacker was able +to access the organisation database. The initial analysis of the +attack suggests that it was launched from somewhere inside the company +network. + +## Tasks + +You have been asked to develop a report on the security of the +organisation above. All of the information you require about the +organisation is given in the "Scenario" section, although you are +expected to do some research on cyber security issues that might +relate to the organisation. + +This report should be written at a high level, suitable for a +non-technical management audience. Your report should focus on two +selected aspects of your choice, one each of: + + - A Technical aspect to security (such as how do we secure data, + recommendations for security software) + - A Human Aspect to security (what issues do the staff face, how can + we protect against them) + +Foe each aspect, select *ONE* factor (for example, Phishing, or a +specific Web vulnerability) that is a threat to the organisation, and give details of: + - What the Threat is + - How the threat occurs + - Examples of the Threat in the Real world + - Suggestions to mitigate the threat. + +## Example Topics + +You can find examples of Technical and Human factors threats below + +### Human Factors + + - Phishing + - Social Engineering + - Password Choice + - Security Policy + +### Technical Factors + + - Viruses + - Hacking (for example) + - Cross Site Scripting + - SQL injection + - Use of Firewalls / Antivirus + +
+ +## Marking Scheme + +### Report Contents (90%) + - Introduction (10%) + + Should introduce the subject, and provide context to the issues + discussed in the report + + - Background Research (10%) + + Introduction to Cyber Security, what are the key threats, and + how are they relevant to the organisation + + - Technical Threat (30%) + + Should include details of: + - What the Threat is + - How the threat occurs + - Examples of the Threat in the Real world + - Suggestions to mitigate the threat. + + - Human Factors Threat (30%) + - What the Threat is + - How the threat occurs + - Examples of the Threat in the Real world + - Suggestions to mitigate the threat. + + - Conclusions (10%) + +### Report Structure (10%) + + - Appropriate structure, use of diagrams and referencing + +## Marking Rubric + +| Grade | Element | +|-------|---------------------------------------------------------| +| 0-39 | Work mainly incomplete and /or weaknesses in most areas | +| 40-49 | Most elements completed; weaknesses outweigh strengths | +| 50-59 | Most elements are strong, minor weaknesses | +| 60-69 | Strengths in all elements | +| 70+ | work exceeds the standard expected | +| 80+ | All work substantially exceeds the standard expected | \ No newline at end of file diff --git a/MoodleMaterials/ModuleGuide.docx b/MoodleMaterials/ModuleGuide.docx new file mode 100644 index 0000000..8523664 Binary files /dev/null and b/MoodleMaterials/ModuleGuide.docx differ diff --git a/labs/Session10_Business/Session10_Slides.md b/labs/Session10_Business/Session10_Slides.md index e827417..45b48f3 100644 --- a/labs/Session10_Business/Session10_Slides.md +++ b/labs/Session10_Business/Session10_Slides.md @@ -105,7 +105,7 @@ https://www.cisecurity.org/wp-content/uploads/2018/10/Six-tabletop-exercises-FIN ## Coursework Reminder - - New submission date. 1st May + - Due 14th December - Coursework is unchanged - I will keep you informed in anything changes diff --git a/labs/Session1_Introduction/IntroSlides.md b/labs/Session1_Introduction/IntroSlides.md index de116df..363ff6e 100644 --- a/labs/Session1_Introduction/IntroSlides.md +++ b/labs/Session1_Introduction/IntroSlides.md @@ -1,6 +1,7 @@ --- author: 'Dan Goldsmith' -title: 'A152CEM: Cyber Security for Everyone' +title: 'A152CEM' +subtitle: "Introduction to Cyber Security" email: 'aa9863@coventry.ac.uk' --- @@ -35,17 +36,23 @@ email: 'aa9863@coventry.ac.uk' - Except for this one.... - Co-Delivery approach. - Course materials delivered via Coventry University Online + - Community Led Discussion via Aula. ## Pre Reading for Labs - So this means you need to do some pre-reading (or watching videos) - Work through the online materials, before the Lab session - Will bring this all together in the Lab sessions - + +## Aula + + - Each week there will be discussion points + - Use the feed on Aula (and #tags) to discuss the concepts from the lesson + ## Lab Activities - Review of the Week - Group Discussion of topics for that week - - Presentations? + - Presentations # What will we be doing? diff --git a/labs/Session2_OSInt/Links.docx b/labs/Session2_OSInt/Links.docx new file mode 100644 index 0000000..90b84f4 Binary files /dev/null and b/labs/Session2_OSInt/Links.docx differ