Security aspects of networking & telecommunication protocols, including the security of routing, network security elements, and specific cryptographic protocols used for network security.
Build a home hacker lab using SecGen
Tool
SecGen creates vulnerable virtual machines, lab environments, and hacking challenges, so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines that can be used for learning or for hosting CTF events.
Training
Give TryHackMe a go
TryHackMe goes way beyond textbooks and focuses on fun interactive lessons that make you put theory into practice. You'll get an immersive learning experience with network simulations, intentionally vulnerable technology based on real world examples and more.
How could you hide in a network protocol?
Malware often tries to conceal its communication from other software and network devices. How can malware achieve this whilst still being able to send and receive information?
Install Commando-VM
CommandoVM is a fully customizable, Windows-based security distribution for penetration testing and red teaming.
Install dd-wrt firmware on an old router
DD-WRT is a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used.
Install Flare-VM
FLARE VM is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc.
Install Kali linux
Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Learn hacking skills using HackTheBox
Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.
Learning about the DNS requests your computers are making by installing a Pi-hole on your home network
Pi hole provides network-wide ad blocking and monitoring of DNS requests. Explore the DNS requests your computers are making and consider the privacy implications of this traffic.
MiTM network traffic
mitmproxy is a free and open source interactive HTTPS proxy. You can use it on the command line, through a web interface, or through a Python API.
Play the Citadel Programming Lab from CyBOK
The Citadel Programming Lab is an online virtual secure coding game-based computer lab. The Lab combines a tower defence game with 6 security programming tasks. The lab is based on a serious game approach to join learning and playfulness. The lab’s platform combines a Unity game linked with a coding environment based on an instance of GitLab. The game elements and coding exercises are linked to CyBOK, the Cybersecurity Body of Knowledge, to map its cybersecurity content.
Read Cloudflare's roadmap to a zero trust architecture
NCSC guidance
A zero trust architecture is an approach to system design where inherent trust in the network is removed. Instead, the network is assumed hostile and each access request is verified, based on an access policy.
Read the CyBOK Network Security Knowledge Area introduction
CyBOK Introduction
The Cyber Security Body Of Knowledge is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector. The CyBOK project aims to bring cyber security into line with the more established sciences by distilling knowledge from major internationally-recognised experts to form a Cyber Security Body of Knowledge that will provide much-needed foundations for this emerging topic. The project, funded by the National Cyber Security Programme, is led by the University of Bristol's Professor Awais Rashid, along with other leading cyber security experts - including Professor Andrew Martin, Professor Steve Schneider, Dr Yulia Cherdantseva, Dr Rod Chapman and Dr Marina Krotofil.
Try Burp Suite in your homelab
Burp Suite enables its users to accelerate application security testing.
Try The Backdoor Factory (BDF)
The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.
Try using Kismet
Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.
Try using the Evil-Twin Framework
EvilTwinFramework is a framework for pentesters that facilitates evil twin attacks as well as exploiting other WiFi vulnerabilities.
Try using the PiRogue tool suite
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting mobile devices both Android and iOS, internet of things devices (devices that are connected to the user mobile apps), and in general any device using wi-fi to connect to the Internet.
Try using tshark
TShark is a command line network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark's native capture file format is pcapng format, which is also the format used by Wireshark and various other tools.
Understand the OSI network model
The Open Systems Interconnection model (OSI model) is a model of the communication functions of a telecommunication system or computing system.
Use dig to explore the responses from different DNS servers
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
Use Metapsloit to compromise a virtual machine
Metasploit is the world’s most used penetration testing framework.
Use Wireshark to analyse network traffic
Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
Cap'n Proto