Boot to single user mode and reset the root password
Single user mode in Linux allows only the root user to perform tasks. It is usually used for maintenance and troubleshooting, for example, resetting a forgotten root password, or solving file system failures.
Build a home hacker lab using SecGen
Tool
SecGen creates vulnerable virtual machines, lab environments, and hacking challenges, so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines that can be used for learning or for hosting CTF events.
Complete the AWS Well-Architected security labs
AWS WAF
AWS WAF Labs
The AWS Well-Architected Framework describes key concepts, design principles, and architectural best practices for designing and running workloads in the cloud. Security is one element of the Well-Architected Framework. Amazon provide practical labs covering the different pillars within the Well-Architected Framework. These allow you to learn by doing, with code and documentation to help you.
Explore OSINT tools on OSINT Framework
External link
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
How could you hide a process?
Malware often tries to hide itself from other software, for example, anti-virus. How can a process hide from other processes whilst it is running?
How could you hide in a file?
Malware may hide itself or information it has gathered in files. How can this be done whilst still keeping the data accessible to the malware?
How could you hide in a network protocol?
Malware often tries to conceal its communication from other software and network devices. How can malware achieve this whilst still being able to send and receive information?
Install Commando-VM
CommandoVM is a fully customizable, Windows-based security distribution for penetration testing and red teaming.
Install Flare-VM
FLARE VM is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc.
Install Kali linux
Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Learn hacking skills using HackTheBox
Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.
Pack and unpack an executable
Many different executable packers exist. They may compress, encrypt or obfuscate the underlying binary. Malware authors may use either off-the-shelf packers or custom packers to avoid detection. One example packer is UPX, a free, portable, extendable, high-performance executable packer for several executable formats. If you've got more time, try analysing or debugging the binary.
Play the Citadel Programming Lab from CyBOK
The Citadel Programming Lab is an online virtual secure coding game-based computer lab. The Lab combines a tower defence game with 6 security programming tasks. The lab is based on a serious game approach to join learning and playfulness. The lab’s platform combines a Unity game linked with a coding environment based on an instance of GitLab. The game elements and coding exercises are linked to CyBOK, the Cybersecurity Body of Knowledge, to map its cybersecurity content.
Setup a continuous integration (CI) build
Continuous integration (CI) is automatically integrating and building code changes from multiple contributors into a single software build. For example, a build may be produced every time a developer pushes code to a source control repository.
Setup a web service behind an nginx reverse proxy
nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev. A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers.
Try an online OSINT tutorial
Tutorial
Open-Source Intelligence (OSINT) is the collection and analysis of data gathered from open sources to produce intelligence.
Try Burp Suite in your homelab
Burp Suite enables its users to accelerate application security testing.
Try vim
Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient. It is included as "vi" with most UNIX systems and with Apple OS X. It's widespread availability on UNIX systems means that it's worth knowing how to use it. Sometimes, it is all you'll have available.
Use Archi to draw a system diagram
Archi is the Open Source modelling toolkit for creating ArchiMate models and sketches. Used by Enterprise Architects everywhere.
Use Autopsy to analyse a disk image
Autopsy® is an easy to use, GUI-based program that allows you to efficiently analyze hard drives and smart phones. It has a plug-in architecture that allows you to find add-on modules or develop custom modules in Java or Python.
Use CyberChef to base64 encode and decode data
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.
Use CyberChef to ROT-13 data
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.
Use CyberChef to XOR data
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.
Use foremost for file carving
Foremost is a forensic data recovery program for Linux used to recover files using their headers, footers, and data structures through a process known as file carving.
Use Metapsloit to compromise a virtual machine
Metasploit is the world’s most used penetration testing framework.
Use sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Use volatility to perform memory forensics
The Volatility Framework is an open source memory forensics suite written in Python.
Work through the pwn.college labs
pwn.college is an education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion.
Write a CMakelists.txt to build a simple binary using CMake
CMake is an open-source, cross-platform family of tools designed to build, test and package software. CMake is used to control the software compilation process using simple platform and compiler independent configuration files, and generate native makefiles and workspaces that can be used in the compiler environment of your choice.
Write a daemon process on Linux
A daemon is a service process that runs in the background and supervises the system or provides functionality to other processes.
Write a script using The Sleuth Kit (TSK) to analyse a disk image
The Sleuth Kit® is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. It is used behind the scenes in Autopsy and many other open source and commercial forensics tools.
dpkt (Python)