5 Things in 20 Minutes: Session notes from SANS New2Cyber Summit 23rd March 2022

The opening keynote in this free summit from SANS was by James Lyne. James is the Chief Technology Officer, SANS Institute. What really intrigued me was that he had the session pre-recorded. Timed. And it told us how many hacks we will hear about in that time. Opening ports with netcat and using it as a backdoor. https://cyberstart.com/ to practice cyber security- (PS: Ideas for labs???) Client side code execution, and use the tab called terminal. Look at the code, understand the function and try to use those functions one by one Wget to download files fro internet instead of using browsers Possible lab: Bruteforce a password by using a wordlist from github Have we covered github in our basics?? Fcrackzip a brute forcer for zip files (download a word list file consisting of passwords and run brute force attack) This connects with data leaks Grep- lets us search for content or exclude content Automating the brute force by a simple shell script If you want to know how fast or slow a language is, try to write the same program in C, python and shell. C being the low level language, will be soooper fast! But it can be easily detected by the defenders as well. I wonder what kind of HTTP headers are being sent by the client. SO! A machine with that shell script and a web server → learners will analyze the packer capture and they will analyze the web server logs as well