Slyr0x: The SecurityTube Python Scripting Expert (SPSE) aims to teach you how to apply the powerful Python language to security research, penetration testing and attack automation using a fully hands-on practical approach with a gradual learning curve. This course has something for everyone – from the novice to the expert user![i][/i]

1. What is the SPSE?

The SecurityTube Python Scripting Expert (SPSE) is an online certification which will help you gain mastery over Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administrators who want to learn to automate tasks or go beyond just using ready made tools. We will be covering topics in system security, network security, attacking web applications and services, exploitation techniques, malware and binary analysis and task automation.

A non-exhaustive list of topics to be taught includes:

Module 1: Python Scripting – Language Essentials
Module 2: System Programming and Security
Module 3: Network Security Programming – Sniffers and Packet Injectors
Module 4: Attacking Web Applications
Module 5: Exploitation Techniques
Module 6: Malware Analysis and Reverse Engineering
Module 7: Attack Task Automation
Module 8: Further Study and Roadmap
Module 9: Exam Pattern and Mock Exam

2. Course Syllabus

Module 1: Python Scripting – Language Essentials

Introduction to Interpreted Languages and Python
Data Types and variables
Operators and Expressions
Program Structure and Control
Functions and Functional Programming
Classes, Objects and other OOPS concepts
Modules, Packages and Distribution
Python in Linux and Unixes
Python in Windows
Python in Mobiles: iPhone and Androids
Python in Embedded Devices: Routers
Program Portability
Lab Exercises

Module 2: System Programming and Security

I/O in Python
File and Directory Access
Multithreading and Concurrency
Inter Process Communication (IPC)
Permissions and Controls
Case Studies
Lab Exercises

Module 3: Network Security Programming – Sniffers and Packet Injectors

Raw Socket basics
Socket Libraries and Functionality
Programming Servers and Clients
Programming Wired and Wireless Sniffers
Programming arbitrary packet injectors
PCAP file parsing and analysis
Case Studies
Lab Exercises

Module 4: Web Application Security

Web Servers and Client scripting
Web Application Fuzzers
Scraping Web Applications – HTML and XML file analysis
Web Browser Emulation
Attacking Web Services
Application Proxies and Data Mangling
Automation of attacks such as SQL Injection, XSS etc.
Case Studies
Lab Exercises

Module 5: Exploitation Techniques

Exploit Development techniques
Immunity Debuggers and Libs
Writing plugins in Python
Binary data analysis
Exploit analysis Automation
Case Studies
Lab Exercises

Module 6: Malware Analysis and Reverse Engineering

Process Debugging basics
Pydbg and its applications
Analyzing live applications
Setting breakpoints, reading memory etc.
In-memory modifications and patching
Case Studies
Lab Exercises

Module 7: Attack Task Automation

Task Automation with Python
Libraries and Applications
Case Studies
Lab Exercises

Module 8: Further Study and Roadmap

Course consolidation
Interesting project ideas to pursue

Module 9: Exam Pattern and Mock Exam

Exam format
Example Questions
Mock Exam

3. Is this Course for Novices or only for the Experts?

Short Answer: This is for both groups.

Long Answer: We have addressed the needs of both groups. Module 1 of the course is meant for students who have very little or no programming experience before. We go really slowly on the basics of the language so you can pick up the essential programming skills before venturing to the more difficult modules. Module 2 onwards, we concentrate on application of Python programming to the field of computer security. If you are already a proficient Python programmer, you could start directly from Module 2.

Slyr0x: The SecurityTube Python Scripting Expert (SPSE) aims to teach you how to apply the powerful Python language to security research, penetration testing and attack automation using a fully hands-on practical approach with a gradual learning curve. This course has something for everyone – from the novice to the expert user![i][/i]

1. What is the SPSE?

The SecurityTube Python Scripting Expert (SPSE) is an online certification which will help you gain mastery over Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administrators who want to learn to automate tasks or go beyond just using ready made tools. We will be covering topics in system security, network security, attacking web applications and services, exploitation techniques, malware and binary analysis and task automation.

A non-exhaustive list of topics to be taught includes:

Module 1: Python Scripting – Language Essentials
Module 2: System Programming and Security
Module 3: Network Security Programming – Sniffers and Packet Injectors
Module 4: Attacking Web Applications
Module 5: Exploitation Techniques
Module 6: Malware Analysis and Reverse Engineering
Module 7: Attack Task Automation
Module 8: Further Study and Roadmap
Module 9: Exam Pattern and Mock Exam

2. Course Syllabus

Module 1: Python Scripting – Language Essentials

Introduction to Interpreted Languages and Python
Data Types and variables
Operators and Expressions
Program Structure and Control
Functions and Functional Programming
Classes, Objects and other OOPS concepts
Modules, Packages and Distribution
Python in Linux and Unixes
Python in Windows
Python in Mobiles: iPhone and Androids
Python in Embedded Devices: Routers
Program Portability
Lab Exercises

Module 2: System Programming and Security

I/O in Python
File and Directory Access
Multithreading and Concurrency
Inter Process Communication (IPC)
Permissions and Controls
Case Studies
Lab Exercises

Module 3: Network Security Programming – Sniffers and Packet Injectors

Raw Socket basics
Socket Libraries and Functionality
Programming Servers and Clients
Programming Wired and Wireless Sniffers
Programming arbitrary packet injectors
PCAP file parsing and analysis
Case Studies
Lab Exercises

Module 4: Web Application Security

Web Servers and Client scripting
Web Application Fuzzers
Scraping Web Applications – HTML and XML file analysis
Web Browser Emulation
Attacking Web Services
Application Proxies and Data Mangling
Automation of attacks such as SQL Injection, XSS etc.
Case Studies
Lab Exercises

Module 5: Exploitation Techniques

Exploit Development techniques
Immunity Debuggers and Libs
Writing plugins in Python
Binary data analysis
Exploit analysis Automation
Case Studies
Lab Exercises

Module 6: Malware Analysis and Reverse Engineering

Process Debugging basics
Pydbg and its applications
Analyzing live applications
Setting breakpoints, reading memory etc.
In-memory modifications and patching
Case Studies
Lab Exercises

Module 7: Attack Task Automation

Task Automation with Python
Libraries and Applications
Case Studies
Lab Exercises

Module 8: Further Study and Roadmap

Course consolidation
Interesting project ideas to pursue

Module 9: Exam Pattern and Mock Exam

Exam format
Example Questions
Mock Exam

3. Is this Course for Novices or only for the Experts?

Short Answer: This is for both groups.

Long Answer: We have addressed the needs of both groups. Module 1 of the course is meant for students who have very little or no programming experience before. We go really slowly on the basics of the language so you can pick up the essential programming skills before venturing to the more difficult modules. Module 2 onwards, we concentrate on application of Python programming to the field of computer security. If you are already a proficient Python programmer, you could start directly from Module 2.