CYBE230 Lab 12 - Capstone
A final capstone project where we are given a very vulnerable machine, and need to find the issues while describing potential fixes
A final capstone project where we are given a very vulnerable machine, and need to find the issues while describing potential fixes
Sending logs off to a centralized logging server, and monitoring for malicious looking traffic
Setting up virtual tunnel with SSH, creating system firewalls with UFW, and setting up an openVPN server on pfsense
BUilding a Django web server to demonstrate the vulnerabilities of modern web applications
Building a LAMP web server, and learning about older web vulnerabilities
Creating a basic mail server that can send and receive email between classmates
Setting a centralized directory service for Linux systems
Taking a dive into the distributed networking ideas of DNS, and issues that arise with it.
Creating a network firewall to secure the traffic coming to and from our network
Taking a looking at how users and permissions in Linux work, and testing out common network analysis tools.
Installing a headless server, and using the Linux file system all from the command line!
This lab goes over the basic usage of creating a VM, inside ESXI
The last part of the final project where we had to attack other networks and get into the systems that had been secured by other students
The second part of the final project where we used the information gathered in the last lab to remediate systems
The beginning of the final project where we conduct a penetration test on a set of systems
We use a de-fanged Mirari malware to infect a network of IoT devices to create our own mini-botnet
Using information gathered to exploit the human vulnerability in systems
Showing how important physical security is, and ways to exploit physical access
Using the OWASP pre-made web applications as victims for web exploitation
Discovering vulnerabilities on systems, and then taking steps to fix the issues found
Taking hashes from compromised systems and using them in various ways to gain access to other systems
Taking first steps into finding a vulnerability and exploiting it to get a foothold
Scanning and enumerating a network to find potential services to target
Looking at OSINT and recon that can be used to gather information about a target
In the last Cyber Defense Competition, a major exploit tool PwnKit was used to gain access. Here is how I fixed it for this competition, and watched red team...
My experience with the John Deere event that brought in students from around the country to test the security of John Deere equipment
Talking about my summer internship at John Deere at halfway through
A short post about my team’s “strategy” for the Cyber Defense Competition when on an extreme time crunch