Introduction:
Any IT graduate involved in IT security will need to be able to adapt and respond to unfamiliar and changing security threats and to evaluate and use new tools. To be capable in their profession, graduates need to be able to analyse, categorise and report on new threats and the procedures used to evaluate them.
The assignment:
Choose 1 only:
No more than 10 groups (of 1 or 2) will be permitted to work on the same topic. The process for nominating a topic will be announced on Blackboard.
1. Discover and document some deficiencies in a modern software system of your own choice.
2. Demonstrate and describe 10 small command-line tools used in Mac, Linux or Windows. Choose tools that are used by hackers and security testers.
3. Demonstrate and describe 4 medium-size security tools (such as Wireshark, nmap, Snort, SQLMap).
4. Demonstrate and describe the use of Volatility for conducting memory forensics.
5. Demonstrate and describe the use of Ida Pro for debugging, disassembling and reverse- engineering binary code.
6. Demonstrate and describe the use of Metasploit for the exploitation of vulnerable systems and services. Your work must include using Metasploit for detecting ROP gadgets and for generating payloads.
7. Demonstrate and describe the completion of 10 exercises
8. Demonstrate and describe the completion of 10 exercises
9. Demonstrate and describe the completion of 5 exercises
10. Demonstrate and describe the completion of multiple levels of DVWA (Damn Vulnerable Web App)
11. Demonstrate and describe the use of 5 tools from Samurai
12. Demonstrate and describe the completion of 10 challenges on OWASP Mutillidae II.
13. Compare and evaluate security products.
14. Lock down a PC connected to the internet.
15. Using scripts and web services, trace many (over 50) spam e-mails to their source.
16. Audit the memory management of a complex C or C++ program. You should use buffer- overflow detection software for this.
17. Design and test a home security lab.
18. Evaluate the potential vulnerabilities of a network-aware hardware or software product.
19. Prepare and test detailed instructions for modifying a game console.
20. Analyse and document some malware which you have caught.
21. Develop your own procedure (subject to approval by the convenor)
Attachment:- Assignment.rar