Python for Security Professionals Review (Cybrary.it)
This is my review of the Cybrary.it course, Python for Security Professionals, by Joe Perry. For starters, I really appreciate the Cybrary.it model, the lessons are all free and you can purchase a certificate of completion (which could help validate the 15 CPEs the course is worth, if you need to justify that type of thing) if you want at the end. However, the entire site model is interesting in that you can "complete" any of the courses (lol in fact, I've "completed" all the courses), and purchase the relevant certificate, without ever having clicked any of the video links. That seemingly large security mistake kind of invalidates the certificates, as anyone can obviously say the've completed the course and have the certificate without having done so. All of that aside, I love the idea of free education material and we will now be delving into the content of the Python for Security Professionals course. Like my other reviews, I'm going to go over the material and recommend this based on your experience and time commitment. The course contains 10 hours of video content, which are pretty decent especially if you are trying to learn Python from scratch, but slightly less so if you are trying to learn the nuances of Information Security. All of the modules are video focused, but come with PDFs of slides, activities in python programs, and the completed solutions to the activities in python programs. Overall, the first four modules are very basic and mostly just cover programming in python vs security specific tasks. Another issue is that currently all of the videos are pretty blurry and it's hard to read the code / command line used in the video series. For this reason you have to watch the videos in HD, however they address this in the comments and mention how they will soon be re-releasing the videos in a higher resolution. At the end of the weekend, I'd recommend this course to someone who is trying to learn Python from scratch with an Information Security focus, but for someone with more of a background in Python, I would actually recommend a text more like Black Hat Python, for more of an Information Security focus. That said, even if you are experienced with Python and Information Security, you may find the last two modules interesting (The Packet Gathering Module and the Info Gathering Module).
The first module, Intro and Setup, is pretty basic and be easily skipped if you have any prior Python experience. Here he goes over how to setup and install Python, as well as why it's a good language for rapid prototyping and security professionals.
The next module, Apprentice Python, is also very basic and still doesn't touch on anything security related. This module is all about basic usage and arithmetic in Python. There is also a stumbling block in the second video, as it's a little odd when he googles for solutions and then reads stack overflow during the tutorial.
The Journeyman Python module is interesting, but still doesn't delve into anything necessarily Information Security specific. In this module he talks a lot about networking protocols and RFCs that govern these. These modules are interesting in that they are informative, but fairly incomplete in the information they relay, a good example of this would be when he starts talking about ports and protocols he doesn't differentiate which transport protocol the application protocols are traveling over, despite discussing the differences between the TCP and UDP transport protocols. In this chapter you are shown you how to connect to arbitrary TCP ports, which could be useful for banner grabbing. The last activity in this module shows you how to listen to a TCP port and thus create your own arbitrary file server, however these lack really any security controls.
With Advanced Python he covers ctypes, regular expressions, multi-threading, and finally fuzzing. The multi-threading exercise in this module is pretty interesting, but still nothing really advanced, just a quick launching of multiple independent threads (vs something that has to consider deadlocks). The fuzzing section is also pretty interesting as this can be a core Information Security technique, so I appreciate the videos for Slides part 3, jperry even alludes to a buffer overflow in this video. Unfortunately, he also says fairly uneducated things like fuzzing and password cracking are similar in theory (the technique of bruteforce may be similar, but that hardly scratches the theory involved in either subject) or that writing a password cracker is against the CFAA, which is certainly false as industry professionals use password cracking all the time in penetration testing (trafficking hacked information or the actual act of hacking another person's system is illegal, not writing a password cracker). In this module's activities he also writes a fairly insecure file server implementation. I say it's insecure not because it lets you arbitrary read / write to an entire drive, but because it uses no authentication or encryption to protect the communications, meaning anyone could trivially hijack your fileserver activities.
Packet Analyzer module is where things get really cool. In part two, jperry starts implementing an IP protocol parser and demonstrates bitwise manipulation to read exact fields out of the protocol. This is a pretty awesome tutorial for writing a network protocol parser in Python and something I would truly call Python for Security Professionals. I recommend this section for those interested in getting a more in depth handle of protocols and automated parsers.
The Info Gathering module is also really interesting, as here jperry writes a quick post-exploitation RAT in Python for Windows. This is excellent and where the class really starts digginging into the Python applied to security specific applications. I really like where he uses python to parse the Windows registry key values, this is super useful for various security applications. Overall, I think this is a pretty good Python for Security Professionals video. This module also covers most of the content from the Post Exploitation Hacking course in this script. I recommend this module for moderately experienced hackers looking to start writing their own implants.
Overall, the modules were well done and I appreciate the relaxed approach of the course and exercises. That said, I think the whole course is great for someone trying to learn Python from scratch, however if you already are a novice Python / Information Security enthusiast you should checkout something more like Black Hat Python, and even if you are well versed with Python and Information Security you may find the last two modules interesting. As for Cybrary.it, I really appreciate what they are doing with free education, I think this is a great program and it deserves a lot of support, however I don't think the certifications are worth anything, based on the lack of business-logic security preventing anyone from just acquiring the certificates without having to go through the courses.
The first module, Intro and Setup, is pretty basic and be easily skipped if you have any prior Python experience. Here he goes over how to setup and install Python, as well as why it's a good language for rapid prototyping and security professionals.
The next module, Apprentice Python, is also very basic and still doesn't touch on anything security related. This module is all about basic usage and arithmetic in Python. There is also a stumbling block in the second video, as it's a little odd when he googles for solutions and then reads stack overflow during the tutorial.
The Journeyman Python module is interesting, but still doesn't delve into anything necessarily Information Security specific. In this module he talks a lot about networking protocols and RFCs that govern these. These modules are interesting in that they are informative, but fairly incomplete in the information they relay, a good example of this would be when he starts talking about ports and protocols he doesn't differentiate which transport protocol the application protocols are traveling over, despite discussing the differences between the TCP and UDP transport protocols. In this chapter you are shown you how to connect to arbitrary TCP ports, which could be useful for banner grabbing. The last activity in this module shows you how to listen to a TCP port and thus create your own arbitrary file server, however these lack really any security controls.
With Advanced Python he covers ctypes, regular expressions, multi-threading, and finally fuzzing. The multi-threading exercise in this module is pretty interesting, but still nothing really advanced, just a quick launching of multiple independent threads (vs something that has to consider deadlocks). The fuzzing section is also pretty interesting as this can be a core Information Security technique, so I appreciate the videos for Slides part 3, jperry even alludes to a buffer overflow in this video. Unfortunately, he also says fairly uneducated things like fuzzing and password cracking are similar in theory (the technique of bruteforce may be similar, but that hardly scratches the theory involved in either subject) or that writing a password cracker is against the CFAA, which is certainly false as industry professionals use password cracking all the time in penetration testing (trafficking hacked information or the actual act of hacking another person's system is illegal, not writing a password cracker). In this module's activities he also writes a fairly insecure file server implementation. I say it's insecure not because it lets you arbitrary read / write to an entire drive, but because it uses no authentication or encryption to protect the communications, meaning anyone could trivially hijack your fileserver activities.
Packet Analyzer module is where things get really cool. In part two, jperry starts implementing an IP protocol parser and demonstrates bitwise manipulation to read exact fields out of the protocol. This is a pretty awesome tutorial for writing a network protocol parser in Python and something I would truly call Python for Security Professionals. I recommend this section for those interested in getting a more in depth handle of protocols and automated parsers.
The Info Gathering module is also really interesting, as here jperry writes a quick post-exploitation RAT in Python for Windows. This is excellent and where the class really starts digginging into the Python applied to security specific applications. I really like where he uses python to parse the Windows registry key values, this is super useful for various security applications. Overall, I think this is a pretty good Python for Security Professionals video. This module also covers most of the content from the Post Exploitation Hacking course in this script. I recommend this module for moderately experienced hackers looking to start writing their own implants.
Overall, the modules were well done and I appreciate the relaxed approach of the course and exercises. That said, I think the whole course is great for someone trying to learn Python from scratch, however if you already are a novice Python / Information Security enthusiast you should checkout something more like Black Hat Python, and even if you are well versed with Python and Information Security you may find the last two modules interesting. As for Cybrary.it, I really appreciate what they are doing with free education, I think this is a great program and it deserves a lot of support, however I don't think the certifications are worth anything, based on the lack of business-logic security preventing anyone from just acquiring the certificates without having to go through the courses.
