SecurityTube Python Scripting Expert Course Review (SPSE)
Hey Guys! I've been taking securitytube.net's Python Scripting Expert Course lately (SPSE for short), and thought I would write a quick review of the course before I go for the certification it offers at the end. The videos can be cheap, giving you access for as little as $39, however with the certification the course can cost $250, which seems a bit pricy! When you register for the course, there is also an odd 24-48 hour delay from payment to receiving the video packages. However, this course is epic, it dives deep into the details of the python language, providing a solid computer science background for the many security focused tasks it puts before the students. Some critique that Vivek (the course instructor), has a thick Indian accent that makes the lessons hard to understand, however I disagree and had no problems with his speech. There are 9 modules, with roughly 6-10 videos each, however the videos are short, ranging from 6-20 minutes, ultimately totaling only a few hours of video. Vivek spends a lot of time guiding the users through programs, and then assigns difficult tasks based on the lessons learned in the guided programs at the end of every video. Overall, I highly recommend this series for both those looking to learn python, improve their python game, and get deeper into the details of computer security engineering. Basically, I would suggest this video guided python course over the Cybary.it course I reviewed last time. Personally I think, if your familiar with Python then it should be easy to skip the first and second modules, however I had fun going over them. That said, the later modules are challenging and fun, taking common security tasks and guiding you to implementing them yourself in a variety of different ways. I've included the syllabus bellow for those interested in the course material:
Module 1: Python Scripting – Language Essentials
Introduction to Interpreted Languages and Python
Data Types and variables
Operators and Expressions
Program Structure and Control
Functions and Functional Programming
Classes, Objects and other OOPS concepts
Modules, Packages and Distribution
Python in Linux and Unixes
Python in Windows
Python in Mobiles: iPhone and Androids
Python in Embedded Devices: Routers
Program Portability
Lab Exercises
Module 2: System Programming and Security
I/O in Python
File and Directory Access
Multithreading and Concurrency
Inter Process Communication (IPC)
Permissions and Controls
Case Studies
Lab Exercises
Module 3: Network Security Programming – Sniffers and Packet Injectors
Raw Socket basics
Socket Libraries and Functionality
Programming Servers and Clients
Programming Wired and Wireless Sniffers
Programming arbitrary packet injectors
PCAP file parsing and analysis
Case Studies
Lab Exercises
Module 4: Web Application Security
Web Servers and Client scripting
Web Application Fuzzers
Scraping Web Applications – HTML and XML file analysis
Web Browser Emulation
Attacking Web Services
Application Proxies and Data Mangling
Automation of attacks such as SQL Injection, XSS etc.
Case Studies
Lab Exercises
Module 5: Exploitation Techniques
Exploit Development techniques
Immunity Debuggers and Libs
Writing plugins in Python
Binary data analysis
Exploit analysis Automation
Case Studies
Lab Exercises
Module 6: Malware Analysis and Reverse Engineering
Process Debugging basics
Pydbg and its applications
Analyzing live applications
Setting breakpoints, reading memory etc.
In-memory modifications and patching
Case Studies
Lab Exercises
Module 7: Attack Task Automation
Task Automation with Python
Libraries and Applications
Case Studies
Lab Exercises
Module 8: Further Study and Roadmap
Course consolidation
Interesting project ideas to pursue
Module 9: Exam Pattern and Mock Exam
Exam format
Example Questions
Mock Exam
But like I always say, it's all about the code. Which is why I've been documenting my progress and small scripts in an open github repo to help others with template code. It's a fun little repo and I hope others will contribute comments and more template code. I will check back in when I have passed the certification, but in the mean time keep your eyes on the repo and here is my favorite sample video from the course:
Module 1: Python Scripting – Language Essentials
Introduction to Interpreted Languages and Python
Data Types and variables
Operators and Expressions
Program Structure and Control
Functions and Functional Programming
Classes, Objects and other OOPS concepts
Modules, Packages and Distribution
Python in Linux and Unixes
Python in Windows
Python in Mobiles: iPhone and Androids
Python in Embedded Devices: Routers
Program Portability
Lab Exercises
Module 2: System Programming and Security
I/O in Python
File and Directory Access
Multithreading and Concurrency
Inter Process Communication (IPC)
Permissions and Controls
Case Studies
Lab Exercises
Module 3: Network Security Programming – Sniffers and Packet Injectors
Raw Socket basics
Socket Libraries and Functionality
Programming Servers and Clients
Programming Wired and Wireless Sniffers
Programming arbitrary packet injectors
PCAP file parsing and analysis
Case Studies
Lab Exercises
Module 4: Web Application Security
Web Servers and Client scripting
Web Application Fuzzers
Scraping Web Applications – HTML and XML file analysis
Web Browser Emulation
Attacking Web Services
Application Proxies and Data Mangling
Automation of attacks such as SQL Injection, XSS etc.
Case Studies
Lab Exercises
Module 5: Exploitation Techniques
Exploit Development techniques
Immunity Debuggers and Libs
Writing plugins in Python
Binary data analysis
Exploit analysis Automation
Case Studies
Lab Exercises
Module 6: Malware Analysis and Reverse Engineering
Process Debugging basics
Pydbg and its applications
Analyzing live applications
Setting breakpoints, reading memory etc.
In-memory modifications and patching
Case Studies
Lab Exercises
Module 7: Attack Task Automation
Task Automation with Python
Libraries and Applications
Case Studies
Lab Exercises
Module 8: Further Study and Roadmap
Course consolidation
Interesting project ideas to pursue
Module 9: Exam Pattern and Mock Exam
Exam format
Example Questions
Mock Exam
But like I always say, it's all about the code. Which is why I've been documenting my progress and small scripts in an open github repo to help others with template code. It's a fun little repo and I hope others will contribute comments and more template code. I will check back in when I have passed the certification, but in the mean time keep your eyes on the repo and here is my favorite sample video from the course: