https://www.udemy.com/course/hands-on-network-security-basics

Learn the code idea of cybersecurity network defense : day 1 training material

What you'll learn: 

how to analyze malicious traffic

practical network layering for troubleshooting

Python scapy to analyze typical network attacks

how to analyze routing/filtering issues

Requirements:

CCNA completion or equivalent network knowledge

Linux basics

basic programming skills

Description:

2022/06/17  Working on fixing subtitles.

NEXT update (subject to change): DNS tunneling, SSH intercept, SMPT file carving with Scapy

Disclaimer

All videos, tutorials and attachments are for informational and educational purposes only.

All videos have been made using my own resources in closed, isolated environment. I do not promote, encourage, support any illegal activities.

The author will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this course to break the law.

Hands-on Network Security Basics

This course is essential training for someone who wants to learn network security.

Everything in this course is based on real-world questions that I collected /arranged for days one, two, or three of network security training. So even if you think this course is too easy for you, you can still use this as training material for your team.

Also, I put priority on dealing with time-tested attack vectors that constantly revive. Threats would not suddenly come alive. Instead, most of them were remodeled and disguised as new.     

contents at a glance (*contents will updated/added without prior notice)

Scapy pcap analysis

Scapy pcap replay (UDP)

ARP scan detection with Scapy

Routing/ Traffic filtering issue analysis and correction in Docker environment

Covert tunneling analysis 

Scapy TCP client vs Web Application Firewall

javascript mini challenge (first step to Browser automation) 

Template Text parser(Python TTP) for Network Security

----------------------------------------------

ARP traffic investigation 

+ Datalink layer

Routing/ packet filtering challenge

+Network layer

HTTPS decryption/ interception

+ Trans-App layer

Web Application Firewall

+ Wrap up practice

VPN fundamentals (ssh tunneling/split-tunneling)

+  Trans-App layer

Logs and security device config files analysis

+  Python ttp and Jinja2 : convert semi-structured data to 2 dimensional dataset

----------------------------------------------

how I made this course:

collected half-answered or unanswered network security-related questions from famous tech QA sites, security vendors' community sites and Github issues.

picked easy to intermediate ones

made complete answers to them (really time-consuming!)

arranged QAs so we can replicate the issues individually (insanely time-consuming!)

intended audience :

Software developers who usually don't handle NW security problems

Customer Success engineers who want to analyze NW security problems quickly in an isolated environment

NW engineers who are having a hard time understanding weird NGFW UTM /Sandbox alerts

what we're going to do:

Generate malicious traffic using popular tools and feed that traffic to pcap analysis tools to see how they analyze the traffic.

Play with Brim ( pcap analysis tool powered by Zeek and Suricata with SEIM-like searching interface).

learn practical network layering for troubleshooting

code Python scapy to analyze layer two attack

solve real-world routing/filtering issues in Docker environment

analyze typical covert tunneling methodologiesWho this course is for:software developers who usually don’t handle NW security problemsCustomer Success engineers who want to analyze NW security problems quickly in an isolated environmentNW engineers who are having a hard time to understand weird NGFW UTM /Sandbox alerts

Who this course is for:

software developers who usually don’t handle NW security problems

Customer Success engineers who want to analyze NW security problems quickly in an isolated environment

NW engineers who are having a hard time to understand weird NGFW UTM /Sandbox alerts