Introduction to Python Scripting
This course introduces participants to the Python programming language in a security context. Participants are shown core Python language structures before applying these to security problems. Key libraries are introduced, along with common design patterns for security applications.
Topics covered include:
- Algorithm design
- Core Python coding syntax
- Basic security applications of Python
- Collaboration strategies for rapid prototyping
*Note: This is not an introductory programming course. Participants are assumed to be familiar with algorithmic design and to have some experience in a different programming language.
On completion of this course, participants should be able to:
- Understand algorithm design methods.
- Understand and write basic code using the core Python syntax.
- Understand how to use Python libraries and import packages.
- Use Python to write code for botnet, scanner database and exploit creation.
- Understand how Python can be utilised to automate network security processes.
Course Day Breakdown
Algorithms and Computation
Day 1 begins with a general introduction to Python programming language using the Python Interpreter. Students will be given the core syntax and will start using Python to implement a variety of general programming tasks in the labs.
Basic Python, Functions, Control Flow Modules, Algorithms and Computation, Computational Complexity Theory, Math Operations, Strings, Loops.
Python Coding Syntax
The session continues with Python Syntax, giving an overview of Python lists, tuples, sets and dictionaries. Students will gain an understanding about complex data types native to Python and learn about common file related APIs. We will also look at exception handling, file handles and descriptors used to access files.
Data Types, Files, Exception Handling, List Operations, Iterating, File Pointer Operations, Serialisation, Pickling, Exceptions.
Basic Security Applications of Python
Day 3 will cover the OS Python module, process management and command execution. We will also look at the socket interface in Python and connecting using either UDP or TCP. Student will gain an understanding of the basic concepts of classes, objects and syntax for Object Oriented Programming.
Interacting with the OS, Executing Subcommands, Directories, Sockets and Networking, Object Oriented Programming, Constructors, Shared Data, Inheritance.
Day 4 & Day 5
During the final 2 days of the course students will gain hands on experience through a series of practical lab based group and individual exercises. Student will deliver short presentations outlining the work they have produced and will receive constructive feedback.
Introduction to Object Oriented Theory, Writing a Scanner Database, Writing Objects, Converting Existing Code to Object Oriented, pwntools demo, Exploit Development, Writing a botnet.
Who Should Attend
People who are somewhat familiar with programming, but have no experience of the Python programming language.
What You Will Receive
- Comprehensive set of course notes.
- UNSW Canberra certificate of attendance.
- Morning tea, lunch and afternoon tea.
NICE Framework Mapping
This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):
K0139: Knowledge of interpreted and compiled computer languages.
K0202: Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
S0060: Skill in writing code in a currently supported programming language (e.g., Java, C++).
S0172: Skill in applying secure coding techniques.
A0030: Ability to collect, verify, and validate test data.
What is the NICE Framework?
The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.
To find out more about the NICE Framework, go to: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework
UNSW Canberra Cyber
UNSW Canberra Cyber is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.
The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.
Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.
Contact us at firstname.lastname@example.org to discuss how.