SecurityTube Python Scripting Expert Review

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
So I signed up today and just waiting for the information to start the course. Figured I'd start a thread and post my review of each module as I complete it. I know some would disagree with starting with programming on the path to security, but it's the area I am most worried about so I am doing the "face your fears" thing. Plus I want to complete a few certs prior to starting my Masters. Let the journey begin!
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
«13

Comments

  • contentproscontentpros Member Posts: 115 ■■■■□□□□□□
    I started this week on this course along with 2 others from my office. So far we are all enjoying the content. Vivek (the instructor) does a great job starting slow in module 1 and showing the basic concepts for working with python. If you are already a code monkey then module 1 may be kind of slow for you. If you have never written any code its a good pace. You may watch the first few videos and find yourself scratching your head but hang in there he does start to tie it all together in the later videos.

    If you are thinking about taking this course or waiting for your info to get started, the suggested environment used for the labs is Python 2.7 (and some work in python3) running on Ubuntu 11.10 server 64-bit. So if you are in a holding pattern waiting for your info you may want to download Ubuntu server and get it patched and configured. You can use Backtrack or any other environment but if you run 11.10 server the paths and such used in the video should all be the same.

    I only have watched the module 1 videos so far and we just received the download link for modules 4-9 this morning. So far the experience has been good.

    Hope this helps,

    ~CP
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Awesome, thanks for the info! So all the programming is done in the command line?
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • onesaintonesaint Member Posts: 801
    I picked up the course as well and watched the intro. Haven't had time to watch the rest. I'm hoping to do it over lunch for the next month or two. I'm looking forward to all the comments and reviews.
    Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
    Next up: eventually the RHCE and to start blogging again.

    Control Protocol; my blog of exam notes and IT randomness
  • afcyungafcyung Member Posts: 212
    the_Grinch wrote: »
    Awesome, thanks for the info! So all the programming is done in the command line?

    Its done in VIM.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Got an email this morning with all the needed information. Will begin the course on Monday!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • afcyungafcyung Member Posts: 212
    I like it so far. Only a few videos into mod 1. I know nothing about computer languages and I am able to keep up and understand why the language works the way it does.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I agree with afcyung, I have a limited knowledge of python, but got through the first two videos and can already tell that I won't have an issue following along. Just need to get my development environment up and running...
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I signed up for this too although I haven't really started yet. I did look at the first video in the first module and I just got my Ubuntu 11.10 environment up so I can exactly follow along with the instructor. Whether I'd go for the cert is debatable, but having a structured video tutorial seems like a natural for for the subject.

    For those who haven't signed up, I believe the individual videos will be released for free over time.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    Thanks for the heads up everyone, definitely sounds like something I would want to do in the future.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I also want to note that is accent gives the training a distinct advantage. I find that he paces himself extremely well, which makes learning and following very easy.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Completed two more videos in Module 1 and he is very through in his coverage thus far. Very happy I picked up this course, but definitely going to be some work involved once I get onto the other modules. Setting up the environment was very easy, though it is probably best to set it up in bridge mode so it gets assigned a reachable ip. So far so good though!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • JinverarJinverar Member Posts: 95 ■■■□□□□□□□
    The_Grinch - I picked up this course also. I took your recomendation and completed up to day 4 of the udacity course. I also completed the LPTHW before beginning. I seem to be able to grasp onto python unlike other languages. That makes me so happy. I also have some ruby, and ruby on rails The main thing for me is practice right now. I don't think I would have found this course without your signature block.
    Jinverar, TSS
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    Thanks for the information!
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Happy to help! I need to get back into study mode and start moving along with this.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • onesaintonesaint Member Posts: 801
    I'm seriously with you on that, Grinch.

    The new job has me streched a bit thin right now though. Jeeze, always so much to do, 'eh? And my Sec+ & VCP classes start at the end of August! icon_study.gif
    Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
    Next up: eventually the RHCE and to start blogging again.

    Control Protocol; my blog of exam notes and IT randomness
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Yup, it is funny how quickly life and work gets in the way!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_hutchthe_hutch Banned Posts: 827
    Okay, I think I'm officially going to start this next week after I take CISSP. Enrolling now to get the study material. I figure this will a good way to keep my mind occupied during the the three to four weeks of waiting to find out if I passed.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Yeah, my goal is to complete this and then move onto OSCP. Hopefully those two will get me out of the support desk!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_hutchthe_hutch Banned Posts: 827
    the_Grinch wrote: »
    Yeah, my goal is to complete this and then move onto OSCP. Hopefully those two will get me out of the support desk!

    That's pretty much my goal too. It seems like the three things that people keep saying are helpful for OSCP are Bash, Python and Assembly.

    I know bash inside and out. So I'm not worried about that at all. So I'll use this for python and there is also a free primer on securitytube for Assembly. Does anyone happen to know anything about the format of the exam? Had trouble finding specific details on the securitytube site.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    If you login to the student portal, module 9-01 is Exam Pattern and Mock Exam ;)
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_hutchthe_hutch Banned Posts: 827
    It will probably be a few days until I have access. The only thing I'm wondering, is...hands-on practical or multiple choice?
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Most definitely hands on, pretty sure he gives you a program to write.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_hutchthe_hutch Banned Posts: 827
    Awesome...that's what I wanted to hear
  • the_hutchthe_hutch Banned Posts: 827
    So I just finished all the videos in the first module. I have to say, I'm hooked. I'm very excited to start getting into the actual security implementations. How's progress going for everyone else?
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,746 ■■■■■■■■■■
    How are you guys liking the course so far? Does the accent make the videos difficult to listen to?
  • the_hutchthe_hutch Banned Posts: 827
    Just finished module 3 of 10. Still loving the course. There has not been a single time that I have had difficulting understanding him (and I personally hate dealing with outsourced helpdesks). If anything, it amuses me. I think the part I get the biggest kick out of is that he uses the phrase "curly bracket" (in his indian accent) instead of saying parenthesis.

    First two modules, you don't do much security stuff. Mostly just python fundamentals. But in module three, things have really taken off. Best thing about module three is integrating scapy into python script. This allows you to build and inject packets into a network based on conditional circumstances. I can now write all kinds of scanning tools, man in the middle arp poisoning tools, syn flood tools, smurf and fraggle tools, TCP session hijacking tools, and many others. All of this, based on what I learned in module 3. However, to be clear...he DOES NOT teach you how to program most of the tools that I just mentioned. He teaches you how to integrate packet injection into script. You are going to need a basic understanding of how most packet based attacks work (I learned everything I needed to know here in CEH...and much of it is covered in Sec+ too). Then you have to know how to apply it.

    For example, you need to know that to make a MITM attack, you need to spoof ARP reply packets to your two victims. Or for a syn flood, that you need to select an open TCP port and then continually blast that port with SYN requests from different client addresses, recieve the SYN ACK, but then leave the connection half-open without sending the subsequent ACK reply.

    But once you learn how to inject packets at will, or based on circumstance...the sky is the limit. And once again...I just finished module 3. Can't wait to see what else is in store.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    His accent is actually an advantage I think. It forces him to speak slowly which allows you to follow better then if a native english speaker were giving the course. Or at least that's my opinion anyway.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • Killj0yKillj0y Member Posts: 39 ■■□□□□□□□□
    These are good reviews for the course. I am excited. I am going to sign up in two weeks. I did want to ask and I apologize if this was answered already, what version of python do you guys work in? 2.65, 2.7, 3, 3.1?
    Certifications: GPEN, SMFE, CISSP, OSCE, OSCP, OSWP, Security+, CEHv6, MCSE+Sec:2003
  • datschmodatschmo Member Posts: 59 ■■□□□□□□□□
    Killj0y wrote: »
    I did want to ask and I apologize if this was answered already, what version of python do you guys work in? 2.65, 2.7, 3, 3.1?

    Suggested environment was 2.7 with some work in 3.
  • Killj0yKillj0y Member Posts: 39 ■■□□□□□□□□
    Thanks for the heads up. That should work.
    Certifications: GPEN, SMFE, CISSP, OSCE, OSCP, OSWP, Security+, CEHv6, MCSE+Sec:2003
Sign In or Register to comment.