The course gives a professional and academic introduction to computer and information security using the ethical hacking approach, which enables improved defence thanks to adopting an attacker mindset when discovering vulnerabilities, hands-on experience with different attacks, facilitates linking theory and practice in significant areas of one’s digital literacy, and can therefore be utilized by (future) security professionals, (informed) decision-makers, (savvy) users and developers alike.
1. ETHICAL HACKING
COURSE PROPOSAL*
2016-06-03 (YYYY-MM-DD)
version 0.2
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
JAKUB RUZICKA
linkedin.com/in/littlerose
jameslittlerose@gmail.com
* I’m currently working on the course offering
in 2016/2017 and looking for collaborators
(do not hesitate to drop me a line!)
4. ANNOTATION
The course gives a professional and academic introduction to computer and
information security using the ethical hacking approach, which enables
improved defence thanks to adopting an attacker mindset when discovering
vulnerabilities, hands-on experience with different attacks, facilitates linking
theory and practice in significant areas of one’s digital literacy, and can
therefore be utilized by (future) security professionals, (informed) decision-
makers, (savvy) users and developers alike.
6. INTENDED LEARNING OUTCOMES
Upon completion of the course, the students will:
■ be introduced to (both theory and practice of) common computer and information security
vulnerabilities in their interdisciplinary nature
■ be able to perform basic penetration testing tasks (as defined by pentest-standard.org) using
software tools and their own program code
■ understand the broader context of cybersecurity (macro level), the wide range of related topics
for further self-driven education and/or professional /academic specialization, and become
savvier ICT users and developers (micro level)
■ perceive ethical hacking as a ‘problem-discovery’ and ‘problem-solving’ tool (as opposed to
‘problem-creating’ tool)
7. INTENDED LEARNING OUTCOMES
Upon completion of the course, the students will not:
■ become computer security experts (however, you will be able to have a technically competent talk
with a computer security expert and/or know what to ask as a client)
■ become expert hackers and/or expert penetration testers (however, you will acquire enough skills
to find, test and fix common basic computer security threats and know what to do next to grow)
■ take ‘it is secure’ for an answer (you will want to know how/when/where/why it is secure and
how/when/where/why it is not)
■ perceive the ‘ethical’ in ‘ethical hacking’ as needless =) (at the first lecture of our course,
following the example of similar courses, we will sign a mutual agreement regarding the
conditions under which the course is taught, how to ethically and legally use your knowledge and
skills, and what is /is not ok)
9. ENTRY REQUIREMENTS
As this should be an introductory-level course, we’ll stick to the higher-level overview and a breadth of topics (as opposed to depth
/specialization, which, in turn, will be part of your final projects). We believe that anyone with enough determination, motivation and willingness
to work hard (it's worth it!) can learn anything and make great progress (khanacademy.org/youcanlearnanything). Therefore, we welcome
anyone with and without prior computer security interest /experience or programming experience; visiting and domestic students; students
inside and outside the Faculty of Information Technology (we’d love to see collaboration of students across various disciplines); students who
intend to pass the final exam and those who just want to expand their knowledge (a diverse community is stronger and more vibrant). We’ll
attempt to accommodate you by making the curriculum easy to understand (while leaving it factually correct), teaming up more experienced
and less experienced students, individual consultations, and referring to open educational resources suitable for meeting necessary
prerequisites or for one’s goal-directed knowledge expansion. That said, motivated ICT beginners who want to pass the course (as opposed to
just auditing it) should (naturally) be ready to invest a significant part of their time in their personal development. Basic knowledge of computer
science (any introductory course /professional experience /...), user knowledge of computer devices, common operating systems, possibly also
network protocols (the very basics), and developer /practical experience with any programming language and/or any database management
system (and a taste for learning new syntax, technologies, specifications, ...)* can reinforce course participants’ protection against being
overwhelmed during the semester.
* All of these (and much more) can be reviewed using online open educational resources even before the course begins.
We also plan to organize an information meeting for anyone interested in taking this course.
Note: Course vacancies might be, free of charge, offered to the general public
including but not limited to employees, freelancers, high school students, individuals
on parental leave, senior citizens, and so on.
11. EXAMINATION
Project defence of teams consisting of (roughly) 3 students in the form of performing a
penetration test in a (small and prearranged) organization*, which will be developed
continuously during the whole semester (you should be able to handle the next logical
step of the project after each of our f2f sessions), and which will be assessed by course
lecturers and your client alike. The penetration test is expected to cover the main course
topics with a specialization of each team member on a particular area she/he finds most
meaningful with regards to her/his goals (it’ll be discussed with her/him during the project
defence and also ensures individual contributions of all members of a team).
* You will need to sign an agreement there (pentest-standard.org/index.php/Pre-engagement)
for both your and the company’s protection. Even though neither (pun intended) contracting
party will be financially remunerated, it’s a great way to get your first professional contact and/or
recommendation.
12. EXAMINATION
Evaluation criteria:
20% research around the infrastructure of an organization and possible
attack vectors (background and theory)
40% vulnerability analysis and exploitation (analyses, assessment,
documentation, methodology, tools used, program code, raw data)
20% suggested measures (technical as well as regulatory /policies)
20% executive summary, presentation, answers to questions
The course is graded A (≥90%), B (≥70%), C (≥60%), or D (<60%). A, B or C is needed to pass the course. In accordance with the
examination regulations of Charles University in Prague (cuni.cz/UKEN-121-version1-cu__studyexam_7thcode.pdf), you have the
right to two resit dates (i.e., max three project defences in total).
13. MOTIVATION
■ improve your skills and translate theory into practice
■ gain confidence but also appreciate the huge amount of areas where one could/should build up
her/his expertise
■ put a successful project on your resume and earn a professional contact who can recommend
you
Note: It’s important to get the job done and it doesn’t matter (too much) which tools you use. Even
though it’s possible (and understandable) that you might tend to use the same procedures and
methods you’ve seen at the lectures, students’ /teams’ own research and testing tailored to the needs
and infrastructure of a particular organization is expected. It’s not assumed that your (likely ‘first ever’)
report will be perfect (nor that you’ll discover a zero-day vulnerability =)). However, it should be
apparent that you’ve tried hard (everything from the course and beyond it, based on your own
research). Moreover, thanks to your client’s questions, the project defence will, in a natural manner,
also cover the theory and the broader cybersecurity context (practical experience with explaining
computer security to a non-expert audience).
15. F2F BLOCK TEACHING SESSIONS
■ interactive* /live /real-time rather than ‘scripted’ lectures (semi-formal discussion and on-time explanation of a concept)
including hands-on tutorials /labs
■ short intros /’sketches’ by the lecturers (an attacker vs. a user or a defender)
■ going from the micro level (a specific vulnerability) to the macro level (corporate /national /international)
■ beginning with a particular technology /device /another entity (essential background theory, known vulnerabilities
and exploits), followed by how-to using existing tools and/or one’s own program code (testing and understanding
what’s happening under the hood), concluded by discussion of possible solutions, alternatives, more general
questions, relations to other topics, …
■ vulnerable physical devices, virtual machines and/or informed ‘sparring partners’ allowing the students to try out
different attacks
■ engagement questions and mock assignments (not only) from professional certifications’ exams
■ short trips ‘into the field’ (visiting a public space with the objective of educating the general population via proofs of
concepts, visiting a computer security company, ...)
■ BYOD (Bring Your Own Device) as you’ll need to set up and use your own development environment
* Be engaged if you feel it improves your learning efficiency. Have a discussion, ask questions, write on the online
whiteboard /contribute to the shared study material (see Distance Learning), share your personal experience and/or what
you find online during the lecture (trust, but verify).
16. DISTANCE LEARNING
■ open educational resources suggested for each session
■ Q&A forum
(How do I ask a good question? stackoverflow.com/help/how-to-ask)
■ sharing your work in progress and discussing it with others
■ (if you agree) shared notes /study material /wiki /... created by the
students of the course and for the students of the course
(also reviewed and co-created by the lecturers), where one can focus on
creating background for her/his specialization
■ voluntary ‘challenges’, small pen test tasks to reinforce your skills
17. GUEST LECTURERS (POSSIBLY WEBINARS)
■ professionals, researchers, authors, prospective employers, …
■ expertise in a particular core topic of our course and/or on request
(based on what is most meaningful to you with regard to your final project
and/or your personal professional /academic goals and interests)
Note: Class attendance is voluntary (naturally). Interact with the course in a way that suits you best. It's
totally fine if you're a self-driven learner who approaches the lecturers only when she/he needs their
help. Similarly, you might just want to audit the course (you don't want to complete it) and/or hand-pick
only the topics that interest you. On the other hand, if you are not engaged because you think we can do
better, by all means, tell us so that we can work on it!
Make the course our joint project. Let's adjust and approve the course structure and course
requirements at the very beginning so that it supports your individual and our common goals
(answering all ‘Why?’ questions and introducing you to the reasoning behind the course should boost your
self-motivation). Take the initiative and come up with ideas for lectures /course topics /guests /..., get
involved by teaching what you know /are good at /what you want to improve in /..., contribute to the
development of the course in order to obtain your desired life /professional /academic /... skills.
20. 1. INTRODUCTION & PREREQUISITES
■ Introduction to Computer & Information Security
■ Introduction to Ethical Hacking & Penetration Testing
■ Law & Ethics of Offensive Security
■ Computer Science & Computer Fundamentals
■ Communication Protocols, Networking Technologies, Web Technologies
■ Introduction to Kali Linux
■ Introduction to Linux Command Line
■ Introduction to Python Programming
21. 2. FOOTPRINTING, INTELLIGENCE GATHERING, THREAT MODELING
■ Active & Passive Reconnaissance
■ Physical Security
■ Social Engineering
■ Network Analysis
■ Intrusion Detection and Prevention
■ Firewalls & Antiviruses
Note: The 2nd
and 3rd
blocks of the course (to which we’ll probably dedicate
most of our time) cover working with vulnerability scanners, exploitation tools
and other available tools, and/or developing Bash shell and Python scripts.
22. 3. VULNERABILITY ANALYSIS, EXPLOITATION, POST EXPLOITATION
■ Active & Passive Attacks
■ Software, Database, Wireless, Web Application, OS & Mobile Security
■ Architecture & Security of Popular Operating Systems: Linux, Windows, OS X, Android, iOS, Chrome OS, BSD
■ Viruses, Worms, Rootkits, Trojans, Backdoors, Bots, Ransomware, Spyware, Adware & Other Malware
■ Host Attacks, Network Attacks, Spoofing, Denial of Service
■ Applied Cryptography, Password Cracking
■ Black Box & White Box Testing
■ Source Code Auditing, Fuzzing
■ Digital & Computer Forensics
■ Steganography
■ Hardware Security, Firmware, Booting
■ Malware Analysis, C/C++, Assembly
■ Debugging, Disassembly, Reverse Engineering
23. 4. REPORTING, MEASURES, BUSINESS, MANAGEMENT
■ Writing a Penetration Testing Report
■ Disaster Recovery, Incident Response
■ Standards (and Their Shortcomings), Regulatory Compliance, Security Policies
■ Security Management, Risk Assessment and Security Metrics
■ Security Education and Awareness
■ Security Measures and Software /Solutions
24. 5. MACRO & MICRO-LEVEL CYBERSECURITY
■ History of Computer Security
■ Milestones and Famous Hacks, Attacks & Malware
■ Economics of Cybercrime
■ Cyberwarfare, Critical Infrastructure Security
■ Privacy & Surveillance
25. 6. APPLICATIONS & GETTING OUT OF YOUR COMFORT ZONE
■ Cloud Computing Security
■ Peer-to-Peer Network Security
■ Programming Languages Security
■ Embedded Device & Internet of Things Security
■ Augmented Reality & Virtual Reality Security
■ Point of Sale Security
■ E-commerce Payment Systems Security
■ Cryptocurrencies Security
■ Deep Web & Dark Web
■ Hacking Satellites
■ Hacking Cars, Drones, Planes, Trains, ...
■ Hacking Washing Machines, Fridges, ...
■ Quantum Computing
■ Artificial Intelligence
■ Big Data
■ Bioengineering & Biohacking
■ 3D Printing
■ Game Hacking
■ GPU malware
■ (...)
Disclaimer: In spite of the fact that we’ll try to fit our
sessions’ continuity with a typical sequence of steps in a
penetration test (pentest-standard.org), the content of the
course and the order of its sections /teaching blocks might
be subject to change based on pace, level of proficiency,
and other requirements of the course group. At the end of
the course, we’ll apply the obtained knowledge and skills to
areas beyond our comfort zone, which should be a lot of fun
and expanding one’s horizons, but possibly not directly
related to the final projects, therefore giving you some extra
time to work on it.
27. LITERATURE
The students are not required to read any of the following publications but might find them handy
when looking for inspiration, reference, sample code, or when some part of the course takes their
interest so that they want to follow it up with more in-depth self-directed study. Further online
/paperback study resources, tutorials, libraries, frameworks, and other tools will be introduced within
specific topics of the course.
Visit the Charles University in Prague Central Catalog at ckis.cuni.cz
to access some of the books and/or their alternatives.
A short metadiscussion: Bear in mind that the gals and guys who published the books below, speak at conferences, write blogs,
etc. (most likely) are not the same gals and guys that might want to exploit your /your client’s vulnerability. Being a ‘good guy’
means that you are, for the most part, also taught by the ‘good guys’. It’s therefore worth to purposefully practice the bad guy’s
mindset, for which we can’t provide you with any guaranteed manual. The well-documented attack vectors and (often) US-
centric /written by US authors resources do not substitute your own research in your particular environment. Moreover, this list
is by no means comprehensive and we’ll be able to give you a (much) more targeted recommendation if you tell us where you
are (regarding your current knowledge and skills in a particular area) and where you want to be. On top of that: “Practice, practice,
practice.”
28. HACKING & PENETRATION TESTING
[01] P. Engebretson, The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made
Easy, 2nd
edition. Amsterdam; Boston: Syngress, 2013.
[02] G. Weidman, Penetration Testing: A Hands-On Introduction to Hacking, 1st
edition. San Francisco: No Starch
Press, 2014.
[03] D. Regalado et al., Gray Hat Hacking The Ethical Hacker’s Handbook, 4th
edition. McGraw-Hill Education, 2015.
[04] P. Kim, The Hacker Playbook 2: Practical Guide To Penetration Testing. CreateSpace Independent Publishing
Platform, 2015.
[05] E. Skoudis and T. Liston, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective
Defenses, 2nd
edition. Upper Saddle River, NJ: Prentice Hall, 2006.
29. SOCIAL ENGINEERING & PHYSICAL SECURITY
[06] C. Hadnagy, Social Engineering: The Art of Human Hacking, 1st
edition. Indianapolis, IN: Wiley, 2010.
[07] K. D. Mitnick, W. L. Simon, and S. Wozniak, The Art of Deception: Controlling the Human Element of Security.
Indianapolis, Ind: Wiley, 2003.
[08] J. Long et al., No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing, 1st
edition. Burlington, MA; Oxford: Syngress, 2008.
[09] M. Bazzell, Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, 4th
edition. CreateSpace Independent Publishing Platform, 2015.
[10] J. Long, B. Gardner, and J. Brown, Google Hacking for Penetration Testers, 3rd
edition. Syngress, 2015.
[11] D. Ollam, Practical Lock Picking: A Physical Penetration Tester’s Training Guide, 2nd
edition. Waltham, MA:
Syngress, 2012.
30. NETWORKING
[12] S. McClure, Hacking Exposed 7: Network Security Secrets and Solutions, 7th
edition. McGraw-Hill Education,
2012.
[13] E. Maiwald, Network Security: A Beginner’s Guide, 3rd
edition. New York: McGraw-Hill Education, 2012.
[14] C. Sanders, J. Smith, Applied Network Security Monitoring: Collection, Detection, and Analysis, 1st
edition.
Amsterdam; Boston: Syngress, 2013.
[15] R. Bejtlich, The Practice of Network Security Monitoring: Understanding Incident Detection and Response. San
Francisco: No Starch Press, 2013.
[16] A. Anderson and R. Benedetti, Head First Networking, 1st
edition. Beijing: O’Reilly Media, 2009.
[17] K. R. Fall, W. R. Stevens, TCP/IP Illustrated, Volume 1: The Protocols, 2nd
edition. Upper Saddle River, NJ:
Addison-Wesley Professional, 2011.
[18] C. M. Kozierok, The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference, 1st
edition. San
Francisco: No Starch Press, 2005.
[19] B. A. Forouzan, TCP/IP Protocol Suite, 4th
edition. Boston: McGraw-Hill Education, 2009.
31. NETWORKING
[20] L. L. Peterson and B. S. Davie, Computer Networks: A Systems Approach, 5th
edition. Morgan Kaufmann, 2011.
[21] M. Gregg, The Network Security Test Lab: A Step-by-Step Guide. Wiley, 2015.
[22] C. Liu and P. Albitz, DNS and BIND, 5th
edition. Sebastopol, CA: O’Reilly Media, 2006.
[23] S. Hagen, IPv6 Essentials, 2nd
edition. Sebastopol: O’Reilly Media, 2006.
[24] S. Hogg and E. Vyncke, IPv6 Security, 1st
edition. Indianapolis, IN: Cisco Press, 2008.
[25] M. Farley, Storage Networking Fundamentals: An Introduction to Storage Devices, Subsystems, Applications,
Management, and File Systems, 1st
edition. Indianapolis, IN: Cisco Press, 2004.
[26] M. Collier and D. Endler, Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, 2nd
edition. New York: McGraw-Hill Education, 2013.
[27] E. F. Crist and J. J. Keijser, Mastering OpenVPN. Packt Publishing, 2015.
[28] X. Shen et al., Handbook of Peer-to-Peer Networking, 2010 edition. New York ; London: Springer, 2009.
[29] C. E. Spurgeon and J. Zimmerman, Ethernet: The Definitive Guide, 2nd
edition. Beijing: O’Reilly Media, 2014.
32. NETWORKING
[30] B. Desmond et al., Active Directory: Designing, Deploying, and Running Active Directory, 5th
edition. O’Reilly
Media, 2013.
[31] G. Carter, J. Ts, and R. Eckstein, Using Samba: A File and Print Server for Linux, Unix & Mac OS X, 3rd
Edition. O’
Reilly Media, 2007.
[32] J. Garman, Kerberos: The Definitive Guide. O’Reilly Media, 2003.
[33] G. Carter, LDAP System Administration. O’Reilly Media, 2003.
33. WIRELESS & MOBILE
[34] J. Wright and J. Cache, Hacking Exposed Wireless: Wireless Security Secrets & Solutions, 3rd
edition. McGraw-
Hill Education, 2015.
[35] M. S. Gast, 802.11ac: A Survival Guide, 1st
edition. Beijing: O’Reilly Media, 2013.
[36] M. S. Gast, 802.11n: A Survival Guide, 1st
edition. Sebastopol, CA: O’Reilly Media, 2012.
[37] M. S. Gast, 802.11 Wireless Networks: The Definitive Guide, 2nd
edition. Beijing ; Farnham: O’Reilly Media, 2005.
[38] K. Townsend et al., Getting Started with Bluetooth Low Energy: Tools and Techniques for Low-Power
Networking, 1st
edition. O’Reilly Media, 2014.
[39] H. Chang, Everyday NFC: Near Field Communication Explained, 2nd
edition. Coach Seattle Inc., 2014.
[40] E. Perret, Radio Frequency Identification and Sensors: From RFID to Chipless RFID, 1st
edition. Wiley-ISTE, 2014.
[41] J.-M. Chaduc and G. Pogorel, The Radio Spectrum, 1st
edition. London : Hoboken, NJ: Wiley-ISTE, 2008.
[42] H. Mazar, Radio Spectrum Management: Policies, Regulations and Techniques, 1st
edition. Chichester, West
Sussex, United Kingdom: Wiley, 2016.
34. WIRELESS & MOBILE
[43] M. Sauter, From GSM to LTE-Advanced: An Introduction to Mobile Networks and Mobile Broadband, 2nd
edition.
Wiley, 2014.
[44] D. Forsberg et al., LTE Security, 2nd
edition. Wiley, 2012.
[45] P. Misra and P. Enge, Global Positioning System: Signals, Measurements, and Performance. Lincoln, Mass.:
Ganga-Jamuna Press, 2010.
35. WEB APPLICATIONS
[46] J. Pauli, The Basics of Web Hacking: Tools and Techniques to Attack the Web, 1st
edition. Amsterdam ; Boston:
Syngress, 2013.
[47] W. Alcorn et al., The Browser Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2014.
[48] M. Zalewski, The Tangled Web: A Guide to Securing Modern Web Applications, 1st
edition. San Francisco: No
Starch Press, 2011.
[49] D. Stuttard and M. Pinto, The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2nd
edition. Indianapolis, IN : Chichester: Wiley, 2011.
[50] M. Schrenk, Webbots, Spiders, and Screen Scrapers: A Guide to Developing Internet Agents with PHP/CURL, 2nd
edition. San Francisco: No Starch Press, 2012.
[51] R. Bowen and K. Coar, Apache Cookbook: Solutions and Examples for Apache Administrators, 2nd
edition.
Sebastopol, CA: O’Reilly Media, 2008.
[52] C. Nedelcu, Nginx HTTP Server, 3rd
edition. Packt Publishing, 2015.
36. WEB APPLICATIONS
[53] K. Schaefer et al., Professional Microsoft IIS 8. Indianapolis, Wrox, 2012.
[54] I. Ristic, ModSecurity Handbook: The Complete Guide to the Popular Open Source Web Application Firewall,
London: Feisty Duck Limited, 2010.
[55] I. Ristic, Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web
Applications. London: Feisty Duck, 2014.
[56] J. Richer and A. Sanso, OAuth 2 in Action. Manning, 2016 [expected].
[57] A. McDonald et al., Linux Email, 2nd
edition. Birmingham, UK: Packt Publishing, 2009.
37. OPERATING SYSTEMS & SOFTWARE
[58] M. E. Russinovich et al., Windows Internals, Part 1, 6th
edition. Redmond, Washington: Microsoft Press, 2012.
[59] M. E. Russinovich et al., Windows Internals, Part 2, 6th
edition. Redmond, Washington: Microsoft Press, 2012.
[60] D. Gibson, Microsoft Windows Security Essentials, 1st
edition. Indianapolis, Ind: Sybex, 2011.
[61] J. Scambray, Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, 3rd
edition. New
York, NY: McGraw-Hill Education, 2007.
[62] W. Halton and B. Weaver, Kali Linux: Windows Penetration Testing. Packt Publishing, 2016 [expected].
[63] B. Ward, How Linux Works: What Every Superuser Should Know, 2nd
edition. San Francisco: No Starch Press,
2014.
[64] ISECOM, Hacking Exposed Linux, 3rd
Edition. New York: McGraw-Hill Education, 2008.
[65] R. Love, Linux Kernel Development, 3rd
edition. Upper Saddle River, NJ: Addison-Wesley Professional, 2010.
[66] C. Miller and D. D. Zovi, The Mac Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2009.
38. OPERATING SYSTEMS & SOFTWARE
[67] J. J. Drake et al., Android Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2014.
[68] A. Gupta, Learning Pentesting for Android Devices. Birmingham, UK: Packt Publishing, 2014.
[69] N. Elenkov, Android Security Internals: An In-Depth Guide to Android’s Security Architecture, 1st
edition. San
Francisco, CA: No Starch Press, 2014.
[70] C. Miller et al., iOS Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2012.
[71] S. Yermalkar, Learning iOS Penetration Testing. Packt Publishing, 2016.
[72] D. Chell et al., The Mobile Application Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2015.
[73] N. Bergman et al., Hacking Exposed Mobile: Security Secrets & Solutions, 1st
edition. New York: McGraw-Hill
Education, 2013.
[74] M. W. Lucas, Absolute FreeBSD: The Complete Guide to FreeBSD, 2nd
edition. No Starch Press, 2007.
[75] M. K. McKusick, The Design and Implementation of the FreeBSD Operating System, 2nd
edition. Upper Saddle
River, NJ: Addison-Wesley Professional, 2014.
39. OPERATING SYSTEMS & SOFTWARE
[76] M. W. Lucas, Absolute OpenBSD: Unix for the Practical Paranoid, 2nd
edition. San Francisco: No Starch Press,
2013.
[77] A. Silberschatz et al., Operating System Concepts, 9th
edition. Hoboken, NJ: Wiley, 2012.
[78] A. S. Tanenbaum and A. S. Woodhull, Operating Systems Design and Implementation, 3rd
edition. Upper Saddle
River, N.J: Pearson, 2006.
[79] D. Kleidermacher and M. Kleidermacher, Embedded Systems Security: Practical Methods for Safe and Secure
Software and Systems Development. Amsterdam: Newnes, 2012.
[80] J. Erickson, Hacking: The Art of Exploitation, 2nd
edition. San Francisco, CA: No Starch Press, 2008.
[81] C. Anley et al., The Shellcoder’s Handbook: Discovering and Exploiting Security Holes, 2nd
edition. Indianapolis,
IN: Wiley, 2007.
[82] M. Howard et al., 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. New York:
McGraw-Hill Education, 2009.
[83] T. Klein, A Bug Hunter’s Diary: A Guided Tour Through the Wilds of Software Security, No Starch Press, 2011.
40. FIRMWARE & HARDWARE
[84] V. Zimmer et al., Beyond BIOS: Developing with the Unified Extensible Firmware Interface, 2nd
Edition. Hillsboro,
Or.: Intel Press, 2011.
[85] P. Crouncher, The BIOS Companion: The book that doesn’t come with your motherboard!. Electrocution
Technical Publishers, 2004.
[86] G. Stringham, Hardware/Firmware Interface Design: Best Practices for Improving Embedded Systems
Development. Burlington, MA: Newnes, 2009.
[87] M. Tehranipoor and C. Wang, Introduction to Hardware Security and Trust, 2012 edition. New York: Springer,
2011.
[88] S. Mueller, Upgrading and Repairing PCs, 22nd
edition. Indianapolis, IN: Que Publishing, 2015.
[89] J. Axelson, USB Complete: The Developer’s Guide, 4th
edition. Madison, Wis.: Lakeview Research, 2009.
41. DIGITAL FORENSICS & INCIDENT RESPONSE
[90] A. Philipp et al., Hacking Exposed Computer Forensics: Computer Forensics Secrets & Solutions, 2nd
edition.
New York: McGraw-Hill Education, 2009.
[91] S. Davidoff and J. Ham, Network Forensics: Tracking Hackers through Cyberspace, 1st
edition. Upper Saddle
River, NJ: Prentice Hall, 2012.
[92] S. Datt, Learning Network Forensics. Packt Publishing, 2016 [expected].
[93] S. Bommisetty, R. Tamma, and H. Mahalik, Practical Mobile Forensics. Birmingham, UK: Packt Publishing, 2014.
[94] S. Tahiri, Mastering Mobile Forensics. Packt Publishing, 2016 [expected].
[95] A. Shaaban and K. Sapronov, Linux for Digital Forensics. Packt Publishing, 2016 [expected].
[96] M. H. Ligh et al., The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac
Memory. Indianapolis, IN: Wiley, 2014.
[97] H. Carvey, Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, 2nd
edition.
Syngress, 2016.
42. DIGITAL FORENSICS & INCIDENT RESPONSE
[98] M. T. Raggoand C. Hosmer, Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile
Devices and Network Protocols, 1st
edition. Waltham, MA: Syngress, 2012.
[99] P. Wayner, Disappearing Cryptography: Information Hiding, Steganography & Watermarking, 3rd
edition.
Amsterdam; Boston: Morgan Kaufmann, 2008.
[100] J. T. Luttgens et al., Incident Response & Computer Forensics, 3rd
edition. New York: McGraw-Hill Education,
2014.
[101] D. Murdoch, Blue Team Handbook: Incident Response Edition: A Condensed Field Guide for the Cyber Security
Incident Responder, 2nd
edition. United States: CreateSpace Independent Publishing Platform, 2014.
43. CRYPTOGRAPHY
[102] N. Ferguson et al., Cryptography Engineering: Design Principles and Practical Applications, 1st
edition.
Indianapolis, IN: Wiley, 2010.
[103] C. Paar et al., Understanding Cryptography: A Textbook for Students and Practitioners, 2010 edition. Heidelberg ;
New York: Springer, 2010.
[104] B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd
edition. New York: Wiley,
1996.
[105] J. Davies, Implementing SSL / TLS Using Cryptography and PKI, 1st
edition. Hoboken, N.J: Wiley, 2011.
44. REVERSE ENGINEERING & MALWARE ANALYSIS
[106] C. Eagle, The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler, 2nd
edition. San
Francisco: No Starch Press, 2011.
[107] N. Matloff and P. J. Salzman, The Art of Debugging with GDB, DDD, and Eclipse, 1st
edition. San Francisco: No
Starch Press, 2008.
[108] J. Duntemann, Assembly Language Step-by-Step: Programming with Linux, 3rd
edition. Indianapolis, Ind.: Wiley,
2009.
[109] B. Dang et al., Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation,
1st
edition. Indianapolis, Indiana: Wiley, 2014.
[110] D. Yurichev, Reverse Engineering for Beginners [online]. 2016.
[111] C. Elisan, Malware, Rootkits & Botnets A Beginner’s Guide, 1st
edition. New York: McGraw-Hill Education, 2012.
[112] M. Sikorski and A. Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 1st
edition. San Francisco: No Starch Press, 2012.
45. REVERSE ENGINEERING & MALWARE ANALYSIS
[113] M. Ligh et al., Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, 1st
edition. Indianapolis, IN: Wiley, 2010.
[114] B. Blunden, The Rootkit Arsenal: Escape and Evasion: Escape and Evasion in the Dark Corners of the System, 1st
edition. Plano, Tex: Jones & Bartlett Learning, 2009.
[115] A. Matrosov et al., Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats. No Starch
Press, 2016 [expected].
[116] J. Koret and E. Bachaalany, The Antivirus Hacker’s Handbook, 1st
edition. Indianapolis, IN: Wiley, 2015.
[117] M. A. Ludwig, The Little Black Book of Computer Viruses: The Basic Technology. Tucson, Ariz: Amer Eagle
Pubns Inc, 1991.
46. BUSINESS, MANAGEMENT, STANDARDS
[118] J. R. Vacca, Computer and Information Security Handbook, 2nd
edition. Amsterdam: Morgan Kaufmann, 2013.
[119] M. Rhodes-Ousley, Information Security: The Complete Reference, 2nd
edition. New York, USA: McGraw-Hill
Education, 2013.
[120] M. Talabis and J. Martin, Information Security Risk Assessment Toolkit: Practical Assessments through Data
Collection and Data Analysis. Syngress, 2012.
[121] S. E. Donaldson et al., Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against
Advanced Threats. Apress, 2015.
[122] E. Wheeler, Security Risk Management: Building an Information Security Risk Management Program from the
Ground Up. Syngress, 2011.
[123] J. Muniz, G. McIntyre, and N. AlFardan, Security Operations Center: Building, Operating, and Maintaining your
SOC. Indianapolis, IN: Cisco Press, 2015.
[124] D. R. Miller et al., Security Information and Event Management. McGraw-Hill Education, 2010.
47. BUSINESS, MANAGEMENT, STANDARDS
[125] Q. Li and G. Clark, Security Intelligence: A Practitioner’s Guide to Solving Enterprise Security Challenges.
Indianapolis, IN: Wiley, 2015.
[126] C. Wong, Security Metrics, A Beginner’s Guide. New York: McGraw-Hill Education, 2011.
[127] A. Jaquith, Security Metrics: Replacing Fear, Uncertainty, and Doubt. Upper Saddle River, NJ: Addison-Wesley
Professional, 2007.
[128] J. Hintzbergen, Foundations of Information Security Based on ISO27001 and ISO27002, 3rd
edition. Zaltbommel:
Van Haren Publishing, 2015.
[129] S. D. Haes and W. V. Grembergen, Enterprise Governance of Information Technology: Achieving Alignment and
Value, Featuring COBIT 5, 2nd
edition. New York, NY: Springer, 2015.
[130] B. R. Williams and A. Chuvakin, PCI Compliance: Understand and Implement Effective PCI Data Security
Standard Compliance, 4th
edition. Waltham, MA: Syngress, 2014.
[131] R. Herold and K. Beaver, The Practical Guide to HIPAA Privacy and Security Compliance, 2nd
edition. Boca Raton:
Auerbach Publications, 2014.
48. MACRO & MICRO-LEVEL CYBERSECURITY
[132] W. Gragido et al., Blackhatonomics: An Inside Look at the Economics of Cybercrime, 1st
edition. Amsterdam ;
Boston: Syngress, 2012.
[133] J. Andress and S. Winterfeld, Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, 2nd
edition. Amsterdam ; Boston: Syngress, 2013.
[134] P. W. Singer and A. Friedman, Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford University
Press, 2014.
[135] E. D. Knapp and J. T. Langill, Industrial Network Security: Securing Critical Infrastructure Networks for Smart
Grid, SCADA, and Other Industrial Control Systems, 2nd
edition. Waltham, MA: Syngress, 2014.
[136] WikiLeaks and J. Assange, The WikiLeaks Files: The World According to US Empire. London: Verso, 2015.
[137] G. Greenwald, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State. New York, NY:
Metropolitan Books, 2014.
[138] B. Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W. W. Norton &
Company, 2015.
49. MACRO & MICRO-LEVEL CYBERSECURITY
[139] E. R. McNicholas and V. K. Mohan, Eds., Cybersecurity: A Practical Guide to the Law of Cyber Risk. Practising
Law Institute, 2015.
[140] M. N. Schmitt, Ed., Tallinn Manual on the International Law Applicable to Cyber Warfare, Reprint edition.
Cambridge University Press, 2013.
[141] M. Bazzell, Personal Digital Security: Protecting Yourself from Online Crime. Charleston, S.C.: CreateSpace
Independent Publishing Platform, 2013.
[142] M. Bazzell, Hiding from the Internet: Eliminating Personal Online Information, 3rd
edition. CreateSpace
Independent Publishing Platform, 2016.
[143] V. Blue, The Smart Girl’s Guide to Privacy: A Privacy Guide for the Rest of Us. Digital Publications Privacy, 2014.
[144] T. Speed et al., Mobile Security: How to Secure, Privatize, and Recover Your Devices. Birmingham: Packt
Publishing, 2013.
[145] M. W. Lucas, PGP & GPG: Email for the Practical Paranoid, 1st
edition. San Francisco: No Starch Press, 2006.
Note: ‘Technical’ publications on the deep web and its research (including the dark web networks, especially Tor, Freenet, and I2P) should be added here as they become available.
50. COMMAND LINE
[146] W. E. Shotts Jr., The Linux Command Line: A Complete Introduction, 1st
edition. San Francisco: No Starch Press,
2012.
[147] S. Tushar and S. Lakshman, Linux Shell Scripting Cookbook, 2nd
edition. Birmingham: Packt Publishing, 2013.
[148] D. J. Barrett, Linux Pocket Guide, 2nd
edition. Beijing: O’Reilly Media, 2012.
[149] B. Payette, Windows PowerShell in Action, 2nd
edition [3rd
edition expected]. Shelter Island, NY: Manning
Publications, 2011.
[150] D. Jones and J. Hicks, Learn Windows PowerShell in a Month of Lunches, 2nd
edition. Shelter Island, NY:
Manning Publications, 2012.
[151] B. Clark, Rtfm: Red Team Field Manual, 1.0 edition. CreateSpace Independent Publishing Platform, 2014.
51. POPULAR TOOLS
[152] D. Kennedy et al., Metasploit: The Penetration Tester’s Guide, 1st
edition. San Francisco: No Starch Press, 2011.
[153] C. P. Paulino, Nmap 6: Network Exploration and Security Auditing Cookbook. Birmingham, UK: Packt Publishing,
2012.
[154] K. C. Yerrid, Instant Netcat Starter. Birmingham: Packt Publishing, 2013.
[155] C. Sanders, Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, 2nd
edition. San
Francisco, CA: No Starch Press, 2011.
[156] Y. Orzach, Network Analysis Using Wireshark Cookbook. Birmingham: Packt Publishing, 2013.
[157] R. Shimonski, The Wireshark Field Guide: Analyzing and Troubleshooting Network Traffic, 1st
edition.
Amsterdam; Boston: Syngress, 2013.
[158] A. Singh, Instant Wireshark Starter, 1st
edition. Birmingham: Packt Publishing, 2013.
[159] B. Caswell et al., Snort IDS and IPS Toolkit. Burlington, MA: Syngress, 2007.
52. POPULAR TOOLS
[160] A. Mahajan, Burp Suite Essentials. Packt Publishing, 2014.
[161] L. Carettoni, Instant Burp Suite Starter. Birmingham, England: Packt Publishing, 2013.
[162] D. W. Dieterle, Basic Security Testing with Kali Linux, 1st
edition. CreateSpace Independent Publishing Platform,
2014.
[163] T. Heriyanto et al., Kali Linux: Assuring Security By Penetration Testing. Birmingham, UK: Packt Publishing, 2014.
[164] V. Ramachandran and C. Buchanan, Kali Linux: Wireless Penetration Testing Beginner’s Guide. Packt Publishing,
2015.
[165] J. Muniz and A. Lakhani, Web Penetration Testing with Kali Linux. Birmingham: Packt Publishing, 2013.
[166] R. W. Beggs, Mastering Kali Linux for Advanced Penetration Testing. Birmingham, UK: Packt Publishing, 2014.
[167] J. Muniz and A. Lakhani, Penetration Testing with Raspberry Pi. Packt Publishing, 2015.
[168] J. Diakun, P. R. Johnson, and D. Mock, Splunk Operational Intelligence Cookbook. Birmingham, UK: Packt
Publishing, 2014.
53. PYTHON HACKING
[169] T. J. O'Connor, Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security
Engineers, 1st
edition. Amsterdam; Boston: Syngress, 2012.
[170] J. Seitz, Black Hat Python: Python Programming for Hackers and Pentesters, 1st
edition. San Francisco: No
Starch Press, 2014.
[171] C. Duffy, Learning Penetration Testing with Python. Packt Publishing, 2015.
[172] M. Singh, Python Penetration Testing Cookbook. Packt Publishing, 2016 [expected].
[173] M. O. F. Sarker and S. Washington, Learning Python Network Programming. Packt Publishing, 2015.
[174] C. Hosmer, Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology, 1st
edition.
Syngress, 2014.
[175] M. Spreitzenbarth and J. Uhrmann, Mastering Python Forensics. Packt Publishing, 2015.
[176] R. Mitchell, Web Scraping with Python: Collecting Data from the Modern Web, 1st
edition. O’Reilly Media, 2015.
[177] J. Seitz, Gray Hat Python: Python Programming for Hackers and Reverse Engineers, 1st
edition. San Francisco:
No Starch Press, 2009.
54. GENERAL INTROS
[178] J. Andress, The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and
Practice, 1st
edition. Amsterdam ; Boston: Syngress, 2011.
[179] M. Sipser, Introduction to the Theory of Computation, 3rd
edition. Boston, MA: Course Technology, 2012.
[180] J. Zelle, Python Programming: An Introduction to Computer Science, 2nd
edition. Sherwood, Or: Franklin, Beedle &
Associates Inc., 2010.
[181] T. H. Cormen, Algorithms Unlocked. Cambridge, Massachusetts: The MIT Press, 2013.
[182] J. C. Jackson, Web Technologies: A Computer Science Perspective, 1st
edition. Upper Saddle River, N.J: Pearson,
2006.
[183] R. White and T. E. Downs, How Computers Work: The Evolution of Technology, 10th
edition. Indianapolis, IN: Que
Publishing, 2014.
55. GENERAL INTROS
[184] N. Nisan and S. Schocken, The Elements of Computing Systems: Building a Modern Computer from First
Principles. Cambridge, Mass.; London: The MIT Press, 2005.
[185] C. Petzold, Code: The Hidden Language of Computer Hardware and Software, 1st
edition. Redmond, Wash.:
Microsoft Press, 2000.
[186] E. Lehman et al., Mathematics for Computer Science [online]. 2010.
[187] G. J. Janacek and M. L. Close, Mathematics for Computer Scientists, 2nd
edition [online]. 2011.
56. PROGRAMMING LANGUAGES & DBMSs
[188] M. Lutz, Learning Python, 5th
edition. Beijing: O’Reilly Media, 2013.
[189] M. Lutz, Python Pocket Reference, 5th
edition. Beijing: O’Reilly Media, 2014.
[190] B. Stroustrup, A Tour of C++, 1st
edition. Upper Saddle River, NJ: Addison-Wesley Professional, 2013.
[191] B. Stroustrup, Programming: Principles and Practice Using C++, 1st
edition. Upper Saddle River, NJ: Addison-
Wesley Professional, 2008.
[192] K. N. King, C Programming: A Modern Approach, 2nd
edition. New York: W. W. Norton & Company, 2008.
[193] J. Bloch, Effective Java, 2nd
edition. Upper Saddle River, NJ: Addison-Wesley, 2008.
[194] H. Schildt, Java: The Complete Reference, 9th
edition. New York: McGraw-Hill Education, 2014.
[195] D. Flanagan, JavaScript: The Definitive Guide: Activate Your Web Pages, 6th
edition. Beijing; Sebastopol, CA: O’
Reilly Media, 2011.
[196] D. Crockford, JavaScript: The Good Parts, 1st
edition. Farnham: O’Reilly Media, 2008.
57. PROGRAMMING LANGUAGES & DBMSs
[197] K. Tatroe et al., Programming PHP, 3rd
edition. Sebastopol, CA: O’Reilly Media, 2013.
[198] D. Flanagan and Y. Matsumoto, The Ruby Programming Language, 1st
edition. Beijing; Sebastopol, CA: O’Reilly
Media, 2008.
[199] R. L. Schwartz et al., Learning Perl, 6th
edition. Beijing; Sebastopol: O’Reilly Media, 2011.
[200] B. Tate, Seven Languages in Seven Weeks: A Pragmatic Guide to Learning Programming Languages. Pragmatic
Bookshelf, 2010.
[201] A. Beaulieu, Learning SQL, 2nd
edition. Beijing; Sebastopol: O’Reilly Media, 2009.
[202] P. DuBois, MySQL, 5th
edition. Upper Saddle, NJ: Addison-Wesley Professional, 2013.
[203] K. Chodorow, MongoDB: The Definitive Guide, 2nd
edition. Beijing: O’Reilly Media, 2013.
[204] P. J. Sadalage and M. Fowler, NoSQL Distilled: A Brief Guide to the Emerging World of Polyglot Persistence, 1st
edition. Upper Saddle River, NJ: Addison-Wesley Professional, 2012.
58. [205] M. Walker, CEH Certified Ethical Hacker All-in-One Exam Guide, 2nd
edition. McGraw-Hill Education, 2014.
[206] A. Conklin, CompTIA Security+ All-in-One Exam Guide, 4th
edition. McGraw-Hill Education, 2014.
[207] R. Messier, GSEC GIAC Security Essentials Certification All-in-One Exam Guide, 1st
edition. Emeryville, California:
McGraw-Hill Education, 2013.
[208] M. Meyers, CompTIA Network+ All-In-One Exam Guide, 6th
edition. New York: McGraw-Hill Education, 2015.
[209] J. M. Stewart et al., CISSP: Certified Information Systems Security Professional Study Guide, 6th
edition.
Hoboken, N.J.: Sybex, 2012.
[210] D. Gibson, SSCP: Systems Security Certified Practitioner All-in-One Exam Guide, 1st
edition. New York: McGraw-
Hill Education, 2011.
[211] ISACA, CISA Review Manual, 26th
Edition. ISACA, 2015.
[212] ISACA, CISM Review Manual, 14th
Edition. ISACA, 2015.
PROFESSIONAL CERTIFICATION /ENGAGEMENT QUESTIONS
59. [213] W. Manning, CISM: Certified Information Security Manager Certification Exam Preparation Course in a Book for
Passing the CISM Exam, 2nd
edition. EMEREO PTY LTD, 2011.
[214] C. Easttom, CCFP: Certified Cyber Forensics Professional All-in-One Exam Guide, 1st
edition. New York: McGraw-
Hill Education, 2014.
[215] C. L. Brooks, CHFI: Computer Hacking Forensic Investigator Certification All-in-One Exam Guide, 1st
edition.
McGraw-Hill Education, 2014.
[216] B. E. Rogers, CompTIA Mobility+ Certification All-in-One Exam Guide, 1st
edition. New York: McGraw-Hill
Education, 2014.
[217] M. Meyers, CompTIA A+ Certification All-in-One Exam Guide, 8th
edition. New York: McGraw-Hill Education, 2012.
[218] G. L. McDowell, Cracking the Coding Interview: 150 Programming Questions and Solutions, 5th
edition.
CareerCup, 2011.
PROFESSIONAL CERTIFICATION /ENGAGEMENT QUESTIONS
...and last but not least: Offensive Security Certifications
60. [219] J. R. Winkler, Securing the Cloud: Cloud Computer Security Techniques and Tactics, 1st
edition. Waltham, MA:
Syngress, 2011.
[220] N. Dhanjani, Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts, 1st
edition. O’Reilly Media,
2015.
[221] B. Russell and D. Van Duren, Practical Internet of Things Security. Packt Publishing, 2016 [expected].
[222] S. Gomzin, Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions, 1st
edition. Indianapolis,
IN: Wiley, 2014.
[223] D. A. Montague, Essentials of Online payment Security and Fraud Prevention, 1st
edition. New York: Wiley, 2010.
[224] C. Barski and C. Wilmer, Bitcoin for the Befuddled, 1st
edition. San Francisco, CA: No Starch Press, 2014.
[225] A. M. Antonopoulos, Mastering Bitcoin: Unlocking Digital Cryptocurrencies, 1st
edition. Sebastopol CA: O’Reilly
Media, 2014.
[226] C. Rock, The Baby Harvest: How Virtual Babies Became the Future of Terrorist Financing and Money Laundering.
2015.
GETTING OUT OF YOUR COMFORT ZONE
61. [227] C. Smith, Car Hacker's Handbook. No Starch Press, 2016 [expected].
[228] N. S. Yanofsky and M. A. Mannucci, Quantum Computing for Computer Scientists, 1st
edition. Cambridge:
Cambridge University Press, 2008.
[229] M. A. Nielsen and I. L. Chuang, Quantum Computation and Quantum Information: 10th
edition. Cambridge; New
York: Cambridge University Press, 2011.
[230] J. Jacobs and B. Rudis, Data-Driven Security: Analysis, Visualization and Dashboards, 1st
edition. Indianapolis,
IN: Wiley, 2014.
[231] J. Sremack, Big Data Forensics: Learning Hadoop Investigations. Packt Publishing, 2015.
[232] N. Kuldell, BioBuilder, 1st
edition. O’Reilly Media, 2015.
[233] P. Cerrato, Protecting Patient Information: A Decision-Maker’s Guide to Risk, Prevention, and Damage Control.
Syngress, 2016.
(...)
GETTING OUT OF YOUR COMFORT ZONE
65. ETHICAL HACKING
COURSE PROPOSAL*
2016-06-03 (YYYY-MM-DD)
version 0.2
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
JAKUB RUZICKA
linkedin.com/in/littlerose
jameslittlerose@gmail.com
* I’m currently working on the course offering
in 2016/2017 and looking for collaborators
(do not hesitate to drop me a line!)