Cover6 Solutions / Blacks in Cyber (BIC) Winter Conference 2021 - Introduction to #Cybersecurity Workshop
This guide prepares you for the Blacks in Cyber (BIC) Winter Conference 2021 - Introduction to #Cybersecurity training.
This one-day program is designed for beginners and covers the fundamentals of cybersecurity. We start with the basics of common computer and network services and end with exploitation and an understanding of attack methodologies and strategies to defend against them. We will also focus on ways to build a home lab along with challenges and educational references to improve your skillset.
Mr. Tyrone E. Wilson is a passionate information security professional with 24 years of experience in information technology and has a mission to improve as many lives as possible through education in cybersecurity. Wilson also has extensive knowledge in computer network defense, vulnerability assessments, cyber threat analysis, and incident response. Currently, Wilson is the Founder and CEO of Cover6 Solutions, LLC; which teaches companies and professionals various aspects of information security, penetration testing, and IPv6.
Wilson is also the organizer of The D.C. Cyber Security Professionals. With over 9,000 members, it is the largest #Cybersecurity meetup group in the United States. In addition, Wilson is also on the Review Board of BSides NoVA, Howard University, and Hacker Halted and has presented and/or taught classes at many of the major tech conferences.
Tyrone E. Wilson
Founder & President
The #SOCAnalystPrep workshop is the defensive equivalent of the #PentesterPrep workshop. It prepares you to work in a Security Operations Center (SOC) immediately upon completion. For this class, you will need the following tools installed:
- Nmap
- Wireshark
- Nessus Essentials
- Windows Sysinternals Suite
- Clicking this link starts the download of the SysinternalsSuite.zip file
- Kali Linux (Optional)
We DO NOT teach Kali Linux in this workshop. However, you will see offensive techniques used by the instructor to simulate attacker activity.
We will provide you access to the following online servers, so be sure to bookmark the following URLs:
The #PentesterPrep Workshop will require Kali Linux (Kali).
Although the tools can be installed in similar operating systems, these instructions are meant for Kali Linux only.
Step 1. Install a hypervisor
The hypervisor or virtual machine monitor is a software package that allows you to create a virtual machine (VM) on your host device/laptop. Any new virtual machine you make will be considered a guest machine.
We recommend installing VirtualBox (Windows, OS X, Linux, or Solaris) or VMWare Fusion (Mac). For some reason, we’ve had several issues with students running VMWare Workstation. You can download a hypervisor from the following locations:
- VMWare Workstation Player (Free)
- Windows or Linux
- VMWare Workstation Pro ($249)
- Windows or Linux
- VMWare Fusion ($79.99)
- macOS 10.13 High Sierra or later
- VirtualBox (Free)
- Windows, Linux, OS X, and Solaris
The installation process for both VirtualBox and any VMWare products is a straightforward “push-through” install. Unless you have a specific folder where you would like to save your virtual machines, you can accept all of the default options.
Keep in mind that each new VM will require processing power and memory from the host machine. Even with a minimum of 8 GB of RAM, a standard laptop could still fully power the two VMs needed to help you start.
Step 2. Download and install or import Kali
Disclaimer: Kali Linux is an operating system for hackers built by hackers. Upon installing Kali, you will own hundreds of tools. Please be aware of the power of these tools! Improper use of these tools outside of a training environment could lead to severe damage (for anyone you target) and/or jail time (for you).
You can use pre-configured virtual machines, or you can install Kali straight from a .iso file. Be sure to use the images from “Kali Linux VirtualBox Images” if you are using VirtualBox. You can find images and .iso files at the following locations:
For the .iso, we recommend that you use the Kali Linux 64-bit image. Also, be sure to select the right image for your hypervisor (VMWare or VirtualBox).
Step 3. Make the PostgreSQL service persistent
It is good to have the PostgreSQL service remain persistent (start on boot).
# sudo update-rc.d postgresql enableStep 4. Change the default SSH keys (optional)
To better protect your ssh sessions, we recommend that you change the default keys. You can first create a folder to hold a back up copy of your current keys and then move the current keys to the backup folder.
# sudo mkdir /etc/ssh/backup-keys# sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup-keysNow you can create a new set of ssh keys with the following command:
# sudo dpkg-reconfigure openssh-serverStep 5. Configure the Metasploit database
There are additional options to fine-tune and help secure your instance of Kali Linux. Online you can find some tips by searching for “Things to do after installing Kali Linux.” For now, we recommend that you have the Metasploit Database up and running in Kali. The database will help keep all of your scans, vulnerabilities, exploits, and identified credentials or passwords in one place.
A few services are required depending on what version of Kali you have. For older versions, you will need to start the PostgreSQL and Metasploit services. For newer versions, you will only need to start the PostgreSQL service.
Here are the commands needed to ensure your database is working with a fresh Kali Linux install.
# sudo systemctl start postgresql# sudo msfdb init# sudo msfconsolemsf > workspaceAt this point, you should see a * Default workspace. If the default workspace appears after typing msfconsole and workspace, you are ready for the workshop!
The #AttackNDefend workshop is where we combine both the skills of a penetration tester (pentester) and a Security Operations Center (SOC) Analyst. For this class, you will need the following tools installed:
- Nmap
- Wireshark
- Nessus Essentials
- Windows Sysinternals Suite
- Clicking this link starts the download of the SysinternalsSuite.zip file
This Workshop will also require Kali Linux (Kali).
Although the tools can be installed in similar operating systems, these instructions are meant for Kali Linux only.
Step 1. Install a hypervisor
The hypervisor or virtual machine monitor is a software package that allows you to create a virtual machine (VM) on your host device/laptop. Any new virtual machine you make will be considered a guest machine.
We recommend installing VirtualBox (Windows, OS X, Linux, or Solaris) or VMWare Fusion (Mac). For some reason, we’ve had several issues with students running VMWare Workstation. You can download a hypervisor from the following locations:
- VMWare Workstation Player (Free)
- Windows or Linux
- VMWare Workstation Pro ($249)
- Windows or Linux
- VMWare Fusion ($79.99)
- macOS 10.13 High Sierra or later
- VirtualBox (Free)
- Windows, Linux, OS X, and Solaris
The installation process for both VirtualBox and any VMWare products is a straightforward “push-through” install. Unless you have a specific folder where you would like to save your virtual machines, you can accept all of the default options.
Keep in mind that each new VM will require processing power and memory from the host machine. Even with a minimum of 8 GB of RAM, a standard laptop could still fully power the two VMs needed to help you start.
Step 2. Download and install or import Kali
Disclaimer: Kali Linux is an operating system for hackers built by hackers. Upon installing Kali, you will own hundreds of tools. Please be aware of the power of these tools! Improper use of these tools outside of a training environment could lead to severe damage (for anyone you target) and/or jail time (for you).
You can use pre-configured virtual machines, or you can install Kali straight from a .iso file. Be sure to use the images from “Kali Linux VirtualBox Images” if you are using VirtualBox. You can find images and .iso files at the following locations:
For the .iso, we recommend that you use the Kali Linux 64-bit image. Also, be sure to select the right image for your hypervisor (VMWare or VirtualBox).
Step 3. Make the PostgreSQL service persistent
It is good to have the PostgreSQL service remain persistent (start on boot).
# sudo update-rc.d postgresql enableStep 4. Change the default SSH keys (optional)
To better protect your ssh sessions, we recommend that you change the default keys. You can first create a folder to hold a back up copy of your current keys and then move the current keys to the backup folder.
# sudo mkdir /etc/ssh/backup-keys# sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup-keysNow you can create a new set of ssh keys with the following command:
# sudo dpkg-reconfigure openssh-serverStep 5. Configure the Metasploit database
There are additional options to fine-tune and help secure your instance of Kali Linux. Online you can find some tips by searching for “Things to do after installing Kali Linux.” For now, we recommend that you have the Metasploit Database up and running in Kali. The database will help keep all of your scans, vulnerabilities, exploits, and identified credentials or passwords in one place.
A few services are required depending on what version of Kali you have. For older versions, you will need to start the PostgreSQL and Metasploit services. For newer versions, you will only need to start the PostgreSQL service.
Here are the commands needed to ensure your database is working with a fresh Kali Linux install.
# sudo systemctl start postgresql# sudo msfdb init# sudo msfconsolemsf > workspaceAt this point, you should see a * Default workspace. If the default workspace appears after typing msfconsole and workspace, you are ready for the workshop!
Lastly, we will provide you access to the following online servers, so be sure to bookmark the following URLs:
Today the demand for cybersecurity professionals has never been higher, and the need for skilled defensive (blue team) analysts is especially urgent. At Cover6 we will provide the training you need to find your place in cyber. We focus on the fundamentals of network defense through real-world, hands-on instruction, and our workshop will offer you a path to a successful career as a Security Operations Center (SOC) Analyst.
SOC Analysts are highly sought-after professionals who identify compromised machines and respond to malicious activity. They use defensive security skills and techniques while working to mitigate any damage that may have occurred.
Our Virtual SOC Analyst Prep Workshop offers a comprehensive introduction to defensive tactics, techniques, and procedures. Students will learn various strategies to help defend against several attack scenarios.
A few of the tools and technologies that participants will explore include; Security Onion, Wireshark, Splunk, and Nessus. Also, our course is designed to help you prepare for the CySA+ exam and reflects the current exam objectives.
In this workshop students will:
- Analyze .pcap files and logs to identify Indicators of Compromise (IOC’s)
- Perform various incident handling and response procedures
- Use tools to implement initial threat hunting techniques
- Be prepared to work in a SOC on day 1
Are you interested in learning the skills needed to test the defense of computers and networks around the world? Penetration testing or pentesting is one of the most challenging and rewarding areas of cybersecurity. At Cover6 Solutions, we do pentesting every day and we’re ready to share our knowledge with you if you’re ready to learn!
Welcome to our all-new Pentester Prep Workshop, where you’ll be exposed to the latest tools and technologies available for offensive cyber. Our intensive two-day workshop (Saturday & Sunday 9-5 PM ET) covers everything you need to get started in the red-hot field of pentesting.
You may be brand-new to cyber or maybe you already have some experience; either way, you will be getting your hands dirty and acquiring new skills to succeed in this high-demand field. That’s right, this is a very hands-on course and we have created challenging new labs and a brand-new virtual environment that will closely simulate actual pentesting engagements. We can’t wait for you to try it, we believe this will offer the most realistic pentesting training available today!
This workshop is tailored to prepare students to pass all major pentesting certification exams, including the CompTIA Pentest+, eJPT, and the CEH Practical. The only prerequisites for this workshop are curiosity and enthusiasm: you will need both!
The provided content is listed below as a guide for the course and is subject to change. We appreciate your support and hope that you enjoy the training. We look forward to your participation and feedback as well.
If you have any additional questions outside of the FAQs, please do not hesitate to reach out to [email protected] and we will be happy to assist you.
Course Outline
This course is tailored to assist with the preparation for all offensive (practical) exams. It also includes the five primary exam objectives for the CompTIA Pentest+ Certification which are:
- Planning and Scoping
- Information Gathering and Vulnerability Identification
- Attacks and Exploits
- Penetration Testing Tools
- Reporting and Communication
Please note This is NOT an official CompTIA or CEH training class, but rather a preparation course for real scenarios you may encounter in pentesting engagements or on a certification exam. Various tools, techniques, and procedures will be covered during the sessions, so those listed in the syllabus above are just examples. This material is subject to change.
If you are interested in establishing a foundation of skills for a successful information security career, then this workshop is for you!
This Beginner-Intermediate, eight-week (every Tuesday night) workshop encompasses the skills of both a Penetration Tester (Pentester) and a Security Operations Center (SOC) Analyst. Throughout the course, we will address and discuss various offensive topics, tools, technologies, and methodologies used in the industry. Also, participants will learn how to respond to a network that is currently under attack—using industry technologies such as Nmap, Windows Sysinternals, Security Onion, Wireshark, Splunk, and Nessus. Students will learn numerous strategies to help defend against several attack scenarios.
A Pentester develops and uses offensive skills and techniques to identify weaknesses for exploitation. SOC Analysts identify compromised machines and malicious actors. These highly sought-after individuals utilize defensive security skills and techniques that are commonly used in the industry while working to mitigate any damages that may have occurred.
The provided content is listed below as a guide for the course and is subject to change. We appreciate your support and hope that you enjoy the training. We look forward to your participation and feedback, as well.
Our team has worked hard to create a course that provides a unique learning experience that you won’t find anywhere else. This will be challenging but it will be worth it. It will jump-start your career in cybersecurity and give you an outstanding foundation for the future!
If you have any additional questions outside of the FAQs, please do not hesitate to reach out to [email protected] and we will be happy to assist you.
This course is also tailored to help you prepare for the following certifications.
- CySA+
- eJPT
- CEH Practical
Breaking into Cybersecurity w/ Tyrone E. Wilson
Home Lab Setup | Building an Effective Cybersecurity Learning Environment
Passive Information Gathering
Active Information Gathering
Understanding the Metasploit Database
Incident Handling & Threat Hunting w/ Security Onion: Gain Hands-On Cybersecurity Experience
IPv6 Enumeration & Attacks
Virtual Security Operations Center (SOC) Analyst Prep Workshop (Live) – FREE Session
You can check out the following references to gain familiarity with terms and topics you will hear in class.
Virtual SOC Analyst Prep Workshop (Live) – February 20th & 21st, 2021
10:00 AM – 4:00 PM EST
Virtual SOC Analyst Prep Workshop (Live) – March 6th & 7th, 2021
10:00 AM – 4:00 PM EST
Attack & Defend Workshop (Live) – Starting March 9th 2021
6:00 PM – 9:00 PM EST