C-FAB 2
Continue your cybersecurity journey. Burp Suite, web recon, OWASP Top 10, defensive strategies, encryption essentials, pentesting methodology, and career next steps.
1. Burp Suite: Web Proxy
Module 3: Tools of the Trade. Intercept HTTPS (with cert install).
3. OWASP Top 10: Injection Attacks
Module 4: Common Vulnerabilities. SQLi on unencrypted DBs.
4. OWASP Top 10: XSS & CSRF
Module 4: Common Vulnerabilities. Client-side issues.
7. Firewalls & UFW/iptables
Module 5: Defensive Strategies. Rules for secure ports.
9. Encryption Essentials
Module 5: Defensive Strategies. Symmetric (AES-256, CBC/GCM, OpenSSL enc). Asymmetric (RSA, genrsa). Hashing (SHA-256, salting). HTTPS/TLS, PGP. Hands-on: VeraCrypt USB, crack weak keys ethically.
10. Advanced Crypto & Disk Encryption
Module 5: Defensive Strategies. Full-disk (LUKS, BitLocker). PKI/certificates (OpenSSL self-signed). Weak keys, padding oracles. Lab: HTTPS on local Apache.
11. Pentesting Methodology
Module 6: Ethical Hacking Phases. Crypto in recon (cipher suite enum).
12. Exploitation with Metasploit
Module 6: Ethical Hacking Phases. SSL exploits.
13. Maintaining Access & Pivoting
Module 6: Ethical Hacking Phases. Encrypted C2 channels (e.g. SSH tunneling).
14. Incident Response & Forensics
Module 7: Advanced Topics & Career. Decrypting evidence (e.g. Wireshark TLS keys).
15. Career Paths & Next Steps
Module 7: Advanced Topics & Career. Crypto roles (e.g. cryptanalyst), certs like Security+.