Course Review: The Hacker Academy Online Curriculum

| June 30, 2011

hackeracademy_logo.jpgReview by Tony L Turner CISSP, CISA, GIACx4, OPSE, VCP, ITIL-F

The Hacker Academy (THA), with their online ethical hacking curriculum, fulfills an integral training need for security professionals. There are many training programs available today that teach tools and techniques for hacking. Some are better than others or suited to slightly different specializations such as web, network or wireless pen testing, but most of them are presenting very similar content. The problem is that most of these programs offer static content. By that I mean that the material does not change frequently, and the student is forced to find ways to stay current on new techniques. I think most of us would agree that it is a requirement in this field, but it can be very expensive and time consuming constantly going to conferences, trying to sift through Twitter or the hundreds of blogs for that useful tidbit. THA seeks to address that very problem with constant updates to the content by adding modules at an alarming rate. The cost is very reasonable at $95/month or $995/year with no contract required.

The format of the course includes web-based videos of the content, a lab component for each module, additional reading from external sources, comments sections for the module to interact with other students and instructors, and virtual machines for the attack platform using Backtrack 4 and various target VMs.  Instructors are real-world professionals such as EH-Net columnist Mike Murray, Mike Bailey, Daniel Frye and Jeremy Conway. THA’s Online Curriculum consists of two primary sections, Ethical Hacking and The Cutting Edge.

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:/root}

The first section of THA’s Online Curriculum, Ethical Hacking, forms the core skillset of the course. These are the skills that form the basis of what it means to be a penetration tester. It takes the student from a beginner level to the point where one can start to understand what is happening with various attacks and become more self-sufficient. This course will not make you an expert overnight, but it will help you start to think like a hacker and understand how to accomplish your security testing tasks.

The Cutting Edge content modules are the dynamic updates that occur several times a month and build upon the Ethical Hacking core. As the name implies, many of these modules include new and exciting or more advanced attacks.

Now that we have the basic introduction to the course out of the way, let’s take a deeper dive into the content of the course itself starting with the Ethical Hacking core modules. As stated above, these are the baseline skills needed to become a penetration tester and are broken down into 30 modules within the following 8 subsections:

• Hacking Fundamentals

 Security Fundamentals
 The Mind of a Hacker
 Professional Penetration Testing

• Reconnaissance

 Business Intelligence
 Network Intelligence
 Search Engine Hacking
 FOCA

• Network Penetration

 Networking Basics
 Denial of Service
 Sniffing
 Network Penetration
 Network Orientation
 Passive OS Fingerprinting
 Using Nessus
 Network Scanning
 ARP Attacks and Intro to Ettercap

• Server Penetration

 Protocols and Basics
 Exploitation of Buffer Overflows
 Using Metasploit
 Brute Force: Hydra and Medusa

• Client Penetration

 Client and User Attacks
 Social Engineering Basics

• Web Application Penetration Testing

 Web Application Hacking Basics
 SQL Injection
 Cross-Site Scripting (XSS)
 Cross-Site Request Forgery (CSRF)
 Browser Exploitation Framework (BeEF)

• The Structure of a Penetration Test

 The Basics of Structure

• Programming and Reverse Engineering

 Basics of Coding in Ruby
 Coding Meterpreter Scripts with Ruby

These core modules are also being expanded upon on a regular basis. For instance last fall, the Programming section did not exist. It was added in December and expanded in January. THA is constantly adding more material and this continues to demonstrate value for the student.

One of my favorite parts here are the inclusion of critical thinking and mindset sections. For instance in “The Mind of a Hacker” section, there are labs on Convergent and Divergent Thinking, Inductive and Abductive Reasoning and Recursion. These kinds of exercises really help you hone your ability to think critically and problem solve. Modules like “Professional Penetration Testing” cover such areas as keeping lab notebooks and using scientific methods to analyze security problems. The methodologies covered help you use these techniques to perform testing activities in a way that is ordered and methodical yet allows for creativity and “out of the box” thinking. Although these are the core skills for penetration testing, there are also the more technically fun modules, where you get to play with the tools and practice your root dance.


critthink.jpg
Slide Pic


In the more technical modules, there is usually sufficient information in the videos to provide a basic introduction to the topic, and then the labs expand upon that as the student actually uses the tools. In many instances, the labs provide opportunities for the students to identify how they could apply these techniques within their own environment as well as tips for taking the attacks to the next level. The discussion portion of the lab is very helpful here as students can identify common issues both for the instructors as well as provide encouragement and assistance to other students. It’s a nicer learning environment than some less helpful programs like OffSec, but not quite as much spoon-feeding as you will see from SANS. It’s a nice balance.


beef.jpg
Slide Pic
 


Moving on to The Cutting Edge, there are a number of very interesting topics included here. Some of them have not received much coverage in other courses or are very new ideas, while others like some of the “advanced” Metasploit topics probably belong in the Ethical Hacking core group. Either way there is some excellent material.

One thing I’d like to point out is that not all modules are written by the same authors, so there will be some variance in content. For example I found the modules Jeremy Conway did on PDF attacks to be a bit more technical and thorough in their explanations than some of the other modules. This will either be a pro or a con for folks depending on whether you want to be spoon-fed or taught concepts. This lack of consistency is probably one of my main issues with the course. There were some modules that I felt were not detailed enough and could use a deeper look, but it did not detract terribly from the overall value of the curriculum.

At the time of writing this review, The Cutting Edge includes:

• Cross-site Flash Attacks
• Social Engineers Toolkit (SET)
• Introduction to PDF Attacks
• Cloud Computing
• PDF Reconnaissance and Data Disclosure Attacks
• Metasploit Advanced Topics: Using the db_ commands
• Introduction to the PDF Launch Action
• Metasploit Advanced Topics: Post-exploit with Meterpreter – Recon and Getting “Stuff”
• Metasploit Advanced Topics: Post-exploit with Meterpreter – Evasion and Connecting
• Experimenting with the PDF Launch Action
• PDF Exploitation via Metasploit
• Introduction to Armitage
• Evilgrade: Client Exploitation One Update at a Time
• SQLNinja: Attacking Microsoft SQL Servers
• Discombobulating a SOC: Syslog Spoofing
• ProxyChains: the Ultimate Proxifier!

Pros:

• Regular updates is a real defining feature of the program and glad to see that expectation is being met with regular course additions. This is by far my favorite part of the course. Some of the topics were very exciting and new for me. I really like playing with Scapy and enjoyed modules like Syslog Spoofing and SQLNinja.
• Good broad coverage of material that covers most of the bases, but not as deeply as I’d like.
• Excellent addition of critical thinking and mindset sections. This is often missed and is very important. So much of what we do requires a certain mindset that no amount of tutorials on technology X will be able to fix unless the tester can put on their “evil hat” and really think outside the box.
• Making the student work for the knowledge gets them used to doing what will be required of a professional in the real world. Nobody will spoon-feed you on a real pentest, but there is some good help here. Often it may just be a hint, but that’s usually enough for the student to take things to the next level.
• Downloadable slides and virtual machines allow students to work on the content even when they do not have internet access. I did a couple of modules on a flight with no internet access.

Cons:

• Some videos are too short and seem somewhat lacking in content. This may not be an issue for some, but the core classes are so beginner level that I found myself bored at times and really wanted to see it kicked to the next level. This is offset some by the lab exercises, and even more so by The Cutting Edge, but as someone who has primarily focused on SANS training, I tend to set the bar pretty high here. The depth of technical content needs to be a bit more consistent, and it appears that more recent content has gotten improved here.
• I really felt a need for a module on scoping engagements and on documentation (maybe Leo or Dradis) and report writing and how to correlate technology risk to business risk. This is touched on a little with the external links to scientific note-taking, but this needs to be expanded upon and put into context for security testers. It’s not sexy I know, but this is the bread and butter of pentesters, and without those skills students will not be prepared. Very few courses do this well but it’s a critical need. I know Mike Murray feels pretty strongly here as well, and I hope to see some more good info on these topics moving forward.
• Other thoughts: More combined attacks. Testing is not done in a vacuum and real-world tests combine multiple techniques. What do the students do when their attacks don’t work? How do they work around the issues? The critical thinking piece helps here, but how can they apply that to testing? What do they do when they break something? What do they do when they embarrass someone and create a dramatic moment?

Conclusion

Initially, I had somewhat mixed feelings about the course. I communicated many of my issues to THA staff, and they have resolved most of my initial problems. For instance, the first product I tested had horrible video quality. It was so bad that I could not read the slides on my 24 inch monitor. But after communicating my thoughts, they resolved the issue right away. Furthermore there were several gaps in the modules for core skillsets that missed the boat on some very important areas like programming but most of those have been closed.

I would have had a hard time recommending the course on the basis of the core modules alone, but the updated extra cutting-edge content redeems the failures of the course for me, and the core modules are getting better all the time. The cost of the course is certainly very doable for most people and at $95/month is more affordable than many of the other courses out there. I’ll be following up again in a few months as Mike Murray has indicated that some upcoming changes might make for another look, but I feel good recommending this course as it is.


 

Category: /root

Comments are closed.