Introduction to Python w/ Joff Thyer
March 14 @ 9:00 am – March 15 @ 6:00 pm EDT
Instructor: Joff Thyer
Course Length: 16 Hours over 2 days
(Students are encouraged to spend additional time working on labs.)
Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
|Thursday, March 14, 2024:
|9:00 AM – 5:00 PM*
|Friday, March 15, 2024:
|9:00 AM – 5:00 PM
All times are Eastern.
This class is part of the The Most Offensive Con that Ever Offensived March 2024 Summit. Registration for any The Most Offensive Con that Ever Offensived March 2024 Summit class includes registration for the summit and all of its presentations, talks, and streams.
Clicking on the button above will take you
to our registration form.
One of the most pressing needs Information Security professionals face today is the need to automate their work in both the attack, and defense context. Skills gained for automating tasks in programming languages are critical to scale up the efforts of a limited security professional talent pool.
For example, it is not uncommon to find useful Python scripts on the Internet that are at a Proof-of-Concept stage to quickly achieve some information security professional goal. Penetration testers, incident responders, forensics, and defense professionals need the ability to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool.
This course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
The expectation as to whether students can complete all exercises is dependent on prior student experience, and knowledge. Python is a language that is best approached if a student has some elementary programming background (such as shell scripting for example).
- Familiarity with Python syntax and programming skills
- Ability to construct Python scripts to solve commonly encountered information security problems
- Understanding of the Python interactive shell, as well as Python scripting.
Who Should Take This Course?
- Penetration testers, incident responders, security operations personnel, security forensics personnel, and systems administrators.
- Any information security professional who wants to learn Python programming towards the goal of increasing their productivity.
Audience Skill Level
- Knowledge of how to use text editors, and UNIX/Linux command line is helpful.
- Some exposure to scripting languages such as PowerShell and Bash.
- Elementary programming skills is beneficial but not required.
- Stable Internet access
- x86 architecture CPU clocked at 2 GHz or higher that is capable of nested virtualization
(Apple Silicon is currently not supported)
- A computer with at least 8 GB of RAM. 16 GB is recommended
- VMWare Workstation or VMWare Fusion
(VirtualBox and other VM software is not supported)
- Windows 10/11, MacOSX+, or a currently supported Linux Distribution
- Full Administrator/root access to your computer or laptop
What Students will be Provided With
- Access to download an Ubuntu desktop based Virtual Machine for class use
- Access to PDF copy of the slideware
- Access to a companion CTF server across the Internet
- Module 1: About Python
- Module 2: Strings, Input and Output
- Module 3: Writing Your First Script
- Module 4: Code Blocks, Indentation and Functions
- Module 5: Conditional Logic
- Module 6: Lists
- Module 7: Loops and Python Modules
- Module 8: Dictionaries
- Module 9: Files and Databases
- Module 10: Requests
- Module 11: Python Classes, Exception Handling, and Other Modules/Packages
- Module 12: Regular Expressions (Optional)
Trainer & Author
Joff Thyer has been a penetration tester and security analyst with Black Hills Information Security since 2013. Prior to joining the InfoSec world, he had a long career in the IT industry as a systems administrator and an enterprise network architect. He has an Associate’s in Computer Science, a B.S. in Mathematics, and an M.S. in Computer Science, as well as several certifications. The best part of a penetration test for Joff is developing sophisticated malware that tackles defensive solutions, ultimately delivering exciting wins for company engagements. He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. When Joff isn’t working or co-hosting the Security Weekly podcast, he enjoys making music and woodworking.