http://ocw.cs.pub.ro/courses/ 2026-05-18T10:15:30+03:00 http://ocw.cs.pub.ro/courses/ http://ocw.cs.pub.ro/courses/lib/tpl/arctic/images/favicon.ico text/html 2025-10-06T13:11:59+03:00 http://ocw.cs.pub.ro/courses/isc/labs/01?rev=1759745519&do=diff Objectives * Simple CTF tasks * Introduction to Python scripting * Introduction to basic security-related tools Useful Tools * man * find * base64 * hexedit * Binwalk * john, zip2john * xxd * gzip, bzip2, tar * CyberChef text/html 2025-10-13T14:09:31+03:00 http://ocw.cs.pub.ro/courses/isc/labs/02?rev=1760353771&do=diff Objectives * Basic Cryptography * Symmetric Cryptography: AES * Block Cipher Modes * Asymmetric Cryptography: RSA Resources * Block Cipher Mode of Operation * Chinese remainder theorem - Broadcast attack * Fermat factorisation * Factor DB text/html 2025-10-20T11:02:33+03:00 http://ocw.cs.pub.ro/courses/isc/labs/03?rev=1760947353&do=diff Lab 03 - Authentication in Linux Objectives * Hashing * Linux PAM * Multi-Factor Authentication Preparation You may use the UPB's OpenStack cloud to instantiate a Virtual Machine. Read these instructions if you wanna know how! Overview Hashing is the process of converting data — text, numbers, files, or anything, really — into a fixed-length string of letters and numbers. Data is converted into these fixed-length strings, or hash values, by using a special algorithm called a hash fun… text/html 2024-10-30T12:07:07+03:00 http://ocw.cs.pub.ro/courses/isc/labs/04?rev=1730282827&do=diff Objectives * Mandatory Access Control * Discretionary Access Control * Unix Permissions & ACLs Preparation You may use the UPB's OpenStack cloud to instantiate a Virtual Machine to be used for this lab! Read these instructions if you wanna know how!. text/html 2025-11-04T11:49:08+03:00 http://ocw.cs.pub.ro/courses/isc/labs/05?rev=1762249748&do=diff Objectives * Call conventions & stack structure * Buffer overflow vulnerabilities * Using pwndbg & pwntools to facilitate exploit development Resources * Buffer overflow explained * Shellcode explained * ChatGPT's record for stack structure & buffer overflow (same length, but why bother read the opinion of some anonymous industry expert when you got the popular AI kid parroting the same stuff, right?) text/html 2025-11-10T11:35:33+03:00 http://ocw.cs.pub.ro/courses/isc/labs/06?rev=1762767333&do=diff Setup For this lab we will use the provided Windows VM. Please download it from here in advance (~12GB archived; you will need ~30GB of free storage on your computer). The VM should be compatible with VMWare (either Workstation or Player), VirtualBox and qemu+kvm (on x86_64!! will be very slow on Arm64). You can download VMWare here. We recommend VMWare Workstation >= 17. text/html 2025-11-17T10:35:51+03:00 http://ocw.cs.pub.ro/courses/isc/labs/07?rev=1763368551&do=diff Objectives * Web vulnerabilities, both server-side and client-side * Server-side SQL injection * Cross-Site Scripting, Cross-Site Request Forgery Background SQL Injection SQL Injection is a server-side code injection vulnerability resulting from improper (unsanitized) input directly concatenated into SQL queries. Typical server queries are built as strings: text/html 2025-11-24T12:18:39+03:00 http://ocw.cs.pub.ro/courses/isc/labs/08?rev=1763979519&do=diff Objectives * Port Scanning (nmap) * Traffic filtering / manipulation (iptables) * Port knocking * Man in the Middle Attack Preparation Please spawn a virtual machine on openstack. You need to prepare the playground: * To make it easier for others to identify your VM, please run this command: text/html 2025-12-03T15:27:44+03:00 http://ocw.cs.pub.ro/courses/isc/labs/09?rev=1764768464&do=diff Remember the Cryptography lab? We're going to build on top of that by teaching you the basics of Public Key Infrastructure (PKI) and Transport Layer Security (TLS) shenanigans, giving you an overview of how they are integrated into your daily life, ensuring the security of your communications. text/html 2024-12-11T10:20:11+03:00 http://ocw.cs.pub.ro/courses/isc/labs/10?rev=1733905211&do=diff Objectives Today, we're going to learn how to configure two of the most widely used open-source VPN solutions: OpenVPN and WireGuard! * Set up OpenVPN and WireGuard servers on a Linux machine; * Configure clients to connect to each VPN; * Customize routing through the VPN. text/html 2026-01-12T10:52:13+03:00 http://ocw.cs.pub.ro/courses/isc/labs/11?rev=1768207933&do=diff Overview Privacy is a usually included in the larger security landscape, but it deals with aspects that concern people more that technologies and tries to answer a very tough question: “How to access/compute data without the owner know who you are?”. While, like everything, is a sword with two blades, it tries to allow people own their data in the digital world and to provide anonymity while browsing the Internet. text/html 2025-01-11T18:59:29+03:00 http://ocw.cs.pub.ro/courses/isc/labs/12?rev=1736614769&do=diff Objectives * learn about the vulnerabilities of deep learning models to adversarial samples * learn to craft adversarial samples that manipulate a deep neural network into producing desired outputs * generate an image which tricks this deep neural network: <https://isc-lab.api.overfitted.io/> * Gandalf prompt injection challenge!