User accounts are something we all use every day. They are a fundamental component of the internet and our increasingly digital world. We use them to protect our information and systems for hackers and cybercriminals, yet user accounts are hacked every day. This hands-on course is about how hackers attack user accounts and how we can defend against these constantly evolving attacks.
User Accounts are Powerful, Valuable, and Easy to Hack
User accounts are still the number one target for hackers today. The reason for this is that with a legitimate user account you can access, control, and change all of the information available to that user. To achieve this level of control through a software vulnerability can be incredibly difficult, if not impossible. Yet, with the right username and password, you can do all sorts of incredible things that you shouldn’t. When used as intended, user accounts are very valuable. When used by criminals they are incredibly powerful and dangerous. And, as we will cover in this course, they are really easy to hack.
What Is Covered In This Course
In this course, I’ll be focusing specifically on how hackers target user accounts and how we can defend them against criminals attacks. To do this we need to understand how user accounts work, how developers write user functionality in software applications, how criminals attempt to bypass the controls we put in place, and we can mitigate the constantly evolving threats we face every day.
I won’t be covering software vulnerabilities that lead to the compromise of user accounts such as SQL injection, cross-site scripting, remote code execution, or anything else that is based on exploiting vulnerabilities in code. That’s for another course. I will, however, cover how criminals can use the output of these breaches against us and how we can defend against each type of attack.
The course content will range from explaining very high-level concepts such as IAAA (Identification, Authentication, Authorisation, and Accountability) down to very low-level technical details, including code examples and tutorials on how to use security tools such as John the Ripper for cracking password hashes and Hydra for brute-forcing passwords, to name just two examples. I’ll also discuss the psychology of how people create passwords and how we can use that against them and how we can steal passwords with phishing attacks.
Who Should Take This Course
While I’m aiming this course at people who are completely new to cybersecurity, the level of detail will range from beginner to very advanced, building on what has been covered in previous lessons. If you are looking at cybersecurity for the first time then I know this will be invaluable to you. If you have some experience then you will still find this useful. Just skim through or skip the bits you already know, then drop back in when you’re ready. Think of this as a choose your own learning adventure rather than a book that must be read from beginning to end.
As long as you have some general experience with using computers and the internet you should be fine. If you need help navigating around a desktop or laptop computer then you may struggle, but if you’re a competent desktop computer user then you should be in a good place to start.
My goal for all of my Learn Cyber Security courses is to teach you all of the things I wish I knew when I first started in this field. These lessons will condense 20 years of learning and experience into the a format which is easy to consume, detailed enough to explain things clearly without being full of fluff and filler, practical enough to be used every day in your career, and interesting enough to keep you engaged.
When creating something like this it’s critical to have a member of your audience in mind. My target audience is me, 20 years ago, completely clueless about cybersecurity but with a passion to learn as much as possible. If I forgot everything I know about cybersecurity tomorrow, the Craig Hays – Learn Cyber Security course series is what I would want to bring me back up to speed.
What Style Of Learning Can I Expect
I prefer to learn by doing. My goal is to explain a subject then immediately give you the opportunity to put what you have just learned into practice. I’m not a fan of the multiple-choice quizzes you get on certification exams. When I say put into practice I mean to literally open a web browser and attempt an attack, develop a python script, run a John the Ripper password crack, or write a deploy a phishing platform.
Learning is useless unless it is used. Experience is what will get you your first cyber security job, not certifications.
Is This Course Free?
Yes and no.
I want to make this course as accessible to everyone as I possibly can. I know that not everyone can afford to pay for their own education. For many of us, education is the key that will unlock higher levels of income, income that would allow us to pay for our own education. It’s a circular problem. Without training, I can’t get a better job than pays more money. Without more money, I can’t pay for training and I can’t get a better job. For this reason, I’ll be releasing large parts of this course for free. If that situation sounds familiar, I want to help you break the cycle and improve your life through a career in cybersecurity.
The full course is available in my own online learning platform. It contains all of the course materials in written, video, and audio form. It also includes the tools you need to run the labs and apply what you’ve learned to real-world scenarios.
Rather than charging a big up-front fee, my courses are available for a small monthly subscription. It shocks me how many courses are sold for large amounts of money then never completed. Instead, I want to incentivise you to complete the course quickly. The faster you learn, the less you pay, and the quicker you will develop the skills you need to kick-start or enhance your career. I’ll start you off with a free trial to ensure that it’s the right fit for you, then you’ll only pay for what you need. As soon as you’re done you can simply cancel your subscription and save yourself some money.
What Do I Get for Completing the Course?
There is no certification, there is no certificate of completion. You don’t get a final grade that shows how well you did. What you get at the end of the course is knowledge and experience that you can apply throughout the rest of your career. You’ll graduate with a set of skills which can be applied to all of the problems you come up against for years to come. And you’ll have experiences you can talk about with potential employers, things that you’ve actually done, problems that you’ve seen, and solutions that you’ve designed and implemented to solve real-world problems.
How Do I Get Started?
This course is still in development. For now, you can register your interest and receive updates on progress by completing this brief registration form:
Next: What is a User Account