In Spring 2022, UWEcyber hosted a series of workshops for school teachers in the West of England region.
The purpose of the workshops was to help teachers in the region to develop their knowledge and understanding around cyber security, and specifically, to discuss and facilitate teachers in developing their own practical teaching resources to help support their delivery of the cyber security schools curriculum. Workshop attendees have developed a range of practical-based lesson plans, ranging from penetration testing using the OWASP Juice Shop, developing a cyber range for attack and defence, machine learning for identifying suspicious phishing emails, and online Open Source Intelligence challenges for identifying suspicious user activities.
The following schools in the West of England region have taken part in the on-site workshops: Bristol Grammar School, Cotham School, City of Bristol College, St Bede's Catholic College, Brimsham Green School, Badminton School, The Crypt Grammar School (Gloucester), Chilton Trinity School (Bridgewater). The workshop was open to all schools in the region, with supply teacher costs funded by the project.
Resources and Downloads:
Disk Image - UWEcyber-KaliPi (32GB) (v1.0.1 - updated 11th March 2022)
Disk Image - UWEcyber-RasPwnOS (8GB) (v1.0.1 - updated 11th March 2022)
For live sessions that have been recorded please find details below. Please note that not all sessions are recorded, due to the nature of the workshop design to facilitate 1-2-1 discussion with participants in the classroom.
24th January 2022: OhSINT and Juice Shop via TryHackMe.
7th February 2022: Further learning resources via TryHackMe.
14th February 2022: Useful resources related to creating Open Source Intelligence exercises.
7th March 2022: Maddy Stow (Bristol Grammar School) and Leroy Bogle (St Bede's Catholic College) present their work on developing their lesson plan activities - Maddy looks at using Machine Learning for phishing email detection with the online tool (https://machinelearningforkids.co.uk/), and Leroy looks at a bespoke OSINT challenge he has developed using GitHub, Wix and and ProtonMail.
Cyber Security Bootcamp
We will show a complete "boot-to-root" example of penetration testing. The purpose of the exercise is to get a feel for the process involved, and to introduce some initial tools that you need to be familiar with. You will want to study the process again at a slower pace in your own time, to fully understand how to gain full machine access.
We will explore a vulnerable web application to demonstrate common issues that can be exploited by attackers. We will use Burp Suite to examine requests and to further our understanding of networking and communications. You will want to study the Juice Shop further in your own time, and reflect on your reading from the W3 schools materials.
We will explore Splunk - a Security Information and Event Management (SIEM) tool for investigating cyber security data feeds. It is widely used by cyber security analysts and Security Operations teams. We will work through a scenario where we investigate the activities related to the cyber attack using Splunk.
We will explore Metasploit - a widely used tool for offensive security that can be used to deploy known attack vectors (CVEs) against target machines. It is a powerful tool suite so you should conduct research on the tool using the first room. The second room illustrates this tool in practice for gaining access to a vulnerable Windows machine. Previously we have accessed a Linux machine, and so this will give you some exposure to different Operating Systems. We also explore Bolt to see how a Content Management System (CMS) could be compromised.
We will take a brief look at malware analysis to introduce the topic area. We will consider the different ways that malware can be examined. We will run some practical examples of malware analysis using TryHackMe to ensure safe execution of any potentially dangerous files. We will explore how malware developers may attempt to hide their actions, and how we as defenders may attempt to recover this behaviour.
Cyber security practitioners should have an awareness of information risk management - it is fundamental to the role of protecting data, information, and computer systems. You should think about the threats, vulnerabilities and assets that contribute to give an overall risk, and how that can be assessed based on likelihood and severity. You should consider how to mitigate attacks that may impact on confidentiality, integrity and availability of information.