UWECyber Pi Labs for Teachers

In Spring 2022, UWEcyber hosted a series of workshops for school teachers in the West of England region.



Motivation?

The purpose of the workshops was to help teachers in the region to develop their knowledge and understanding around cyber security, and specifically, to discuss and facilitate teachers in developing their own practical teaching resources to help support their delivery of the cyber security schools curriculum. Workshop attendees have developed a range of practical-based lesson plans, ranging from penetration testing using the OWASP Juice Shop, developing a cyber range for attack and defence, machine learning for identifying suspicious phishing emails, and online Open Source Intelligence challenges for identifying suspicious user activities.


Participants

The following schools in the West of England region have taken part in the on-site workshops: Bristol Grammar School, Cotham School, City of Bristol College, St Bede's Catholic College, Brimsham Green School, Badminton School, The Crypt Grammar School (Gloucester), Chilton Trinity School (Bridgewater). The workshop was open to all schools in the region, with supply teacher costs funded by the project.

Resources and Downloads:


Recorded Sessions:

For live sessions that have been recorded please find details below. Please note that not all sessions are recorded, due to the nature of the workshop design to facilitate 1-2-1 discussion with participants in the classroom.

  • 24th January 2022: OhSINT and Juice Shop via TryHackMe.

  • 7th February 2022: Further learning resources via TryHackMe.

  • 14th February 2022: Useful resources related to creating Open Source Intelligence exercises.

  • 7th March 2022: Maddy Stow (Bristol Grammar School) and Leroy Bogle (St Bede's Catholic College) present their work on developing their lesson plan activities - Maddy looks at using Machine Learning for phishing email detection with the online tool (https://machinelearningforkids.co.uk/), and Leroy looks at a bespoke OSINT challenge he has developed using GitHub, Wix and and ProtonMail.

Cyber Security Bootcamp

  • Week 1: Basic Pentesting [TryHackMe - Basic Pentesting] [Guide] [Video] [Blackboard]

  • We will show a complete "boot-to-root" example of penetration testing. The purpose of the exercise is to get a feel for the process involved, and to introduce some initial tools that you need to be familiar with. You will want to study the process again at a slower pace in your own time, to fully understand how to gain full machine access.


  • Week 2: Basic Web Application Security [TryHackMe - OWASP Juice Shop] [Guide] [Blackboard]

  • We will explore a vulnerable web application to demonstrate common issues that can be exploited by attackers. We will use Burp Suite to examine requests and to further our understanding of networking and communications. You will want to study the Juice Shop further in your own time, and reflect on your reading from the W3 schools materials.


  • Week 3: Security Operations using Splunk [TryHackMe - Splunk] [Guide] [Blackboard]

  • We will explore Splunk - a Security Information and Event Management (SIEM) tool for investigating cyber security data feeds. It is widely used by cyber security analysts and Security Operations teams. We will work through a scenario where we inves