What is Seed Labs?
Seed Labs Project is an open source initiative on cyber security training & education, managed by Dr. Wenliang (Kevin) Du. Seed Labs cover a range of topics in computer and information security, including software & hardware security, network security, web security, operating system security and mobile security.
Seed Labs has a teaching philosophy of three principles, that makes its content valuable both to professionals and beginners in cyber security.
Teaching Philosophy 1: Learn by Doing
The most significant principle of both the platform and the book is its hands-on approach. For each security principle, a series of hands-on activities are provided to help explain the security principles. Fon instance, if a security principle involves an attack, the book guides readers to actually launch the attack in a contained environment. If a principle involves a security mechanism, the book guides readers to implement a mini-version of such mechanism. All the hands-on activities are conducted in a virtual machine image and they can be downloaded from the Seed Labs Project website.
Teaching Philosophy 2: Learn in Depth
In Seed Labs and at the associated book, all topics are covered thoroughly and as deep as needed. In addition to explaining the security principles and concepts, the goal is to help readers to gain a deeper understanding of them. For complex topics, often analogies are used at the beginning to help readers gain an intuitive understanding of the topics. It then adds complicated factors one at a time, and eventually covers the full depth of the topics.
Teaching Philosophy 3: Learn the Fundamentals
The author believes in that readers who have mastered the fundamentals can quickly adapt their knowledge to work on emerging security topics, but those who just learned a trending security topic will have a hard time to adapt when new technologies come up.
Contents of the Seed Labs
Seed Labs platform and the associated book of Computer and Internet Security written by Dr. Wenliang (Kevin) Du cover currently the content listed below.
- Software Security
- Set-UID Programs
- Environment Variables and Attacks
- Shellshock Attack
- Buffer Overflow Attack (Sample Chapter)
- Return-to-libc Attack and ROP
- Format String Vulnerability
- Race Condition Vulnerability
- Dirty COW
- Reverse Shell
- Web Security
- Cross-Site Request Forgery Attack
- Cross-Site Scripting Attack
- SQL Injection Attack
- Hardware Security
- Meltdown Attack
- Spectre Attack
- Network Security
- Packet Sniffing & Spoofing
- Attacks on the TCP Protocol (Sample Chapter)
- DNS and Attacks
- Virtual Private Network
- The Heartbleed Bug and Attack
- Secret-Key Encryption
- One-Way Hash Function
- Public Key Cryptography
- Public Key Infrastructure
- Transport Layer Security
- Bitcoin and Blockchain
- Resources to Slides, Problems and Labs
- Open Source Seed Project (GitHub)
- Udemy Lectures
- Computer & Internet Security: A Hands-on Approach, 2nd Edition (Amazon)
To learn more about cyber security training, you could also visit our training page.