This year I was able to get onto the Cyberfirst Advanced residential course. It was held in Warwick after the Cardiff event was cancelled. I met some interesting people and learned some new skills.
The course was divided between lecture time, where the two educators taught us content, and lab time, where we got to try things out in virtual machines. In the evenings there were activities such as quizzes and board games.
Although I already knew quite a bit of the theory from Cyberstart Essentials (apparently Cyberstart and Cyberfirst are completely separate programs run by different parts of government) I hadn’t used many of the tools we used such as Sqlmap for automatic SQL injection and OpenVAS for automated vulnerability scanning. I also learned some new concepts such as file carving and alternate data streams on NTFS.
The first day and a half covered digital forensics before we moved on to encryption. The third day focused on open source intelligence and the fourth on pentesting. On the final day was a capture the flag challenge which I really enjoyed.
It was great to go on a residential course because it was an opportunity to meet like-minded people with similar interests to mine. One person I met was also involved with air quality monitoring and ESP32 projects. Also, the food was free.
Now that the course is over I’m going to use the skills I’ve learned and the tools I’ve used to try and attack the server I created for the air quality system, to see if I can find any vulnerabilities and hence improve its security. I’m also planning on trying out the Hack the Box online challenges.
Brychan Thomas' projects 