2nd Annual Virginia Cybersecurity Education Conference

Understanding the difference between vulnerabilities and exploits is an important part of a cybersecurity student’s education. One of the best ways to gain this understanding is by actually exploiting vulnerabilities on target systems. In this workshop, attendees will learn how to use freely available security tools to teach basic exploitation concepts. The workshop will begin with a discussion of VirtualBox with an emphasis on those configurations necessary for safely launching exploits in a virtual environment. After a review of VirtualBox, attendees will explore Metasploitable, an intentionally vulnerable operating system designed for testing security tools and demonstrating common vulnerabilities. After Metasploitable, workshop users will review Kali Linux and its embedded vulnerability and exploitations tools, including nmap, but especially Metasploit, the leading software platform for developing, testing, and executing exploits. The workshop will close by teaching attendees how to launch exploits against target Windows and Linux Metasploitable systems.

After the workshop, electronic copies of all the presentation and lab materials will be provided to attendees so that they can be used in their own courses.