Cyber threats: Email, Network, Malware (Student Note)

In this session, you should install a cybersecurity lab environment and perform some simple security tests. You will use this lab environment to learn how to create and detect a phishing email, penetrate a system and detect cyber attacks, etc. This will help you to develop a machine-learning model in the next session to detect email threats, such as phishing and spam.

You should do the following activities.

1. Install and setup the security lab environment. An instruction is here.
2. Perform a vulnerability scan (e.g., by NMAP).
3. Simple penetration tests (Examples)
4. You will use a phishing simulation tool to create a phishing email and webpage. This guideline can help you learn phishing signs.

You can work in two teams (A and B). Team A should create phishing and legitimate emails, and Team B should detect them (and explain why they believe it’s a phishing or legitimate email).

You can install this cybersecurity lab environment on your personal computer and perform different penetration tests.

Important note: DO NOT perform penetration tests outside the lab environment on real systems, as you might face ethical and legal issues. You must get approval to perform a penetration test (see here).