Skip to content

Reflection & Impact

Back to Workshop Overview

Workshop Overview

The Cybersecurity Crash Course – Offensive Security, organized by the Automated Systems and Computing Lab (ASCL) at Prince Sultan University, was a three-day intensive workshop designed to introduce participants to cybersecurity from an attacker's perspective. The workshop emphasized the principle "think like a hacker to defend like a professional", combining theoretical foundations with hands-on technical practice.

The sessions covered environment setup, Linux fundamentals, the cyber attack lifecycle, reconnaissance methodologies, and practical challenges such as the OverTheWire Bandit wargame.

Key Learning Outcomes

Understanding the Attacker's Mindset

One of the most important takeaways from this workshop was learning how attackers approach systems methodically rather than randomly. By studying the cyber attack lifecycle — from reconnaissance and initial access to privilege escalation and impact — I gained a clearer understanding of how real-world attacks are structured and executed. This perspective is essential for anticipating threats and designing effective defensive strategies.

Environment Setup and Linux Proficiency

The workshop reinforced the importance of working within a safe and isolated security lab using VirtualBox and Kali Linux. Setting up the environment independently improved my confidence in managing virtual machines and highlighted why Linux proficiency is critical in cybersecurity. Through continuous use of Linux commands — file navigation, permissions, searching, and process inspection — I developed stronger command-line skills that are foundational for penetration testing and system analysis.

Hands-On Practice with OverTheWire Bandit

Completing the OverTheWire Bandit challenges (Levels 0–33) was one of the most valuable components of the workshop. These challenges transformed theoretical concepts into practical skills, particularly in:

  • File handling and permissions
  • Searching and filtering data
  • Working with encoded and compressed files
  • Privilege escalation using SUID binaries

The Bandit exercises demonstrated how small misconfigurations or overlooked details can lead to security weaknesses — reinforcing the importance of attention to detail in both offensive and defensive security work.

Reconnaissance Tools and Research Skills

The reconnaissance research assignment expanded my understanding of how attackers gather information before exploitation. By studying and experimenting with tools such as Nmap, Maltego, Legion, Burp Suite, Gobuster, FFUF, and Aircrack-ng, I learned how different tools target different layers of a system — hosts, networks, DNS, web applications, and wireless networks. This assignment emphasized that effective attacks (and defenses) begin with thorough information gathering.

Ethical and Professional Awareness

A critical aspect of the workshop was the strong emphasis on legal and ethical responsibility. The reminder that authorization is mandatory and that these techniques must only be applied in controlled environments reinforced the professional standards expected in cybersecurity. This helped frame offensive security not as malicious activity, but as a disciplined and ethical practice aimed at improving system security.

Overall Reflection

This workshop provided a solid foundation in offensive security by balancing theory, practice, and ethics. It strengthened my technical skills, improved my understanding of attacker methodologies, and highlighted the importance of continuous learning in cybersecurity. The experience has increased my interest in penetration testing and defensive security roles, and motivated me to explore advanced topics and certifications further.

The Cybersecurity Crash Course was not only an educational experience, but a practical stepping stone toward becoming a more security-aware and capable professional.