Penetration testing course just finished. Course received overwhelmingly positive feedback.
Feedback average was excellent 4.9 out of 5. So most students gave the best possible feedback grade 5. Read pentest course reviews (in Finnish).
The next Penetration Testing course starts in March 2022. It's fully booked, but as participants are chosen with a test, you can get a place from the queue. Enrollment for the queue opens 2022-01-03 w01 Mon.
To find academic sources quickly: Search Google Scholar (full text link is on the right, free of charge), check Journal JUFO level (level>0).
Once you find a good one, find related articles with Connected Papers.
An APT (advanced persistent treath) is out to get you.
For hard targets that have done their pentests and audits, someone has to simulate APT attacks to test the defenses.
That someone is Niklas. He runs a red team in F-Secure, and has broken into many networks. And stayed there.
Niklas visits my pentest course tomorrow, w48 Tue 2021-11-30. I have some extra seats, email me to get one.
Update: Many courses are now fully booked, but you can join the queue. Late enrollment opens 2022-01-03 w01 Mon 08:00.
Update: Over half of the places are booked, enroll quickly!
Update: Linux palvelimet (in Finnish) is fully booked, enroll to get a good place in the queue.
Spring 2022 course enrollment opens Monday 08:00.
Update: 30% of places booked (in a couple of hours). Enrollment is open right now.
Secure your systems & learn crypto currencies!
Päivitys: Monet kurssit tulivat täyteen, kannattaa ilmoittautua jonoon. Jälki-ilmoittautuminen aukeaa 2022-01-03 w01 maanantaina kello 08:00.
Päivitys: Ilmoittautuminen auki, yli puolet paikoista varattu. Ilmoittaudu pian!
Päivitys: Linux palvelimet on täynnä, ilmoittaudu nopeasti ja saat paremman paikan jonosta.
Kevään 2022 ilmoittautuminen aukeaa maanantaina 08:00.Päivitys: 30% paikoista varattu parissa tunnissa. Ilmoittautuminen on auki juuri nyt.
Linuxia, satojen koneiden hallintaa, murtautumista, kryptovaluuttoja...
Remotely control hundreds of machines, from cloud to laptop. Excellent 4.95/5 feedback, read student comments.
Linux course done, and now you want more? Your laptops keep moving around the network and go behind firewalls, but you still want to control them? You went to cloud, and have so many computers now?
Enroll Monday at 08:00 Want to study in the evening? There is a special evening version, which has some spots available.
New visitor: Juho Syrjänen, Fraktio: DevOps.
Learn security fundamentals to understand current trends. Blockchains, TOR network and video conference encryption all stand on these fundamentals.
Enroll Monday 08:00 Enroll now, already 30% booked. 184% booked, queue started. Online, in English, in evenings, masters level. Very good 4.1 feedback
Learn to hack computers to protect your own.
In the course, you will break into target computers.
Excellent 4.9 out of 5 feedback from previous course.
Update: New visitor: Social Engineering with Riku Juurikko, Senior Security Manager, Elisa.
Update: New visitor: Forensic Analyses with Andrej Bondarenko, CEO, Difseco.
Update: New visitor: How to become invisible with Juho Jauhainen, Lead Incident Response Investigator, Accenture.
Learn to manage your own Linux server – in 8 weeks. Remotely, in evenings.
Beginners welcome. Excellent feedback. 4.8 out of 5. Course is in Finnish, 100% remote and in evenings.
Data security course, in English as you asked.
Enrollment opens Monday at 08:00.
Mika protects your payment card purchases.
At work, he has been buying external penetration testing. Now Mika is starting a team doing internal penetration testing for Poplatek (part of Nets). And tomorrow w47 Tue 2021-11-23, he will visit my ethical hacking course and tell us the lessons he has learned.
I have some extra places for those outside my course. The presentation is online and in Finnish.
My students Niko Heiskanen and SharkTal wrote a book shop, hlgbooks.com
Buy Niko's booklet "Paypal Integration", 1 EUR. The shop is more beta than the greek letter β, but you can buy from their website if you register first.
And yes, you can have the source code.
Start a two computer virtual network in minutes.
Read API docs offline. CLI, never leave the keyboard. Free download under GPL 3.
Supports DevDocs.io compatible JSON dictionaries, including Python, Go, HTML, Postgre and many others.
You can run Salt commands locally, and see the result immediately. This is useful for practice, testing and quick setup. The same Salt functions work in both Linux and Windows, so if you can't remember how to stop a daemon in Windows, this can help, too.
The most important state functions are pkg, file, service, user and cmd.
Final lab excersise for Linux server course "Linux palvelimet".
Feedback was excellent 4.8 out of 5. You can read feedback in comments.
Students had an empty virtual machine with Debian 10, and some hours to build systems for an imaginary client.
Build Python web service and publish it to the world!
Enroll 2022-03-14 w11 Mon 08:00. Last instance was fully booked on the day enrollment started.
Previous feedback was excellent 4.9 out of 5. Intensive online course 2022 w21-w22.
Learn to hack computers to protect your own.
Course is finished, feedback was 4.9 excellent. Thanks! Next course is Pentest 2022 spring.
In the course, you will break into target computers. Excellent feedback from 4.8 to 5.0 out of 5.
Only one seat left! Advanced course, I can usually get places to most of those who know the prerequisites well.Can't take more participants here. Next enrollment opens 2021-11-29 w48 Mon 08:00. The next course instance starts on 2022 w13.
Update: New visitor: Niklas Särökaari, F-Secure.
Update: New visitor: Mika Rautio, Senior Software Architect, Poplatek.
Remotely control hundreds of machines, from cloud to laptop. Excellent 4.95/5 feedback, read student comments.
Linux course done, and now you want more? Your laptops keep moving around the network and go behind firewalls, but you still want to control them? You went to cloud, and have so many computers now? Palvelinten hallinta ict4tn022-3014.
Yes, you can still enroll. Yes it's popular and yes there is a queue, but I can often fit many students from the queue.
Update: New visitor: Arttu Uskali, Head of Support, Upcloud
Update: New visitor: Juho Syrjänen, Fraktio
Create your own project with your team. Feedback 4.7 excellent.
Previous projects: evil USB keyboard, AI log analysis, physical access control, encrypted communications with free software... What will you build?
Learn to manage your own Linux server – in 8 weeks.
Beginners welcome. Previous instance student feedback excellent 4.8 out of 5. Course is in Finnish and 100% remote. Fully booked, queue started.
Course completed! Feedback was excellent 4.8 out of 5. Read more feedback in comments.
Infrastructure projects are completed. Projects varied from evil USB devices to mapping radio signals.
Press F4 to jump to a symbol, such as a function or a class. Supports Python, C, Go and 40 other languages.
Are you a writer or a researcher? Micro-jump also supports Markdown, F4 shows table of contents for a jump.
My micro-jump is now an official micro-editor plugin.
Enter guarded buildings with social engineering. Craft the email that owns the box. Connect hostile drop boxes to target networks. Bypass two factor authentication.
Luckily for us, Riku is one of the good guys. He has helped securing companies by testing their security, with their permission. Now Riku works as a senior security manager in Elisa.
Riku gave a visiting class on social engineering on my ethical hacking course. Just like last time, audince was in awe.
Want to legally and safely try hacking? Right now, Elisa and other companies offer a security challenge.fi.
Get the bad guys, and help justice do its magic.
Andrej Bondarenko shows the basics of computer forensics in my Trust to Blockchain course on w18 Monday. Andjred works as the CEO of Difseco. He has extensive experience in digital forensics, and has been an expert witness in multiple court cases.
The event is open to Haaga-Helia students and staff. The presentation is in English. Limited number seats, email me from your Haaga-Helia address to reserve a place. Trust to Blockchain participants get a place automatically.
Learn security fundamentals to understand current trends.
Blockchains, TOR network and video conference encryption all stand on these fundamentals.
Just write what you want (idempotency). Control almost everything with one system (single source of truth). In plain text (infrastructure as code, versionable).
Control 10 computers. Or 100. Or 1000. Or control 2071 computers, like Jussi did on a previous course. Or handle 7 different operating systems and OS versions with a single master, like Matias. Course is in Finnish.
Create a web page that shows custommers from a database. Prepare to manage your computer from Hawaii. Add a new command "netsee" to system that shows networking information. Create user accounts for five of your colleagues.
Students of my Linux Server Course used their own blank virtual machines and public Internet to solve these questions. Time limit was about five hours, with 40 min lunch break. Could you have done it?
Don't connect that USB stick you found! Hostile USB can take over your computer, install malware and keyloggers.
My students are developing USB attacks and defences. They have built a cheap and customizable hostile USB device on DigiSpark development board.
Read on to see how to build a hostile USB device similar to "Rubber Ducky" or "BadUSB". And how to defend against this attack.
Build Python web service and publish it to the world!
New instance starting 2022 w21! Enroll 2022-03-14 w11 Mon 08:00.
Course completed! Feedback was excellent 4.9 out of 5. Thanks for taking my course!
You can read feedback in comments.
Intensive course on w21 and w22.
Enroll at 08:00 on Monday! Most seats were booked right after enrollment opened. Enrollment is open right now. Update: Only few seats left. Fully booked. Queue started, enroll quickly to get better position in the queue.
Where did I hear that signal? What's radio environment like in our Pasila office?
Icarus will scan radio environment using SDR (software defined radio) and display results on map. The end result is a mobile mapping device using RTL-SDR and WiFi on Kali Linux on Raspberry Pi. Icarus can be controlled remotely with a cell phone.
My students Tommi, Nikita, Elmo and Aki just started project Icarus. Project ends in May 2021.
Write your thesis in MarkDown, a plain text format.
Use Pandoc and template to convert MarkDown to official Haaga-Helia format. My student Mika Rautio created Haaga-Helia Pandoc template.
Keep your calendar in a plain text file.
Calendar.txt is versionable, supports all operating systems and easily syncs with Android mobile phone.
Jump to any function, class or heading with F4. Go, JavaScript, Python, C... A plugin for micro editor.
And if you're writing books, Jump plugin creates a table of contents from MarkDown, and allows you to jump to headings.
Show Go function definitions in Micro Editor. Definitions are only shown when you press F3, so they don't constantly pop on your face.
Backend uses Language Server Protocol (LSP), the same used by Sublime, neovim and VSCode.
Update: New LSP plugin has show signature (alt-k), definition (alt-d) and references (alt-r). It's just three line install - including Go language server and micro.
Now you can machine translate text fully offline, with no external services.
And yes, this includes the pre-trained machine learning models, works completely offline and is even Free software. So it's an nice and private alternative to Google Translate. Works with Arabic, Chinese, French, German, Italian, Russian, Spanish, Portuguese and of course English.
Learn to hack computers to protect your own. In the course, you will break into target computers.
Excellent feedback, last 4.9 out of 5; best 5.0 out of 5.
Update: two guests are coming: Riku Juurikko (Social engineering) and Mika Rautio (Credit card from hell).
You can now write scripts in plain JavaScript. Jquery is mostly not needed for compatiblity.
In 2021, Microsoft desktop and server Windowses only support Internet Explorer 11 or later (Edge). This removes the need for most compatibility hacks. Firefox and Chrome have followed JavaScript standards mostly from the start.
$("h1").text("Goodbye jQuery, my favourite JS library!")
document.querySelector("h1").innerHTML = "Hello, vanilla JavaScript!"
Install Debian Linux on VirtualBox. You can play with Linux even on Windows, before you completely move to Linux.
This is a beginner friendly tutorial, with quazillion screenshots.
A simple photo gallery for web. Click a thumbnail, see a big picture. Click again to see the thumbnails.
With live demo.
This is done with just CSS, no JavaScript and no external libraries. In fact, the whole HTML+CSS is less than 60 lines.