[COURSE]: Add ASU web/system security courses CSE365&CSE466 (#366)

2022-12-26 17:37:16 +08:00 · 2022-12-26 17:37:16 +08:00 · 855dd9f7ff
parent 9194c47455
commit 855dd9f7ff
6 changed files with 160 additions and 0 deletions
--- a/docs/CS学习规划.md
+++ b/docs/CS学习规划.md
@ -239,6 +239,10 @@ IDE (Integrated Development Environment)：集成开发环境，说白了就是

 [UCB CS161: Computer Security](系统安全/CS161.md) 是伯克利的系统安全课程，会涵盖栈攻击、密码学、网站安全、网络安全等等内容。

+[ASU CSE365: Introduction to Cybersecurity](系统安全/CSE365.md) 亚利桑那州立大学的 Web 安全课程，主要涉及注入、汇编与密码学的内容。
+
+[ASU CSE466: Computer Systems Security](系统安全/CSE466.md) 亚利桑那州立大学的系统安全课程，涉及内容全面。门槛较高，需要对 Linux, C 与 Python 充分熟悉。
+
 #### 实践课程

 掌握这些理论知识之后，还需要在实践中培养和锻炼这些“黑客素养”。[CTF 夺旗赛](https://ctf-wiki.org/)是一项比较热门的系统安全比赛，赛题中会融会贯通地考察你对计算机各个领域知识的理解和运用。北大今年也成功举办了[第 0 届和第 1 届](https://geekgame.pku.edu.cn/)，鼓励大家后期踊跃参与，在实践中提高自己。下面列举一些我平时学习（摸鱼）用到的资源：
--- a/docs/系统安全/CSE365.en.md
+++ b/docs/系统安全/CSE365.en.md
@ -0,0 +1,38 @@
+# ASU CSE365: Introduction to Cybersecurity
+
+## Descriptions
+
+- Offered by: Arizona State University
+- Prerequisites: None
+- Programming Languages: C, Python, x86 assembly
+- Difficulty: 🌟🌟🌟🌟
+- Class Hour: Varying from person to person
+
+An introductory course on web security at Arizona State University, the course contains several modules, mainly including:
+
+- Program Misuse: Linux commandline, privilege escalation
+- Web fundamentals: http, server, intercept
+- Assembly: registers, memory, control flow
+- Cryptography: Symmetric/Asymmetric encryption, hashing, trust
+- Web security: Command/HTML/SQL/Stack injection
+
+The course is mainly based on challenges, supplemented by lectures and reading materials. The challenges are developed in the form of CTF, and the difficulty increases in order.
+
+For hackers with weak foundations, getting stuck is a normal phenomenon. If you encounter difficulties in solving the problem, you can seek help from the Discord Server given in the Chat column on the homepage.
+
+## Course Resources
+
+- Course Website: <https://dojo.pwn.college/cse365/>
+- Recordings: See course website
+- Textbooks: None
+- Assignments: 7 modules (167 challenges)
+
+## Personal Resources
+
+- Lectures on YouTube: <https://youtube.com/pwncollege>
+- Live Broadcasts on Twitch: <https://twitch.tv/pwncollege>
+- Chat on Discord: <https://pwn.college/discord>
+- Open Source on GitHub: <https://github.com/pwncollege>
+- Contact us via Email: <pwn-college@asu.edu>
+
+In addition, due to an important factor in evaluating ASU students' course grades, the course does not encourage uploading problem-solving ideas, except for the first two challenges of each module.
--- a/docs/系统安全/CSE365.md
+++ b/docs/系统安全/CSE365.md
@ -0,0 +1,38 @@
+# ASU CSE365: Introduction to Cybersecurity
+
+## 课程简介
+
+- 所属大学：Arizona State University
+- 先修要求：无
+- 编程语言：C, Python, x86 assembly
+- 课程难度：🌟🌟🌟🌟
+- 预计学时：因人而异
+
+亚利桑那州立大学 Web 安全的导论课，课程以模块化的形式构成，主要包含以下方面：
+
+- Program Misuse: Linux commandline, privilege escalation
+- Web fundamentals: http, server, intercept
+- Assembly: registers, memory, control flow
+- Cryptography: Symmetric/Asymmetric encryption, hashing, trust
+- Web security: Command/HTML/SQL/Stack injection
+
+课程以 Challenge 为主，Lectures and Reading 为辅。Challenge 中的习题以 CTF 的形式展开，难度依次递增。
+
+对于基础较弱的学习者，卡关是正常现象。如果在解题过程中遇到困难，可以在首页 Chat 栏目中给出的 Discord Server 寻求帮助。
+
+## 课程资源
+
+- 课程网站：<https://dojo.pwn.college/cse365/>
+- 课程视频：参见课程网站
+- 课程教材：无
+- 课程作业：7 个模块（167 个 challenge）
+
+## 资源汇总
+
+- Lectures on YouTube: <https://youtube.com/pwncollege>
+- Live Broadcasts on Twitch: <https://twitch.tv/pwncollege>
+- Chat on Discord: <https://pwn.college/discord>
+- Open Source on GitHub: <https://github.com/pwncollege>
+- Contact us via Email: <pwn-college@asu.edu>
+
+另外，出于评定 ASU 学生课程成绩的重要因素，官方不鼓励上传解题思路，每个模块的前两题除外。
--- a/docs/系统安全/CSE466.en.md
+++ b/docs/系统安全/CSE466.en.md
@ -0,0 +1,39 @@
+# ASU CSE466: Computer Systems Security
+
+## Descriptions
+
+- Offered by: Arizona State University
+- Prerequisites: None
+- Programming Languages: C, Python, x86 assembly
+- Difficulty: 🌟🌟🌟🌟🌟
+- Class Hour: Varying from person to person
+
+A hard-core course on system security at Arizona State University, the course contains several modules, mainly including:
+
+- Linux commandline: Program misuse, program interaction
+- Shellcoding: Assembly, shellcode injection, prevention
+- Reverse Engineering: Function frame, static/dynamic reversing tools
+- Program Exploitation: Hijacking to shellcode, JIT spray
+- System Exploitation: Kernel modules, privilege escalation
+- Miscellaneous: Sandboxing, Memory Errors, Race conditions
+
+Like CSE365, the course is also based on challenges, supplemented by lectures and reading materials. The challenges are developed in the form of CTF, and the difficulty increases in order.
+
+The quality of the exercises is excellent, but some modules are quite difficult, especially the parts involving the kernel. Sometimes you'll spend a whole day struggling at one challenge with no progress. If you encounter difficulties in solving the problem, you can seek help from the Discord Server given in the Chat column on the homepage.
+
+## Course Resources
+
+- Course Website: <https://dojo.pwn.college/cse466/>
+- Recordings: See course website
+- Textbooks: None
+- Assignments: 13 modules (358 challenges)
+
+## Personal Resources
+
+- Lectures on YouTube: <https://youtube.com/pwncollege>
+- Live Broadcasts on Twitch: <https://twitch.tv/pwncollege>
+- Chat on Discord: <https://pwn.college/discord>
+- Open Source on GitHub: <https://github.com/pwncollege>
+- Contact us via Email: <pwn-college@asu.edu>
+
+In addition, due to an important factor in evaluating ASU students' course grades, the course does not encourage uploading problem-solving ideas, except for the first two challenges of each module and challenge 16 in the reversing module.
--- a/docs/系统安全/CSE466.md
+++ b/docs/系统安全/CSE466.md
@ -0,0 +1,39 @@
+# ASU CSE466: Computer Systems Security
+
+## 课程简介
+
+- 所属大学：Arizona State University
+- 先修要求：无
+- 编程语言：C, Python, x86 assembly
+- 课程难度：🌟🌟🌟🌟🌟
+- 预计学时：因人而异
+
+亚利桑那州立大学系统安全的核心课，课程以模块化的形式构成，主要包含以下方面：
+
+- Linux commandline: Program misuse, program interaction
+- Shellcoding: Assembly, shellcode injection, prevention
+- Reverse Engineering: Function frame, static/dynamic reversing tools
+- Program Exploitation: Hijacking to shellcode, JIT spray
+- System Exploitation: Kernel modules, privilege escalation
+- Miscellaneous: Sandboxing, Memory Errors, Race conditions
+
+与 CSE365 相同，课程以 Challenge 为主，Lectures and Reading 为辅。Challenge 中的习题以 CTF 的形式展开，难度依次递增。
+
+习题质量挺高的，但某些模块难度较大，尤其是涉及到内核的部分，有的时候一天都写不出一道题。如果在解题过程中遇到困难，可以在首页 Chat 栏目中给出的 Discord Server 寻求帮助。
+
+## 课程资源
+
+- 课程网站：<https://dojo.pwn.college/cse466/>
+- 课程视频：参见课程网站
+- 课程教材：无
+- 课程作业：13 个模块（358 个 challenge）
+
+## 资源汇总
+
+- Lectures on YouTube: <https://youtube.com/pwncollege>
+- Live Broadcasts on Twitch: <https://twitch.tv/pwncollege>
+- Chat on Discord: <https://pwn.college/discord>
+- Open Source on GitHub: <https://github.com/pwncollege>
+- Contact us via Email: <pwn-college@asu.edu>
+
+另外，出于评定 ASU 学生课程成绩的重要因素，官方不鼓励上传解题思路，每个模块的前两题与逆向部分的 16 题除外。
--- a/mkdocs.yml
+++ b/mkdocs.yml
@ -182,6 +182,8 @@ nav:
  - 计算机系统安全:
      - "UCB CS161: Computer Security": "系统安全/CS161.md"
      - "MIT 6.858: Computer System Security": "系统安全/MIT6.858.md"
+      - "ASU CSE365: Introduction to Cybersecurity": "系统安全/CSE365.md"
+      - "ASU CSE466: Computer Systems Security": "系统安全/CSE466.md"
  - 计算机网络:
      - "USTC Computer Networking:A Top-Down Approach": "计算机网络/topdown_ustc.md"
      - "Computer Networking: A Top-Down Approach": "计算机网络/topdown.md"