Windows CNO Programmer
An intensive, hands-on course focused on providing a programmer with the skills and knowledge needed to become an advanced CNO programmer.
Course Description
The Windows Computer Network Operations (CNO) Programmer course is an intensive, hands-on course focused on providing a programmer with the skills and knowledge needed to become an advanced CNO programmer. The class format combines both lecture and labs for the practical application of knowledge.
Upon completion, students will be capable of assisting in the CNO tool development lifecycle. You will understand the tool objectives, environments, obstacles, and pitfalls associated with development, as well as strategies to meet those objectives.
Prerequisites
- Bachelor's degree in Computer Science or Computer Engineering, or equivalent experience.
- Previous programming experience in C.
- Experience in Windows Programming and x86 Assembly.
- High academic achievement or operational/technical experience and an intense desire to learn.
Program Highlights
Tool Development Lifecycle
Graduate with the ability to assist in the complete CNO tool development lifecycle, from objectives to execution.
Certification Opportunity
Students who complete all 10 graded classes with an 80% average or better are recognized as ManTech Certified Advanced Cyber Programmers.
Module Crucibles & CTFs
Apply concepts learned during the Core and User Mode modules by accomplishing a series of Capture The Flag (CTF) challenges.
What You Will Learn
- Perform reverse engineering in support of CNO tool development and debugging using Ghidra and WinDbg.
- Analyze, interpret, and construct network traffic for common link, network, transport, and application layer protocols.
- Research and exploit vulnerabilities like stack/heap buffer overflows and use-after-free, and bypass modern protections like DEP and ASLR.
- Develop kernel-level tools, exploit vulnerable drivers, and implement kernel keyloggers and other advanced capabilities.
Course Modules
-
Module 1: Core Module 17 Days
Windows Systems Programming
4 DaysUnderstand the basic principles of Windows programming, including using File and Registry APIs, building executables and DLLs in Visual Studio, and implementing networked clients and servers.
Windows Internals
4 DaysGain an intermediate understanding of how Windows is structured and provides its major OS functionality. Learn to parse the PEB and TEB and understand the Windows Security Model.
CNO User Mode Development
5 DaysBecome familiar with the fundamentals of CNO tool development. Learn to inject mobilized code into another process, divert execution via hooking, and perform hiding activities.
Vulnerability Research and Exploitation
5 DaysLearn about multiple classes of vulnerability, common exploitation constructs, and modern security protection mechanisms for 64-bit Windows.
User Mode Crucible
2 DaysApply concepts from the User Mode module by developing a method to locate and clandestinely copy files from a target computer.
-
Module 3: Kernel Mode Development Module 8 Days
Kernel Internals
5 DaysBecome familiar with the fundamentals of the Windows kernel. Configure a workstation for kernel debugging, develop a minimal driver, and analyze kernel crash dumps.
CNO Kernel Mode Development
3 DaysLearn to actively assist in the development of CNO kernel level tools. Exploit a vulnerable driver, implement a kernel keylogger, and inject a thread into a user mode process.