CYSE 301: Cybersecurity Methods and Practices provided intensive, hands-on lab experience with the tools and techniques used by both security professionals and adversaries. Under the guidance of practical exercises in a controlled environment, this course bridged the gap between theoretical cybersecurity knowledge and real-world application. It was one of the most technically demanding courses in my program and one of the most rewarding.

Course Overview

This course focused on offensive and defensive security techniques through lab-based exercises using Kali Linux virtual machines in a Hyper-V environment. Each lab required systematic execution and thorough documentation, including screenshot evidence of every critical step. The emphasis on documentation reinforced that in professional security work, an unrecorded finding is effectively a non-finding.

Lab 1: Penetration Testing with Metasploit

In this lab, I used the Metasploit framework to identify and exploit vulnerabilities on target systems within a sandboxed network. The exercise covered reconnaissance, vulnerability scanning, exploit selection, and the establishment of reverse shells on compromised machines. I learned how to navigate the Metasploit console, configure payloads, and maintain access to exploited systems. This lab demonstrated how attackers chain together seemingly minor vulnerabilities to gain significant access, reinforcing the importance of defense-in-depth strategies.

Skills Demonstrated: Metasploit framework operation, reverse shell establishment, vulnerability identification, exploitation methodology

Lab 2: Wireless Security Assessment

This lab focused on the security of wireless networks, specifically the weaknesses in WEP and WPA/WPA2 protocols. Using the aircrack-ng suite on Kali Linux, I captured wireless traffic, isolated handshake packets, and performed dictionary and brute-force attacks to recover network keys. The exercise made clear why WEP is considered obsolete and why WPA2 with strong passphrases remains essential. It also highlighted the ongoing risk posed by misconfigured wireless access points in enterprise environments.

Skills Demonstrated: aircrack-ng suite operation, wireless traffic capture, WEP/WPA2 vulnerability analysis, dictionary and brute-force attack execution

Lab 3: Password Cracking and Credential Analysis

This lab involved extracting password hashes from both Linux and Windows systems and using tools such as John the Ripper and Cain & Abel to crack them. I worked with MD5, NTLM, and SHA-based hash algorithms, learning to identify hash types and select appropriate cracking strategies. The lab included extraction of Linux password hashes from /etc/shadow and Windows credential dumping using system tools. This experience underscored why strong password policies, salting, and modern hashing algorithms are non-negotiable security requirements.

Skills Demonstrated: Hash extraction and identification (MD5, NTLM), John the Ripper and Cain & Abel operation, Linux and Windows credential analysis, password policy evaluation

Lab 4: Network Traffic Analysis with Wireshark

Using Wireshark, I captured and analyzed network traffic to identify protocols, reconstruct data flows, and detect anomalies. The lab covered protocol hierarchy analysis, packet filtering, TCP stream reconstruction, and identification of unencrypted data transmission. I learned to read packet headers, follow conversation streams, and identify potentially malicious traffic patterns. This exercise demonstrated why network monitoring is a foundational component of any security operations center.

Skills Demonstrated: Wireshark packet capture and analysis, protocol hierarchy evaluation, TCP stream reconstruction, anomaly detection

Lab 5: Steganography

This lab explored steganography, the practice of hiding data within other files such as images. Using tools like steghide, I both embedded and extracted hidden messages from image files. The exercise demonstrated how data exfiltration can occur through channels that appear completely benign to traditional security monitoring. Understanding steganographic techniques is valuable for digital forensics and incident response, where hidden data channels may be used by adversaries to move information undetected.

Skills Demonstrated: steghide operation, data embedding and extraction, covert channel identification, digital forensics awareness

Reflection

CYSE 301 was the course that most directly connected my academic learning to practical cybersecurity skills. Every lab required not just technical execution but methodical documentation, mirroring the rigor expected in professional penetration testing and security auditing. The experience of thinking like an attacker, whether cracking passwords, exploiting network services, or breaking wireless encryption, fundamentally improved my ability to think defensively. I now approach security problems with a clearer understanding of how adversaries operate, which makes me a more effective defender. These labs also reinforced habits that carry into my professional life: thoroughness, systematic problem-solving, and the discipline to document every step of a process.