PRESENTATION BY COGICEO
Cogiceo is an independent VSE specialized in IT security consulting. Founded by senior consultants from major French companies with more than 8 years of experience in the field, its core business is based on their technical expertise in this field and in particular in intrusion tests. Our services are structured around 2 major axes
Audit: Analyze the robustness of a system against attacks in real conditions. (Intrusion test, Configuration audit, Architecture audit,...)
Training: Provide technical safety skills through workshops. (ISD/COMEX/CODIR awareness, Windows administrator training, etc.)
Type of contract: Internship
Number of positions to be filled: 3
Duration of the internship: 5 to 6 months
Main place of work: 28 bis boulevard de Sébastopol - 75004 Paris
The trainee must be at the end of a BAC+5 level study (Engineering School or Master in Security) and have a solid foundation in IT: network, system, development, etc. In addition, he must be passionate about safety computer skills and be able to learn quickly from experienced consultants. Python basics would be highly appreciated. The human qualities sought are: probity, perseverance, curiosity and autonomy.
The end-of-study internship may lead to an offer of employment on permanent contracts.
The overall objective of the end-of-study internship is to train for the profession of information systems security consultant. In this spirit, you will support, 50% of your time, an experienced consultant on his
intrusion test missions (pentest) :
from our premises on resources displayed on the Internet (website, web-service, DMZ)
at our customers on resources exposed internally (wired and wi-fi network equipment, Microsoft, Unix, Linux operating system, core business application)
At the same time, you will work 50% of your time on an academic research topic (to be chosen from our catalogue, or to be proposed yourself).
1. Cogiceo-ADAnalyser: Cogiceo has a tool for analyzing the security level of Microsoft domains. This internship topic will consist of familiarizing yourself with the tool, then expanding your skills by analyzing about ten new ways to compromises. For each of the compromise methods chosen, the trainee will have to document the attack, integrate it into our test laboratory, identify suitable defence methods, and then develop a graft for our analysis tool.
2. Automatic identification of a company's resources exposed on the Internet: Our Cogiceo-Explorer product currently has methods for discovering AS, IP, CIDR, FQDN resources through the recovery of standardized data (DNS records, WHOIS databases, TLD registers) and unstructured sources (search engines, SSL certificates, Robtex). The aim is to improve the tools for automatic validation of discovered resources. The data reported may be too numerous to be validated manually. Knowledge of machine learning and neural networks will be welcome (but not essential). The development language is Python.
3. Study of the security of communication technologies for connected objects: We regularly conduct hacking demonstrations and academic presentations of our research such as NRF24 security (presentation at SSTIC in 2014), hacking an Android smartphone via WiFi (CRiP 2014). We would like a documentary study of the security of the technologies used by connected objects and an in-depth analysis of 1 or 2 of them. The objective is to create a state of the art, a scientific article, a synthesis of the study, 1 to 2 demonstrations of attacks or compromises of connected objects.
4. Development of a Phishing framework: Phishing is an increasingly widespread threat on the Internet that all companies face.
To answer this question, Cogiceo offers phishing campaigns to raise awareness among our customers and their employees by sending them fake emails or USB sticks. The actions of each of the targeted users are then collected in order to establish global statistics (connection of the USB key, activation of the macro, opening the mail, etc...) The purpose of this internship topic is to improve our CogiPhish tool, used to conduct Phishing campaigns.
The tool should be as autonomous as possible in order to facilitate its use.
5. Automatic analysis of a Linux environment: Cogiceo would like to develop an automatic analysis tool for a Linux network (weak passwords, accounts forgotten administrators, obsolete nuclei...). First, the aim is to design the system for data collection and implementation of many security metrics. In a second step, the objective is to implement automatic analysis of the collected data. The trainee will also have to create a test laboratory with different Linux distributions to perform the tests.
6. Study and modeling of supervision solutions in a Linux environment:
The purpose of this academic subject is to carry out a study of Open Source solutions for supervision and intrusion detection in Linux environments, then to produce one (or more) model(s) of the solutions that seem most relevant. In addition, the knowledge acquired on the strengths and weaknesses of the solutions studied will also be used to improve our IDS effectiveness audit methodology, as well as our stealth intrusion methodologies implemented during red team audits.
To apply for this internship, please send a letter of motivation and you will specify the academic subject(s) most appropriate to your expectations and the reasons for this choice. You will be contacted again for a telephone interview before a possible meeting in our offices in Paris.