04-720   Ethical Hacking

Course description

To understand and protect computer networks and their associated systems from hackers, it is crucial to have equal or superior skills to them. Ethical hackers use the same techniques to probe and bypass security controls as their unprincipled counterparts, but rather than taking advantage of any vulnerability discovered, they document them and provide reasonable advice on how to fix them, so the organization can improve its overall security. Vulnerabilities found on most systems are due to poor system configurations, unpatched and outdated software/operating systems, and operational weaknesses. However, a positive vulnerability assessment and testing does not necessarily suggest that a network or system is 100% secure, but it should be able to resist most attacks to an acceptable level.

Learning objectives

The purpose of this course is to learn how to evaluate and test the security of a network and systems’ infrastructure. It covers how to exploit network/system vulnerabilities to determine the strength of the network/system, and whether unauthorized access and other malicious activities are possible. In addition to networks and systems, this course teaches how to identify vulnerabilities in applications software, and how to create custom-made exploits for the vulnerabilities found. Students will also learn the techniques used by malicious hackers to recon and penetrate target systems, to determine the appropriate countermeasures for respective attacks.

Outcomes

At the end of this course, a student should be able to:

• Understand the network, system, and application risks and how to manage them.
• Understand techniques used by hackers to penetrate computer networks and systems.
• To identify network, system and application vulnerabilities and implement strongest possible security countermeasures.
• To describe the characteristics of malware programs such as Trojans, worms, virus, spyware, and ransomware.
• To exploit Microsoft Windows machines with Buffer Overflow vulnerability.
• Understanding social engineering attacks and their countermeasures.
• Understanding DDoS and session hijack attacks and how to prevent them.
• Be able to write penetration test reports, both technical and executive.
• Identify tools and techniques used to evade security appliances such as IDS and firewalls.

Content details

Introduction to Ethical Hacking: Who are Hackers, Types of Hackers, hacking process, hacking methods tradeoffs, External vs. internal, Penetration testing life cycle, Scoping/ Area of applications, Information gathering techniques, hacking ethic. Hands-On essential tools for hacking, e.g., Kali Linux, Burp, OpenVAS, Veil, Metasploit framework, Msfvenom, Wireshark etc.

Network and Port Scanning: Network ports and services concepts, Service version scan, Default script scan, Enumeration & Foot printing, Reconnaissance, scan from a file, Tactical Network reconnaissance with Nmap

Hacking Frameworks: Msfconsole, Finding Metasploit modules, Setting module options, Standalone payload with msfvenom

Exploiting compromised services: Exploiting web and database services through the following labs - Brute force on SSH, SSH Enumeration, SQL Injection, Root privileges escalation

Proxychains: Exploiting web servers using advanced SQL injection, attacking remote machines using proxy chains.

Advanced Payload generation: Create exploits/payloads with msfvenom, A reverse shell with payloads, upload reverse shell scripts, Explore PUT method vulnerabilities, Shellshock vulnerability, Creating a virus.

Exploiting Buffer Overflow: Memory anatomy (Heap & Stack), Buffer overflow concepts, Hacking Windows and Linux platforms with Buffer Overflow Vulnerabilities

Social Engineering: Social Engineering toolkit, Spear-Phishing attacks, Web-based attacks, Mass email attacks, Email spoofing

Session Hijacking and Packet Sniffing (Theories): Stealing web sessions, Cross-site scripting, Session-side jacking, Session fixation.

DDoS attacks and anti-malware evasive techniques: How it works, Motives, Hacktivism perspective, Economic impact, Mitigation strategies and techniques, Techniques for bypassing security measures – software, Anti-malware, Techniques for bypassing security measures – hardware (Firewall, IDS, IPS)

Wi-Fi hacking: Hacking Wi-Fi password, Hacking Wi-Fi protected access, War Driving, Setup a rogue AP, juice-jacking.

Cryptographic Attacks: Password Brute-Force Attacks, Attacks on a cipher, Man-in-the-Middle Attack, Replay Attack, Dictionary Attacks, Side-Channel Attacks.

Prerequisites

• Basic programming skills. Experience with bash scripting and any of the following language is a plus: C, Ruby, Python, Perl, Java
• Basic Linux commands and operations
• Knowledge of TCP/IP networking
• Patience and ability to research for problem solving

Faculty