Syllabus - Ethical Hacking (CY-703(A))

CSE-Cyber Security/Cyber Security

Ethical Hacking (CY-703(A))

VII-Semester

Unit-I

Ethical Hacking: Introduction, Networking & Basics, Footprinting and scanning: Information Gathering, Determining the Network Range, Identifying Active Machines, Finding Open Ports and Access Points, OS Fingerprinting Services, Mapping the Network Attack Surface. Google Hacking, Scanning, Windows Hacking, Linux Hacking.

Unit-II

The Business Perspective: Business Objectives, Security Policy, Previous Test Results, Business Challenges Planning for a Controlled Attack: Inherent Limitations, Imposed Limitations, Timing is Everything, Attack Type, Source Point, Required Knowledge, Multi-Phased Attacks, Teaming and Attack Structure, Engagement Planner, The Right Security Consultant, The Tester, Logistics, Intermediates, Law Enforcement.

Unit-III

Preparing for a Hack: Technical Preparation, Managing the Engagement Reconnaissance: Social Engineering, Physical Security, Internet Reconnaissance, Steganography, Cryptography, Wireless Hacking, Firewall & Honeypots, IDS & IPS, Vulnerability, Penetration Testing.

Unit-IV

Enumeration: Enumeration Techniques, Soft Objective, Looking Around or Attack, Elements of Enumeration, Preparing for the Next Phase Exploitation: Intuitive Testing, Evasion, Threads and Groups, Operating Systems, Password Crackers, RootKits, applications, Wardialing, Network, ServicesDoS attacks and Areas of Concern.

Unit-V

Reverse Engineering, Email Hacking, Incident Handling & Response, Bluetooth Hacking, Mobile Phone Hacking Basic ethical hacking tools and usage of these tools in a professional environment. Legal, professional and ethical issues likely to face the domain of ethical hacking. Ethical responsibilities, professional integrity and making appropriate use of the tools and techniques associated with ethical hacking.

Course Objective

The aim of the course is to introduce the methodologies, framework, and tools of ethical hacking to enhance security. To gain knowledge about ethical hacking and penetration testing. To learn about various types of attacks, attackers, security threats, and vulnerabilities present in the computer system. To examine how social engineering can be done by an attacker to gain access to useful and sensitive information. To gain knowledge of the tools, techniques, and ethical issues in the domain of ethical hacking.

Course Outcome

After completing the course, students should be able to describe and understand the basics of ethical hacking, gain knowledge of the use and availability of tools to support an ethical hack, interpret the results of a controlled attack, understand the role of politics and limitations in planning a test, perform foot printing and scanning, demonstrate techniques for system hacking, detect and prevent security attacks in different environments.

Practicals

  • List the tools for Ethical Hacking.

    Implement Foot-printing and Reconnaissance using tools.

  • Setup a honey pot and monitor the honey pot on network.

    Create a social networking website login page using phishing techniques.

  • Write a code to demonstrate DoS attacks.

    Install rootkits and study a variety of options.

  • Study of Techniques uses for Web Based Password Capturing.

    Implement passive scanning, active scanning, session hijacking, cookies extraction using Burp suit tool.

Reference Books

  • James S. Tiller, “The Ethical Hack: A Framework for Business Value Penetration Testing”, Auerbach Publications, CRC Press

  • EC-Council, “Ethical Hacking and Countermeasures Attack Phases”, Cengage Learning

  • Michael Simpson, Kent Backman, James Corley, “Hands-On Ethical Hacking and Network Defense”, Cengage Learning

  • Hacking For Dummies, 6ed by Kevin Beaver - John Wiley Publication

  • Digital Forensic by Dr. Nilakshi Jain - John Wiley Publication