Thursday, February 13, 2020

INT 244 :: SECURING COMPUTING SYSTEMS


  

Unit I
Introduction to Ethical Hacking: Hacking Evolution, What Is an Ethical Hacker?,
Ethical hacking and Penetration testing, Hacking methodologies
System Fundamentals: Fundamental of computer networks, Exploring TCP/IP ports,
Understanding network devices, Proxies, Firewall and Network Security, Knowing
Operating Systems (Windows, Mac, Android and Linux)
Cryptography: History of cryptography, Symmetric cryptography, Asymmetric
cryptography, Understanding Hashing, Issues with cryptography, Application of
cryptography (IPsec, PGP, SSl)
Unit II
Footprinting: What is Footprinting, Threats Introduced by Footprinting, The
Footprinting process, Using (Search engine, Google hacking, Social networking and
Financial services) Information gathering
Scanning: What is Scanning, Types of Scans, Family tree of Scans, OS fingerprinting,
Countermeasure, Vulnerability Scanning and Using Proxies
Unit III
Enumeration: What is Enumeration, Windows Enumeration, Enumeration with SNMP,
LDAP and Directory Service Enumeration, SMTP Enumeration
System Hacking: What is System Hacking, Password cracking, Authentication on
Microsoft Platforms, Executing Applications
Malware: Malware and the law, Categories of Malware (Viruses, worms, spyware,
Adware, Scareware Ransomware and Trojans), Overt and Covert Channels
Unit IV
Sniffers: Understanding Sniffers, Using a Sniffer, Switched network Sniffing, MAC
Flooding, ARP Poisoning, MAC Spoofing, Port Mirror and SPAN Port, Detecting
Sniffing Attacks
Social Engineering: What is Social Engineering, Social Engineering Phases, Commonly
Employed Threats, Identity TheftDenial of Service: Understanding DoS, Understanding DDoS, DoS Tools, DDoS Tools,
DoS Pen-Testing Considerations
Unit V
Session Hijacking: Understanding Session Hijacking, Exploring Defensive Strategies,
Network Session Hijacking
Web Servers and Applications: Exploring the Client-Server Relationship, The client
and the server, Vulnerabilities of Web Servers and Application, Testing Web
Application
SQL Injection: Introducing SQL Injection, Databases and Their Vulnerabilities,
Anatomy of a SQL Injection Attack, Altering Data with a SQL Injection Attack, Evading
Detection Mechanisms, SQL Injection Countermeasures
Unit VI
Hacking Wi-Fi and Bluetooth: What Is a Wireless Network, A Close Examination of
Threats, Hacking Bluetooth
Mobile Device Security: Mobile OS Models and Architectures, Goals of Mobile
Security, Device Security Models, Countermeasures
Cloud Technologies and Security: What Is the Cloud, Threats to Cloud Security, Cloud
Computing Attacks, Testing Security in the Cloud
List of Practical’s/Experiments:
Foot-printing: Demonstration of the process of active and active and passive information
gathering using search engines, GHDB and Netcraft.
Scanning: Demonstration of port, network and vulnerability scanning with the help of
Nmap, Nessus and Rapid7 and AngryIP.
Enumeration: Demonstration of windows, Linux enumeration and network protocol
enumeration with the help of inbuilt utilities and open source tools.
System Hacking: Demonstration of offline and online password cracking with the help of
dictionary, brute force and hybrid attack and generating rainbow tables.
Sniffing: Demonstration of network sniffing with the help of packet sniffers such as
Wireshark, Tcpdump and Dsniff and understand the data that is being sniffed by the
respective tools.
Denial of Service: Demonstration of various Dos attacks such as Service Request Floods,
ICMP Flooding, Smurf and Fraggle Attacks using different tools.
Sql Injection: Demonstration of various types of Sql injection with the help of different
tools.Wireless Hacking: Demonstration of wifi and Bluetooth security assessment using open
source tool.
Evasion: Configuring Honeypots using Pentbox and Firewalls and understanding their
functions in the network.
Text Books:
1. CEH V9: CERTIFIED ETHICAL HACKER - VERSION 9 STUDY GUIDE by
SEAN-PHILIP ORIYANO, SYBEX
References:
1. MASTERING KALI LINUX FOR ADVANCED PENETRATION TESTING by
VIJAY KUMAR VELU, PACKT PUBLISHING


CEHv9_Module_00.pdf
CEHv9_Module_01_Introduction_to_Ethical_Hacking.pdf
CEHv9_Module_02_Footprinting_and_Reconnaissance.pdf
CEHv9_Module_03_Scanning_Networks.pdf
CEHv9_Module_04_Enumeration.pdf
CEHv9_Module_05_System_Hacking.pdf
CEHv9_Module_06_Malware_Threats.pdf
CEHv9_Module_07_Sniffing.pdf
CEHv9_Module_08_Social_Engineering.pdf
CEHv9_Module_09_Denial-of-Service.pdf
CEHv9_Module_10_Session_Hijacking.pdf
CEHv9_Module_11_Hacking_Webservers.pdf
CEHv9_Module_12_Hacking_Web_Applications.pdf
CEHv9_Module_13_SQL_Injection.pdf




Click here for Download   CSENOTES12