Ethical Hacking | University of Stavanger

Facts

Course code

DAT505

Version

Credits (ECTS)

Semester tution start

Autumn

Number of semesters

Exam semester

Autumn

Language of instruction

English

Offered by

Faculty of Science and Technology,

Department of Electrical Engineering and Computer Science

Time table

View course schedule

Content

Ethical hacking (or penetration testing) is the practice of testing a computer system, network or application to find security vulnerabilities that an attacker could exploit. This course will teach you the basics of ethical hacking and penetration testing. You will learn about footprinting and reconnaissance, scanning and enumeration, social engineering, denial of service attacks, and web application attacks. You will also learn about cryptography, viruses and worms, and honeypots. You will use vulnerable machines (such as Hack the Box) to test your skills. By the end of this course, you will be able to conduct a basic ethical hacking and penetration testing engagement.

Learning outcome

Knowledge

The course will give you a good understanding of the key concepts and vocabulary in Cyber Security, including attack vectors, possible threats, and their purpose.

The students will understand the fundamental principles for defending against cyber attacks and the most critical defense techniques. By the end of this course, students will be able to:

Understand the basics of ethical hacking and penetration testing.
Using open-source intelligence, hacker forums, and exposed passwords, perform footprinting and reconnaissance.
Perform scanning and enumeration using Nmap and Metasploit framework.
Perform social engineering using theHarvester to collect victim organization’s emails, find login pages with Recon-Ng, and inject backdoors.
Perform denial-of-service attacks with spoofing, smurf, reflection and packet amplification methods.
Perform web application attacks using sqlmap, CSRF, and XSS attacks.
Understand cryptography

Skills

By the end of this course, students will be able to:

Use hacking tools and techniques like Nmap, Metasploit, hping3, social engineering toolkit, Recon-Ng
How to design malicious remote access trojans using msfvenom
Understand the network packet manipulation techniques to bypass the firewalls
How to perform buffer overflows on real-world applications
How to evade the antivirus software

Required prerequisite knowledge

None

Recommended prerequisites

To follow this course the student should have basic knowledge in computer systems, databases, networks and programming.

Exam

Form of assessment	Weight	Duration	Marks	Aid
Written exam	1/1	3 Hours	Letter grades	None permitted

Digital exam.

Coursework requirements

Compulsory requirements

4 assignments must be approved for the student to access the exam. The assignments will be carried out individually.

Course teacher(s)

Course coordinator:

Ferhat Özgur Catak

Head of Department:

Tom Ryen

Method of work

2 hours lectures and 2 hours guided lab each week over 10 weeks.

Open for

Admission to Single Courses at the Faculty of Science and Technology

Computer Science - Master of Science Degree Programme Computer Science - Master of Science Degree Programme, Part-Time

Exchange programme at Faculty of Science and Technology

Admission requirements

Must meet the admission requirements of one of the study programmes the course is open for.

Course assessment

The faculty decides whether early dialogue should be conducted in all or selected groups of courses offered by the faculty. The purpose is to gather feedback from students for making changes and adjustments to the course during the current semester. In addition, a digital evaluation, students’ course evaluation, must be conducted at least once every three years. Its purpose is to collect students` experiences with the course.

Literature

The syllabus can be found in Leganto

Ethical Hacking (DAT505)