Ethical Hacking (DAT505)

This course covers the fundamental concepts of ethical hacking and penetration testing. The course will provide a strong foundation for students who want to pursue a career in the field of ethical hacking. The course covers topics such as footprinting and reconnaissance, scanning and enumeration, social engineering, denial of service attacks, and web application attacks. The course also covers topics such as cryptography, viruses and worms, and honeypots. Students will use hack the box or similar vulnerable machines to test their skills.


Course description for study year 2023-2024. Please note that changes may occur.

Facts

Course code

DAT505

Version

1

Credits (ECTS)

5

Semester tution start

Autumn

Number of semesters

1

Exam semester

Autumn

Language of instruction

English

Offered by
Time table

View course schedule

Content

Ethical hacking (or penetration testing) is the practice of testing a computer system, network or application to find security vulnerabilities that an attacker could exploit. This course will teach you the basics of ethical hacking and penetration testing. You will learn about footprinting and reconnaissance, scanning and enumeration, social engineering, denial of service attacks, and web application attacks. You will also learn about cryptography, viruses and worms, and honeypots. You will use vulnerable machines (such as Hack the Box) to test your skills. By the end of this course, you will be able to conduct a basic ethical hacking and penetration testing engagement.

Learning outcome

Knowledge

The course will provide you with a good understanding of the key concepts and vocabulary in Cyber Security, including attack vectors, possible threats, and their purpose.

The students will understand the fundamental principles for defending against cyber attacks and the most critical defense techniques. By the end of this course, students will be able to:

  • Understand the basics of ethical hacking and penetration testing
  • Perform footprinting and reconnaissance using open-source intelligence, hacker forums, exposed passwords
  • Perform scanning and enumeration using nmap, Metasploit framework.
  • Perform social engineering using theHarvester to collect victim organization’s emails, find login pages with Recon-Ng, inject backdoors
  • Perform denial of service attacks with spoofing, smurf, reflection and packet amplification methods
  • Perform web application attacks using sqlmap, CSRF, XSS attacks
  • Understand cryptography

Skills

By the end of this course, students will be able to:

  • Use hacking tools and techniques like nmap, metasploit, hping3, social engineering toolkit, Recon-Ng
  • How to design malicious remote access trojans using msfvenom
  • Understand the network packet manipulation techniques to bypass the firewalls
  • How to perform buffer overflows on real world applications
  • How to evade the antivirus software

Required prerequisite knowledge

None

Recommended prerequisites

To follow this course the student should have basic knowledge in computer systems, databases, networks and programming.

Exam

Form of assessment Weight Duration Marks Aid
Written exam 1/1 3 Hours Letter grades None permitted

Coursework requirements

Four assignments must be approved in order for the student to access the exam. The assignments will be carried out in groups of 3-5 students.

Course teacher(s)

Course coordinator:

Ferhat Özgur Catak

Head of Department:

Tom Ryen

Method of work

2 hours lectures and 2 hours guided lab each week over 13 weeks.

Open for

Computer Science - Master of Science Degree Programme

Course assessment

There must be an early dialogue between the course coordinator, the student representative and the students. The purpose is feedback from the students for changes and adjustments in the course for the current semester.In addition, a digital course evaluation must be carried out at least every three years. Its purpose is to gather the students experiences with the course.

Literature

The syllabus can be found in Leganto