Course

Ethical Hacking (DAT505)

This course covers the fundamental concepts of ethical hacking and penetration testing. The course will provide a strong foundation for students who want to pursue a career in the field of ethical hacking. The course covers topics such as footprinting and reconnaissance, scanning and enumeration, social engineering, denial of service attacks, and web application attacks. The course also covers topics such as cryptography, viruses and worms, and honeypots. Students will use hack the box or similar vulnerable machines to test their skills.


Dette er emnebeskrivelsen for studieåret 2023-2024. Merk at det kan komme endringer.

See course description and exam/assesment information for this semester (2024-2025)

Semesters

Fakta

Emnekode

DAT505

Vekting (stp)

5

Semester undervisningsstart

Autumn

Undervisningsspråk

English

Antall semestre

1

Vurderingssemester

Autumn

Timeplan

Vis timeplan

Litteratur

Pensumlisten finner du i Leganto

Content

Ethical hacking (or penetration testing) is the practice of testing a computer system, network or application to find security vulnerabilities that an attacker could exploit. This course will teach you the basics of ethical hacking and penetration testing. You will learn about footprinting and reconnaissance, scanning and enumeration, social engineering, denial of service attacks, and web application attacks. You will also learn about cryptography, viruses and worms, and honeypots. You will use vulnerable machines (such as Hack the Box) to test your skills. By the end of this course, you will be able to conduct a basic ethical hacking and penetration testing engagement.

Learning outcome

Knowledge

The course will provide you with a good understanding of the key concepts and vocabulary in Cyber Security, including attack vectors, possible threats, and their purpose.

The students will understand the fundamental principles for defending against cyber attacks and the most critical defense techniques. By the end of this course, students will be able to:

  • Understand the basics of ethical hacking and penetration testing
  • Perform footprinting and reconnaissance using open-source intelligence, hacker forums, exposed passwords
  • Perform scanning and enumeration using nmap, Metasploit framework.
  • Perform social engineering using theHarvester to collect victim organization’s emails, find login pages with Recon-Ng, inject backdoors
  • Perform denial of service attacks with spoofing, smurf, reflection and packet amplification methods
  • Perform web application attacks using sqlmap, CSRF, XSS attacks
  • Understand cryptography

Skills

By the end of this course, students will be able to:

  • Use hacking tools and techniques like nmap, metasploit, hping3, social engineering toolkit, Recon-Ng
  • How to design malicious remote access trojans using msfvenom
  • Understand the network packet manipulation techniques to bypass the firewalls
  • How to perform buffer overflows on real world applications
  • How to evade the antivirus software

Forkunnskapskrav

Ingen

Anbefalte forkunnskaper

To follow this course the student should have basic knowledge in computer systems, databases, networks and programming.

Exam

Form of assessment Weight Duration Marks Aid Exam system Withdrawal deadline Exam date
Written exam 1/1 3 Hours Letter grades None permitted Inspera assessment 05.12.2023 19.12.2023


Vilkår for å gå opp til eksamen/vurdering

Compulsory requirements
Four assignments must be approved in order for the student to access the exam. The assignments will be carried out in groups of 3-5 students.

Fagperson(er)

Head of Department:

Tom Ryen

Course coordinator:

Ferhat Özgur Catak

Method of work

2 hours lectures and 2 hours guided lab each week over 13 weeks.

Åpent for

Admission to Single Courses at the Faculty of Science and Technology
Computer Science - Master of Science Degree Programme Computer Science - Master of Science Degree Programme, Part-Time
Exchange programme at Faculty of Science and Technology

Emneevaluering

There must be an early dialogue between the course supervisor, the student union representative and the students. The purpose is feedback from the students for changes and adjustments in the course for the current semester.In addition, a digital subject evaluation must be carried out at least every three years. Its purpose is to gather the students experiences with the course.

Litteratur

Book CEH v11 certified ethical hacker study guide Messier, Ric,, Hoboken, New Jersey :, John Wiley & Sons, 1 online resource (701 pages), [2021]; ©2021, isbn:1-119-80029-3; 1-119-80030-7, https://bibsys-ur.userservices.exlibrisgroup.com/view/uresolver/47BIBSYS_UBIS/openurl-XYEUBIS?ctx_enc=info:ofi/enc:UTF-8&ctx_id=10_1&ctx_tim=2023-04-21T10%3A50%3A29IST&ctx_ver=Z39.88-2004&url_ctx_fmt=info:ofi/fmt:kev:mtx:ctx&url_ver=Z39.88-2004&rfr_id=info:sid/primo.exlibrisgroup.com-BIBSYS_ILS&rft_dat=ie=47BIBSYS_UBO:51280289460002204,ie=47BIBSYS_UBIN:51112395460002211,ie=47BIBSYS_MH:51116536070002296,ie=47BIBSYS_HIO:51105791240002218,ie=47BIBSYS_HIT:5195902350002210,ie=47BIBSYS_NETWORK:71631211830002201,language=eng,view=UBIS&svc_dat=viewit&u.ignore_date_coverage=true&user_ip=10.16.56.55&req.skin=primoView online

Kontakt

Head of Department:

Tom Ryen

Course coordinator:

Ferhat Özgur Catak

Tilbys av

Faculty of Science and Technology

Department of Electrical Engineering and Computer Science

The course description is retrieved from FS (Felles studentsystem). Version 1