Penetration Testing and Ethical Hacking Course
Penetration Testing and Ethical Hacking Course
Course Description: This course is designed to help prepare you for the EC-Council
Certified Ethical Hacker (CEH) examination. We cover a breadth of topics, like
footprinting, scanning, system hacking, malware, mobile, cryptography, and much,
much more!
● Lab Needed: Password Cracking Tools Cybrary lab (Cain & Abel)
● Homework: Watch the Week 2 course videos and practice the Week 2 course labs.
● Description: In Week 2 Live, we will discuss passive and active footprinting as defined
by EC-Council. We will also get some hands-on experience with Shodan searching and
Google Hacking.
● Description: In Week 3 Live, we will discuss scanning, enumeration, and a little bit on
vulnerabilities. We will start off with the TCP Handshake and then move into an NMAP
lab.
● Description: In Week 4 Live, we will discuss gaining access to systems and how to
maintain that access. Coupled with that discussion will be a lab on planting a backdoor
on a system.
● Description: In Week 5 Live, we will talk about the differences between viruses, worms,
and Trojans, as well as examples of each.
● Description: In Week 6 Live, we will go over packet sniffing and discuss what type of
information we can find in network packets that is relevant to us as ethical hackers. In
this week’s lab, we will also work with a popular sniffing tool called Wireshark.
● Description: In Week 7 Live, we will talk about social engineering, which is a popular
method of attack. We will also talk about why you need to be careful with the information
you share online.
● Description: In Week 8 Live, we will talk about what Denial of Service (DoS) and
Distributed Denial of Service (DDoS) attacks are and tools that can be used.
● Description: In Week 9 Live, we will talk about network and application-level session
hijacking and what they are. We will also utilize the Cybrary lab environment to perform
a Network-level session hijack.
Week 10 Live 12/12/2018: Web Servers and Web Applications (Module 10)
● Description: In Week 10 Live, we will discuss Web Servers and Web Application
architecture. We will also include discussion on the OWASP Top 10 and Web
vulnerabilities.
● Description: In Week 11 Live, we will discuss different types of SQL Injection attacks.
● Description: In Week 12 Live, we will discuss wireless networks, wireless attacks, and
Bluetooth.
● Homework: Watch the Week 13 videos and look at your own mobile device to see what
types of apps might pose an issue if they were exploited.
● Description: In Week 13 Live, we discuss mobile architectures for iOS and Android.
We also discuss jailbreaking devices and attacks.
● Description: In Week 14 Live, we will talk about Intrusion Detection Systems (IDS),
Intrusion Prevention Systems (IPS), firewalls, and honeypots. You will learn what each
one is and how they play into an organization’s security.
● Description: In Week 15 Live, we will explore the world of the Internet of Things (IoT).
We will discuss IoT devices and vulnerabilities.
● Homework: Watch the Week 16 videos on Cloud and think about some ways you
interact with the magical Cloud.
5
● Description: In Week 16 Live, we will cover the magical Cloud. We will discuss things
like types of cloud configurations and common cloud attacks.
● Homework: Watch the Week 17 videos on Cryptography on practice the Week 17 lab.
● Description: In Week 17 we will cover cryptography and talk about symmetric versus
asymmetric cryptography.
● Lab Needed: You will need the report template for hands-on review.
● Homework: Take the Kaplan practice test.