Course Syllabus

Penetration Testing and Ethical Hacking

Instructor Name​: Ken Underhill, CEH,CHFI

Course Creation Date​: 10/15/2018

Course Description and Goals

Prerequisites: ​Students should have foundational knowledge in computer networking,

operating systems (Windows and Linux), client/server relationship, and Web servers. It is
recommended that students have at least 2 years of experience in IT and/or cyber security
before taking this course.

Study Resources:​ The course includes downloadable study materials, including quiz questions
and step by step lab guides in the resources section of the course.

Course Description: ​This course is designed to introduce students to penetration testing

(ethical hacking) and is designed as an unofficial preparation course for the EC-Council
Certified Ethical Hacker (CEH) exam. Students will learn a broad knowledge base in areas, like
footprinting, scanning, malware, session hijacking, and more. This is an ideal course for
students looking to start a career as a penetration tester, students studying for the CEH exam,
and for students that are simply curious about ethical hacking.

Course Goals: ​By the end of this course, students should be able to:

❏ Understand what penetration testing (ethical hacking) is and why it is important

❏ Comfortably speak through the traditional hacking methodology
❏ Understand tools that can be used for a penetration test

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
1 
 
 
 

Labs Used: ​In this course, the instructor will walk you through both a lab provided by Cybrary,
and several labs that are provided by the instructor which requires setting up a lab environment.
For the labs that are not provided by Cybrary, the instructor will walk you through on how to
download and use the virtual environment. In Module 3, you will see the lab provided by
Cybrary. It is called Certified Ethical Hacker (CEH) and is owned by the vendor Practice Labs.
To practice the exercises that the instructor demonstrates throughout the course, please refer
back to this lab.

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
2 
 
 
 

Course Outline

Module 1​ | Introduction
Lesson 1.1: Course Introduction (05:56)
Lesson 1.2: CIA Triad, Black, White, and Grey Hats (10:21)
Lesson 1.3: Laws (07:01)
Lesson 1.4: Bonus: VirtualBox and Kali Linux (05:30)
Lesson 1.5: Password Cracking Lab (07:53)

Module 2​ | Footprinting
Lesson 2.1: Intro Pre-assessment (05:58)
Lesson 2.2: Footprinting Basics (11:45)
Lesson 2.3: Lab Intro (01:39)
Lesson 2.4: Footprinting NIKTO Lab Instructions (05:56)
Lesson 2.5: Footprinting theHarvester Lab Instructions (06:25)
Lesson 2.6: Footprinting Shodan Lab Instructions (04:48)
Lesson 2.7: Footprinting Google Hacking Lab Instructions (06:50)

Module 3​ | Scanning and Enumeration

Lesson 3.1: Scanning and Enumeration Introduction (02:36)
Lesson 3.2: TCP 3 way Handshake (04:21)
Lesson 3.2: Banner Grabbing (10:48)
Lesson 3.4: Live Systems Lab Instructions Part 1 (02:22)
Lesson 3.5: Live Systems Lab Instructions Part 2 (02:49)
Lesson 3.6: Live Systems Lab Instructions Part 3 (04:08)
Lesson 3.7: Live Systems Lab Instructions Part 4 (02:23)
Virtual Lab: Certified Ethical Hacker (CEH)
Lesson 3.8: Port Checking Lab Instructions Part 1 (03:21)
Lesson 3.9: Port Checking Lab Instructions Part 2 (02:21)
Lesson 3.10: Port Checking Lab Instructions Part 3 (03:05)
Lesson 3.11: Scanning Techniques Lab Instructions Part 1 (04:05)

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
3 
 
 
 

Lesson 3.12: Scanning Techniques Lab Instructions Part 2 (03:31)

Lesson 3.13: Scanning Techniques Lab Instructions Part 3 (02:21)
Lesson 3.14: Scanning Techniques Lab Instructions Part 4 (04:06)
Lesson 3.15: Scanning Techniques Lab Instructions Part 5 (05:00)
Lesson 3.16: Scanning Techniques Lab Instructions Part 6 (03:08)
Lesson 3.17: Scanning Techniques Lab Instructions Part 7 (04:46)
Lesson 3.18: Scanning Techniques Lab Instructions Part 8 (02:40)
Lesson 3.19: Scanning Techniques Lab Instructions Part 9 (02:30)
Lesson 3.20: Scanning Techniques Lab Instructions Part 10 (04:50)
Lesson 3.21: Scanning Techniques Lab Instructions Part 11 (03:43)
Lesson 3.22: OS Fingerprinting Lab Instructions Part 1 (06:05)
Lesson 3.23: OS Fingerprinting Lab Instructions Part 2 (05:53)
Lesson 3.24: Mapping Networks Lab Instructions Part 1 (05:00)
Lesson 3.25: Mapping Networks Lab Instructions Part 2 (03:23)
Lesson 3.26: Mapping Networks Lab Instructions Part 3 (06:40)
Lesson 3.27: Mapping Networks Lab Instructions Part 4 (10:21)
Lesson 3.28: Banner Grabbing Lab Instructions Part 1 (03:07)
Lesson 3.29: Banner Grabbing Lab Instructions Part 2 (02:59)
Lesson 3.30: Banner Grabbing Lab Instructions Part 3 (02:45)
Lesson 3.31: Banner Grabbing Lab Instructions Part 4 (03:55)
Lesson 3.32: Enumeration Tools Lab Instructions Part 1 (04:21)
Lesson 3.33: Enumeration Tools Lab Instructions Part 2 (02:58)
Lesson 3.34: Enumeration Tools Lab Instructions Part 3 (02:54)
Lesson 3.35: Enumeration Tools Lab Instructions Part 4 (03:59)

Module 4​ | System Hacking

Lesson 4.1: System Hacking (08:45)
Lesson 4.2: System Hacking Lab Intro (07:23)
Lesson 4.3: Planting a Backdoor Lab Instructions Part 1 (11:02)
Lesson 4.4: Planting a Backdoor Lab Instructions Part 2 (11:20)

Module 5​ | Malware
Lesson 5.1: Malware Viruses (08:08)
Lesson 5.2: Malware Worms and Trojans (07:45)

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
4 
 
 
 

Lesson 5.3: Trojan Protection Lab Intro (05:55)

Lesson 5.4: Malware Stinger Lab Instructions (02:45)
Lesson 5.5: Malware CurrPorts Lab Instructions (02:11)
Lesson 5.6: Malware TCP View Lab Instructions (04:07)
Lesson 5.7: Malware What’s Running Lab Instructions (12:12)
Lesson 5.8: Malware HashCalc Lab Instructions (10:01)

Module 6​ | Sniffing
Lesson 6.1: Sniffing (06:24)
Lesson 6.2: Sniffing Lab Intro (13:40)
Lesson 6.3: Sniffing Wireshark Lab Instructions (13:24)
Lesson 6.4: Sniffing MAC Spoof Lab Instructions (07:21)

Module 7​ | Social Engineering

Lesson 7.1: Social Engineering (12:23)
Lesson 7.2: Social Engineering Reconnaissance Lab Intro (09:21)
Lesson 7.3: Social Engineering Lab Instructions (01:00)

Module 8​ | Denial of Service

Lesson 8.1: Denial of Service (02:35)

Module 9​ | Session Hijacking

Lesson 9.1: Session Hijacking (03:45)
Lesson 9.2: Session Hijacking Lab Intro (03:40)
Lesson 9.3: Session Hijacking Lab Instructions Part 1 (07:48)
Lesson 9.4: Session Hijacking Lab Instructions Part 2 (03:43)

Module 10​ | Web Servers and Apps

Lesson 10.1: Web Server (04:37)
Lesson 10.2: Web Applications (06:55)
Lesson 10.3: Web Server Lab Intro (03:57)
Lesson 10.4: Web Tool Burp Suite Lab Instructions (05:43)

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
5 
 
 
 

Module 11​ | SQL Injection

Lesson 11.1: SQL Injection Basics (07:15)

Module 12​ | Hacking WiFi and Bluetooth

Lesson 12.1: WiFi and Bluetooth (03:47)

Module 13​ | Mobile Hacking and Security

Lesson 13.1: Mobile Android Part 1 (07:00)
Lesson 13.2: Mobile Android Part 2 (05:49)
Lesson 13.3: IOS Architecture and Jailbreaking (05:43)
Lesson 13.4: IOS Mobile Device Management (09:32)

Module 14​ | IDS, Firewalls, and Honeypots

Lesson 14.1: IDS/IPS Basics (12:06)
Lesson 14.2: Firewall Basics (06:49)
Lesson 14.3: Honeypots Basics (05:51)

Module 15​ | IoT

Lesson 15.1: IoT Basics (07:20)
Lesson 15.2: IoT and OWASP Basics (04:56)
Lesson 15.3: IoT Surface Area Tools (08:00)

Module 16​ | Cloud

Lesson 16.1: Cloud (12:50)
Lesson 16.2: Cloud Attacks (06:34)
Lesson 16.3: Cloud Final (10:12)

Module 17​ | Cryptography

Lesson 17.1: Algorithm Cryptography (06:56)
Lesson 17.2: Algorithm and Hash Cryptography (09:58)
Lesson 17.3: Cryptography Tools (02:24)
Lesson 17.4: PKI, Disk Encryption, and Email Encryption (07:10)
Lesson 17.5: Cryptography Lab Instructions Part 1 (06:57)

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
6 
 
 
 

Lesson 17.6: Cryptography Lab Instructions Part 2 (03:55)

Lesson 17.7: Photo Cryptography Lab Instructions (05:43)
Lesson 17.8: Bonus Cryptography Lab Instructions(02:15)
Lesson 17.9: Cryptography Final (06:51)

Module 18​ | Reports

Lesson 18.1: Reporting (04:21)

Module 19​ | Review

Lesson 19.1: Course Summary (04:43)
Practice Assessment: EC Council Certified Ethical Hacking v8
Practice Assessment: Ethical Hacking (CEH Preparation)

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 
7