WEF Academic Year : 2021-22

Semester :I

Category of the Course : Program Elective Course-I

Course Name & Code : Defensive Programming (4715903)

Prerequisite:
● Basic concepts of C and C++.

Rationale:
● This course aims to write basic programs and high-level applications using the concepts of python
programming and secure coding practice.
● Also, It is aimed to learn offensive security programming through penetration testing and forensic
investigation programs with python.

Course Scheme:

Total
Teaching Scheme Assessment Pattern and Marks
Credits Total
Theory Practical Marks
L T PR C
ESE (E) PA(M) ESE (V) PA (I)

03 00 02 04 70 30 30 20 150

Course Content:

No of %
Sr No Course Content
Hours
1 UNIT 1: Introduction: 08 19
A Penetration Test with Python, Setting Up Development Environment,
Python language basics.
2 UNIT 2: Secure Coding: 08 19
Secure Code Review, Methodology, Secure Code Review Technical
Reference, Code Review Checklist, Threat Modeling Examples, HTML5
3 UNIT 3: Network Programming Basics: 03 07
Networking: Basics of Networking, Networking and Multithreading
Programming – sockets, Threads and processes, Chat Application
4 UNIT 4: Penetration Testing: 05 12
Build port scanner, Build SSH botnet, FTP Scanner, Regular Expression
5 UNIT 5: Forensic Investigation with Python: 07 16
Analysis of wireless access point in the Registry, Recover deleted items in
recycle bin, Parse PDF metadata, Investigating application artifacts with
python
6 UNIT 6: Network Traffic Analysis with Python: 04 10
Introduction of PyGeoIP, Analyse LOIC traffic, Pentagon’s Dilemma,
Intrusion Detection System using Scapy

Wef-AY-2021-22
 7 UNIT 7: Wireless mayhem with python: 05 12
Introduction of Wireless Security, Setting of Wireless attack environment,
Listen wireless secret, Firesheep Detection
8 UNIT 8: Web recon with python: 02 05
Introduction of Social Engineering, Mass Social Engineering

Reference Book:
1. David Beazley and Brian K. Jones, Recipes for Mastering Python3 Cookbook, 3rd Edition, O'Reilly, 2013.
2. Mark Summerfield, Programming in Python 3, 2nd Edition, Pearson Education, 2010.
3. Violent Python – A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineer by
TJ O’Connor
4. Penetration Testing: A Hands-On Introduction to Hacking 1st Edition by Georgia Weidman
5. Larry Conklin and Gary Robinson, OWASP Code Review Guide 2.0 by OWASP Foundation, 2017.

Course Outcome:
After completion of the Course, Students will be able to:
No Course Outcomes RBT Level*
01 Understand the fundamentals of python programming and fundamentals of UN
penetration testing methodology for web applications.
02 Execute the secure code review practice for defensive programming. AP

03 Implement web applications and web services using python programming. AP

04 Analyze the digital investigation process through hands-on exercises. AN

05 Detect the network intrusions through network traffic analysis and web recon with EL
python.
*RM: Remember, UN: Understand, AP: Apply, AN: Analyze, EL: Evaluate, CR: Create.

Suggested Course Practical List:

● The practical work will be carried out based on the content covered during the academic sessions. It is
suggested to design the practicals based on Red Team Vs. Blue Team Concepts.

List of Laboratory/Learning Resources Required:

● https://python.org, Python3 latest version.

● Course-related online MOOC on SWAYAM NPTEL/Coursera Platform.
● Recently published papers/articles of reputed journals/conferences.

Wef-AY-2021-22