21IT1908 ETHICAL HACKING LT PC

3 0 03
COURSE OBJECTIVES:
 To understand the basics of computer based vulnerabilities.
 To explore different foot printing, reconnaissance and scanning methods.
 To expose the enumeration and vulnerability analysis methods.
 To understand hacking options available in Web and wireless applications.
 To explore the options for network protection.
 To practice tools to perform ethical hacking to expose the vulnerabilities.

UNIT I INTRODUCTION 9
Ethical Hacking Overview - Role of Security and Penetration Testers .- Penetration-
Testing Methodologies- Laws of the Land - Overview of TCP/IP- The Application Layer -
The Transport Layer - The Internet Layer - IP Addressing .- Network and Computer
Attacks - Malware - Protecting Against Malware Attacks.- Intruder Attacks - Addressing
Physical Security

UNIT II FOOT PRINTING, RECONNAISSANCE AND SCANNING NETWORKS 9

Footprinting Concepts - Footprinting through Search Engines, Web Services, Social
Networking Sites, Website, Email - Competitive Intelligence - Footprinting through Social
Engineering - Footprinting Tools - Network Scanning Concepts - Port-Scanning Tools -
Scanning Techniques - Scanning Beyond IDS and Firewall

UNIT III ENUMERATION AND VULNERABILITY ANALYSIS 9

Enumeration Concepts - NetBIOS Enumeration – SNMP, LDAP, NTP, SMTP and DNS
Enumeration - Vulnerability Assessment Concepts - Desktop and Server OS
Vulnerabilities - Windows OS Vulnerabilities - Tools for Identifying Vulnerabilities in
Windows- Linux OS Vulnerabilities- Vulnerabilities of Embedded Oss

UNIT IV SYSTEM HACKING 9

Hacking Web Servers - Web Application Components- Vulnerabilities - Tools for Web
Attackers and Security Testers Hacking Wireless Networks - Components of a Wireless
Network – Wardriving- Wireless Hacking - Tools of the Trade

UNIT V NETWORK PROTECTION SYSTEMS 9

Access Control Lists. - Cisco Adaptive Security Appliance Firewall - Configuration and Risk
Analysis Tools for Firewalls and Routers - Intrusion Detection and Prevention Systems -
Network-Based and Host-Based IDSs and IPSs - Web Filtering - Security Incident
Response Teams – Honeypots.

COURSE OUTCOMES:
At the end of this course, the students will be able:
CO1: To express knowledge on basics of computer based vulnerabilities
CO2: To gain understanding on different foot printing, reconnaissance and scanning
methods.
CO3: To demonstrate the enumeration and vulnerability analysis methods
CO4: To gain knowledge on hacking options available in Web and wireless applications.
CO5: To acquire knowledge on the options for network protection.
CO6: To use tools to perform ethical hacking to expose the vulnerabilities.
TOTAL:45 PERIODS
TEXTBOOKS
1. Michael T. Simpson, Kent Backman, and James E. Corley, Hands-On Ethical
Hacking andNetwork Defense, Course Technology, Delmar Cengage Learning,
2010.
2. The Basics of Hacking and Penetration Testing - Patrick Engebretson,
SYNGRESS,Elsevier, 2013.
3. The Web Application Hacker’s Handbook: Finding and Exploiting Security
Flaws, DafyddStuttard and Marcus Pinto, 2011.

REFERENCES
1. Black Hat Python: Python Programming for Hackers and Pentesters, Justin Seitz ,
2014.