| Code: BIE-EHA.21 |
Ethical Hacking |
| Lecturer: Ing. Jiří Dostál Ph.D. |
Weekly load: 2P+2C |
Completion: A, EX |
| Department: 18106 |
Credits: 5 |
Semester: S |
- Description:
-
The goal of the course is to introduce students to the field of penetration testing and ethical hacking. The course deals with cybersecurity threats, vulnerabilities, and their possible exploitation in computer networks, web applications, wireless networks, operating systems, and others like the Internet of Things or cloud. The focus is on hands-on experience with vulnerabilities testing and the following process of penetration test documentation.
- Contents:
-
1. Introduction to penetration testing area.
2. Network traffic analysis and services discovery.
3. Vulnerability of network infrastructure.
4. Web applications - authentication and session management.
5. Web applications - code injection.
6. Web applications - scripting and request forgery.
7. Attacks on security of Wi-Fi systems.
8. Authentication and passwords
9. Reporting.
10. Operating systems, privileges escalation.
11. Embedded systems, attack vectors.
12. Automotive security.
13. Typical attacks on cloud systems.
- Seminar contents:
-
1. Introduction
2. Traffic Analysis
3. Web Security I
4. Web Security II
5. Web Security III
6. Password Cracking - Offline
7. Password Cracking - Online
8. Operating System Security
9. Wireless Security
10. Forensics
11. Real World Vulnerabilities
12. Cloud Security
13. Reserve
- Recommended literature:
-
1. Kennedy D., O'gorman D., Kearns D. : Metasploit: The Penetration Tester's Guide. No Starch Press, 2011. ISBN 978-1593272883.
2. Weidman G. : Penetration Testing: A Hands-On Introduction to Hacking. No Starch Press, 2014. ISBN 978-1593275648.
3. Messier R. : Learning Kali Linux: Security Testing, Penetration Testing & Ethical Hacking. O0Reilly, 2018. ISBN 978-1492028697.
4. Messier R. : CEH v10 Certified Ethical Hacker Study Guide. Sybex, 2019. ISBN 978-1119533191.
- Keywords:
- ethical hacking, penetration testing, computer security, information security
Abbreviations used:
Semester:
- W ... winter semester (usually October - February)
- S ... spring semester (usually March - June)
- W,S ... both semesters
Mode of completion of the course:
- A ... Assessment (no grade is given to this course but credits are awarded. You will receive only P (Passed) of F (Failed) and number of credits)
- GA ... Graded Assessment (a grade is awarded for this course)
- EX ... Examination (a grade is awarded for this course)
- A, EX ... Examination (the award of Assessment is a precondition for taking the Examination in the given subject, a grade is awarded for this course)
Weekly load (hours per week):
- P ... lecture
- C ... seminar
- L ... laboratory
- R ... proseminar
- S ... seminar