Scribd
Upload
24 views2 pages

ME CSE ethical hacking

Syllabus Ethical hacking

Uploaded by

Sathya AP/Software Engineering V
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views2 pages

ME CSE ethical hacking

Syllabus Ethical hacking

Uploaded by

Sathya AP/Software Engineering V
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

REFERENCES

1. Kai Hwang, Geoffrey C Fox, Jack J Dongarra, “Distributed and Cloud Computing From Parallel
Processing to the Internet of Things”, Morgan Kauffman imprint of Elsevier, 2012.
2. Arshdeep Bahga, Vijay Madisetti, “Cloud Computing: A Hands-On Approach”, Universities
Press (India) Private Limited, 2014.
3. James E Smith and Ravi Nair, “Virtual Machines”, Elsevier, 2005.
4. Thomas Erl, Zaigham Mahood, Ricardo Puttini, “Cloud Computing, Concept, Technology &
Architecture”, Prentice Hall, 2013.
5. Rajkumar Buyya, Christian Vecchiola, S. Thamarai Selvi, “Mastering Cloud Computing”, Tata
McGraw-Hill, 2013.
6. Toby Velte, Anthony Velte, Robert C. Elsenpeter, “Cloud Computing, A Practical
Approach”,Tata McGraw-Hill Edition, 2010.
7. Tom White, “Hadoop: The Definitive Guide”, O’Reilly Media, 4th Edition, 2015.
8. John Rittinghouse and James Ransome, “Cloud Computing Implementation, Management and
Security”, CRC Press, 2010.

COURSE OUTCOMES:
Upon completion of the course, the students will be able to
CO1:Articulate the main concepts, key technologies, strengths and limitations of cloud computing.
CO2:Identify the architecture, infrastructure and delivery models of cloud computing.
CO3:Explain the core issues of cloud computing such as security, privacy and interoperability.
CO4:Choose the appropriate technologies, algorithms and approaches for the related issues.
CO5:Set up and use cloud platforms and services.

CO-PO Mapping
PO1 PO2 PO3 PO4 PO5 PO6
CO1 3 1 3 1 1 2
CO2 3 1 3 2 1 2
CO3 3 1 3 2 1 2
CO4 3 1 3 3 1 3
CO5 1 1 3 2 1 3

CP3063 ETHICAL HACKING L T PC


3 0 0 3

UNIT I INTRODUCTION TO HACKING 9


Penetration Test – Vulnerability Assessments versus Penetration Test – Pre-Engagement – Rules
of Engagement –Penetration Testing Methodologies – OSSTMM – NIST – OWASP – Categories of
Penetration Test – Types of Penetration Tests – Vulnerability Assessment Summary –Reports.

UNIT II INFORMATION SECURITY 9


Types of malware – Types of Vulnerabilities- Types of attacks and their prevention mechanism -
Keystroke Logging - Denial of Service (DoS /DDoS) - Waterhole attack -brute force -phishing and
fake WAP- Eavesdropping- Man-in-the-middle- Session Hijacking -Clickjacking -Cookie Theft - URL
Obfuscation- buffer overflow- DNS poisoning -ARP poisoning -Identity Theft - IoT Attacks - BOTs
and BOTNETs

24
UNIT III INFORMATION GATHERING AND SCANNING 9
Information Gathering Techniques – Active Information Gathering – Passive Information Gathering
– Sources of Information Gathering – Tracing the Location – Traceroute – ICMP Traceroute – TCP
Traceroute – Usage – UDP Traceroute – Enumerating and Fingerprinting the Webservers – Google
Hacking – DNS Enumeration – Enumerating SNMP – SMTP Enumeration – Target Enumeration
and Port Scanning Techniques – Advanced Firewall/IDS Evading Techniques.

UNIT IV EXPLOITATION 9
Introduction to Metasploit – Reconnaissance with Metasploit – Port Scanning with Metasploit –
Compromising a Windows Host with Metasploit – Client Side Exploitation Methods – E–Mails with
Malicious Attachments – Creating a Custom Executable – Creating a Backdoor with SET – PDF
Hacking – Social Engineering Toolkit – Browser Exploitation – Post–Exploitation – Acquiring
Situation Awareness – Hashing Algorithms – Windows Hashing Methods – Cracking the Hashes –
Brute force Dictionary Attacks – Password Salts –Rainbow Tables – John the Ripper – Gathering
OS Information – Harvesting Stored Credentials.

UNIT V ENTERPRISE SECURITY 9


Gaining and Maintaining Access : Systems hacking – Windows and Linux – Metasploit and Kali
Linux, Keylogging, Buffer Overflows, Privilege Escalation, Network hacking - ARP Poisoning,
Password Cracking, WEP Vulnerabilities, MAC Spoofing, MAC Flooding, IPSpoofing, SYN Flooding,
Smurf attack, Applications hacking : SMTP/Email-based attacks, VOIP vulnerabilities, Directory
traversal, Input Manipulation, Brute force attack, Unsecured login mechanisms, SQL injection, XSS,
Mobile apps security, Malware analysis : Netcat Trojan, wrapping definition, reverse engineering,
Additional Security Mechanisms : IDS/IPS, Honeypots and evasion techniques, Secure Code
Reviews (Fortify tool, OWASP Secure Coding Guidelines)

TOTAL: 45 PERIODS
REFERENCES
1. Rafay Baloch, “Ethical Hacking and Penetration Testing Guide”, CRC Press, 2014.
2. Certified Ethical Hacker Study Guide v9, Sean-Philip Oriyano, Sybex; Study Guide Edition,2016
3. CEH official Certified Ethical Hacking Review Guide, Wiley India Edition, 2007
4. Patrick Engebretson, “The Basics of Hacking and Penetration Testing – Ethical Hacking and
Penetration Testing Made Easy”, Syngress Media, Second Revised Edition, 2013
5. Michael T. Simpson, Kent Backman, James E. Corley, “Hands-On Ethical Hacking and Network
Defense”, Cengage Learning, 2012
6. Kevin Beaver, “Ethical Hacking for Dummies”, Sixth Edition, Wiley, 2018.
7. Jon Erickson , “Hacking: The Art of Exploitation”, Second Edition, Rogunix, 2007

COURSE OUTCOMES:
Upon completion of the course, the students will be able to
CO1:Use the various security tools to assess the computing system.
CO2:Predict the vulnerabilities across any computing system using penetration testing.
CO3:Identify prediction mechanism to prevent any kind of attacks.
CO4:Protect the system from malicious software and worms.
CO5:Analyze the risk and support the organization for effective security measures.

25

You might also like