Required book ($25 - $33) |
CNIT 124
|
Optional book ($35) |
Catalog DescriptionAdvanced techniques of defeating computer security, and countermeasures to protect Windows and Unix/Linux systems. Hands-on labs include Google hacking, automated footprinting, sophisticated ping and port scans, privilege escalation, attacks against telephone and Voice over Internet Protocol (VoIP) systems, routers, firewalls, wireless devices, Web servers, and Denial of Service attacks.Prerequisites: CNIT 123. Upon successful completion of this course, the student will be able to:
Student Learning Outcomes (measured to guide course improvements)Enumerate resources on systems using banner-grabbing and specific attacks against common Windows and Unix/Linux services including FTP, Telnet, HTTP, DNS, and many others, and protect those servicesPerform classical and modem Denial of Service (DoS) attacks, and defend networks from them Locate Web server vulnerabilities, exploit them, and cure them TextbookPenetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman -- ISBN-10: 1593275641, No Starch Press; 1 edition (June 8, 2014) Buy from AmazonQuizzesThe quizzes are multiple-choice, online, and open-book. However, you may not ask other people to help you during the quizzes. You will need to study the textbook chapter before the lecture covering it, and take the quiz before that class. Each quiz is available for one week, up 30 minutes before class. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. If you take the quiz twice, the higher score counts.To take quizzes, first claim your RAM ID and then log in to Canvas here: Live StreamingLive stream at: ccsf.edu/webcasts Live Streaming for KahootsDuring the Kahoots, I'll also stream the class via Zoom. |
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Quiz | Topic | ||
Thu 8-24 | Demo: Projects 1, 1x, 2, 2x, 3, and 8x | |||
Thu 8-31 | Ch 2: Using Kali Linux | |||
Thu 9-7 | Ch 3: Programming | |||
Fri 9-8 | Last Day to Add Classes | |||
Thu 9-14 | Ch 4: Using the Metasploit Framework | |||
Thu 9-21 | Quizzes Ch 2 & 5 due* Proj 1-3 due |
Ch 5: Information Gathering | ||
Thu 9-28 | Quizzes Ch 3 & 6 due* Proj 4 & 5 due |
Ch 6: Finding Vulnerabilities | ||
Thu 10-5 | Quizzes Ch 4 & 7 due* Proj 7 due |
Ch 7: Capturing Traffic | ||
Thu 10-12 | Quiz Ch 8 due* Proj 8 due |
Ch 8: Exploitation | ||
Thu 10-19 | Quiz Ch 9 due* Proj 6 & 9 due |
Ch 9: Password Attacks | ||
Thu 10-26 | Quiz Ch 10-12 due* Proj 10 & 11 due |
Ch 10: Client-Side Exploitation Ch 11: Social Engineering Ch 12: Bypassing Antivirus Applications | ||
Thu 11-2 | Class Cancelled for the National CPTC in Rochester, NY | |||
Thu 11-9 | Quiz Ch 13 (Part 1) due* Proj 12 & 13 due |
Ch 13: Post Exploitation (Part 1) | ||
Thu 11-16 | No Proj No Quiz due |
| ||
Thu 11-23 | Holiday - No Class | |||
Thu 11-30 | Quiz Ch 13 (Part 2) due* Proj 14 & 15 due |
Job-Hunting and Resume Tips | ||
Thu 12-7 | No Quiz Proj 16 & 17 due |
Ch 13: Post Exploitation (Part 2) & CCDC Training | ||
Thu 12-14 | No Quiz All extra credit projects due |
Last Class: Open Lab in S214, no lecture | ||
Fri 12-15 - Thu 12-21 |
Final Exam available online throughout the week. You can only take it once. |
Links |
---|
CEH Certification ResourcesCEH TipsCEH: Certified Ethical Hacker - Taking the Exam CEH: Practice Exams CEH: TechExams -- Certified Ethical Hacker (CEH) exam EC-Council - Certified Ethical Hacker (312-50) Practice Exam - This is the one I used Links for Chapter LecturesCh 4a: Metasploit Module Search PageCh 4b: How to get started with writing an exploit for Metasploit Ch 4c: Msfconsole one-liner example Ch 4d: Scanner HTTP Auxiliary Modules - Metasploit Unleashed Ch 4e: Metasploit: The New Metasploit Browser Autopwn:... Ch 4f: Simple Take Over of Windows Server 2008 via ms09-050
Ch 5a: DNS Request Types
Ch 7a: HowToDecrypt802.11 - The Wireshark Wiki
Ch 8a: An Improved Reflective DLL Injection Technique
Ch 9a: Yahoo Mail eliminates passwords as part of a major redesign (Oct., 2015)
Ch 10a: Adobe Reader Metasploit Modules
Ch 11a: Update Social Engineering Toolkit on Kali Linux - YouTube
Ch 12a: Notepad Plus Plus Download
Ch 13a: Post-Mortem of a Metasploit Framework Bug Miscellaneous LinksLearn Python the Hard WayFuzzing for SQL injection with Burp Suite Intruder - USE FOR PROJECTS Pythonista on the App Store on iTunes -- INTERESTING FOR PROJECTS Pythonista: Using pipista to install modules How to Build a DNS Packet Sniffer with Scapy and Python Bypassing Antivirus with Shellter 4.0 on Kali Linux -- GOOD 124 PROJECT Online JavaScript beautifier -- deobfuscates code! -- IMPORTANT FOR MALWARE ANALYSIS Android Security: Adding Tampering Detection to Your App Old LinksPwnWiki.io -- USEFUL RED TEAM TIPSHacking Secret Ciphers With Python (Free E-Book) Introduction to Cryptography Video Lessons by Christof Paar - YouTube Cryptography Textbook Slides RSA is 100x slower than AES (figures 9-13) How to Create a Bootable Ubuntu USB Drive, for Mac, in OS X EDB (Evan's Debugger) Alternatives and Similar Software - AlternativeTo.net How to install 32 bit software on a 64 bit Kali Linux system How to Reverse Engineering with Radare2 -- INTERESTING FOR PROJECTS OSCP study material : Georgia Weidman's book recommended A book for those interested in PWK/OSCP -- Georgia Weidman's book recommended Scapy Documents Metasploitable 2 Exploitability Guide | Rapid7 Metasploitable 2 enumeration - Hacking Tutorials Metasploitable 2 vulnerability assessment - Hacking Tutorials Running Metasploitable2 on VirtualBox The Kali Linux Certified Professional | Kali Linux Monitor Apache Web Server Using Mod_status -- WORKS ON UBUNTU Understanding Python's "with" statement PSExec for Lateral Movement Unable to Contact IP Driver, error code 5 Windows 2008 Server hosted on Vmware How to Make a Domain User the Local Administrator for all PCs Post-Exploitation in Windows: From Local Admin To Domain Admin (efficiently) | pentestmonkey Pass-the-hash attacks: Tools and Mitigation (2010) PSExec Pass the Hash - Metasploit Unleashed How to download a file using windows command line mouse pointer is offset up and to the left -- VMware Communities -- USEFUL TROUBLESHOOTING The "SYSTEM" challenge -- Decoder's Blog Attack Methods for Gaining Domain Admin Rights in Active Directory Penetration Testing in Active Directory using Metasploit (Part 2) Attack Simulation: from No Access to Domain Admin Exploit MS17-010 vulnerability on Windows Server 2012/2016 using Metasploit and TheFatRat - YouTube HOW TO EXPLOIT ETERNALROMANCE/SYNERGY TO GET A METERPRETER SESSION ON WINDOWS SERVER 2016 Eternalromance: Exploiting Windows Server 2003 - Hacking Tutorials Network access: Named Pipes that can be accessed anonymously A Red Teamer's guide to pivoting Privilege Escalation - Metasploit Unleashed VMware Fix: Windows cannot find the Microsoft Software License Terms Meter your Ethernet connection in Windows 10 Metasploit: Module database cache not built yet, using slow search -- HANDY FIX RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation Pwning with Responder - USE IN PROJECT Gladius: Automatic Responder Cracking Seeing the unseen characters with cat! How to see hidden characters..... | Unix Metasploit privilege escalation with udev virtual machine - Guest OS resolution (text too small) in vmware workstation 12 player metasploit - How do you send a 64 bit meterpreter stager? Locating Those Nasty Passwords in Group Policy Preferences Using PowerShell Ubuntu Apache Default MaxKeepAliveRequests is 100 Enable SSH on Kali Linux Enable SSH on Kali Linux -- Doctor Chaos The Easiest Metasploit Guide You’ll Ever Read -- MANY GOOD PROJECTS HERE Transferring files from Kali to Windows (post exploitation) Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition)--GOOD FOR PROJECTS AND OSCP My First Go with BloodHound Windows Password Hashes: LM, NTLM, Net-NTLMv2, oh my! RPC_ENUM - RID Cycling Attack - TrustedSec -- Recommended by @J0hnnyXm4s CrackMapExec: post-exploitation for large Active Directory networks -- Recommended by @J0hnnyXm4s InitString / evil-ssdp Spoof SSDP replies to phish for credentials and NetNTLM challenge/response Seth: Perform a MitM attack and extract clear text credentials from RDP connections Multiple Ways to Get root through Writable File Setup of AD Penetration Lab ifconfig - How can I display eth0's IP address at the login screen on Precise Server? - Ask Ubuntu Privilege Escalation & Post-Exploitation Resources -- VERY USEFUL Multiple Ways to Bypass UAC using Metasploit Passing OSCP OSCP Journey: Exam & Lab Prep Tips ntroducing the Metasploit Vulnerable Service Emulator Installing Python 3 on Mac OS X -- The Hitchhiker's Guide to Python Pipenv & Virtual Environments -- The Hitchhiker's Guide to Python SSH on Kali New Unsorted LinksCh 5j: Zone Transfer Test Online | HackerTarget.comWhen target machine dont have "nc" installed ? Don't forget there is "Whois" Malware writing - Python malware The Journey to Try Harder: TJnull's Preparation Guide for PWK/OSCP Modifying Empire to Evade Windows Defender :: Mike Gualtieri Transferring files from Kali to Windows (post exploitation)--VERY USEFUL Ricochet Security Assessment Public Report public-pentesting-reports Metasploit Cheat Sheet - Comparitech HTB boxes similar to the OSCP : oscp OSCP Practice -- Hack The Box :: Forums How to Pass OSCP Like Boss. - Parth Desani - Medium How I Passed the OSCP on the First Try My journey to pass OSCP in 3 months - NetOSec |