Optional book ($35) |
CNIT 124
|
Required book ($33) |
Catalog DescriptionAdvanced techniques of defeating computer security, and countermeasures to protect Windows and Unix/Linux systems. Hands-on labs include Google hacking, automated footprinting, sophisticated ping and port scans, privilege escalation, attacks against telephone and Voice over Internet Protocol (VoIP) systems, routers, firewalls, wireless devices, Web servers, and Denial of Service attacks.Prerequisites: CNIT 123. Upon successful completion of this course, the student will be able to:
TextbookHacking Exposed, Seventh Edition by Stuart McClure, Joel Scambray, and George Kurtz -- ISBN-10: 0071780289 (Available Aug. 3, 2012) Buy from Amazon |
Schedule | ||||
---|---|---|---|---|
Date | Quiz | Topic | ||
Mon 1-13 | Class Not Started Yet | |||
Mon 1-20 | Holiday - No Class | |||
Mon 1-27 | First Class: Ch 1: Footprinting | |||
Thu 1-30 | Last Day to Add Classes | |||
Mon 2-3 | Ch 2: Scanning | |||
Mon 2-10 | Quiz on Ch 1 & 2 Proj 1-2 due |
Ch 3: Enumeration | ||
Mon 2-17 | Holiday - No Class | |||
Mon 2-24 | Quiz on Ch 3 Proj 3-4 due |
Ch 4: Hacking Windows (part 1) | ||
Mon 3-3 | No Quiz Proj 5-6 due |
Ch 4: Hacking Windows (part 2) | ||
Mon 3-10 | Quiz on Ch 4 Proj 7 due |
Ch 5: Hacking Unix/Linux | ||
Mon 3-17 |
Guest Speaker: John Alexander, Senior Product Manager, CloudPassage Password Cracking and Job Opportunities at CloudPassage
Powerpoints No Quiz, no Proj due |
|||
Mon 3-24 | Quiz Ch 5 Proj 8 due |
Ch 6: Cybercrime and APTs | ||
Mon 3-31 | Holiday - No Class | |||
Mon 4-7 | Holiday - No Class | |||
Mon 4-14 | Quiz on Ch 6 Proj 9 due |
Ch 7: Remote Connectivity and VoIP | ||
Mon 4-21 | Quiz on Ch 7 Proj 10-11 due |
Ch 8: Wireless Hacking | ||
Thu 4-17 | Last Day to Withdraw | |||
Sat 4-26 | Wardriving 9 AM CLOU 218 20 pts. extra credit |
|||
Mon 4-28 | Quiz on Ch 8 Proj 12 due |
Ch 9: Hacking Hardware | ||
Mon 5-5 | Quiz on Ch 9 Proj 13 due |
Ch 10: Web and Database Hacking | ||
Mon 5-12 | No Quiz All extra credit projects due |
Last Class: Ch 11: Mobile Hacking | ||
Mon 5-19 | Final Exam |
Links |
---|
LinksCEH Certification ResourcesCEH TipsCEH: Certified Ethical Hacker - Taking the Exam CEH: Practice Exams CEH: TechExams -- Certified Ethical Hacker (CEH) exam EC-Council - Certified Ethical Hacker (312-50) Practice Exam - This is the one I used Links for Chapter LecturesCh 4a: Metasploit Module Search PageCh 4b: How to get started with writing an exploit for Metasploit Ch 4c: Msfconsole one-liner example Ch 4d: Scanner HTTP Auxiliary Modules - Metasploit Unleashed Ch 4e: Metasploit: The New Metasploit Browser Autopwn:... Ch 4f: Simple Take Over of Windows Server 2008 via ms09-050
Ch 5a: DNS Request Types
Ch 7a: HowToDecrypt802.11 - The Wireshark Wiki
Ch 8a: An Improved Reflective DLL Injection Technique
Ch 9a: Yahoo Mail eliminates passwords as part of a major redesign (Oct., 2015)
Ch 10a: Adobe Reader Metasploit Modules
Ch 11a: Update Social Engineering Toolkit on Kali Linux - YouTube
Ch 12a: Notepad Plus Plus Download
Ch 13a: Post-Mortem of a Metasploit Framework Bug Miscellaneous LinksLearn Python the Hard WayFuzzing for SQL injection with Burp Suite Intruder - USE FOR PROJECTS Pythonista on the App Store on iTunes -- INTERESTING FOR PROJECTS Pythonista: Using pipista to install modules How to Build a DNS Packet Sniffer with Scapy and Python Bypassing Antivirus with Shellter 4.0 on Kali Linux -- GOOD 124 PROJECT Online JavaScript beautifier -- deobfuscates code! -- IMPORTANT FOR MALWARE ANALYSIS Android Security: Adding Tampering Detection to Your App Old LinksPwnWiki.io -- USEFUL RED TEAM TIPSHacking Secret Ciphers With Python (Free E-Book) Introduction to Cryptography Video Lessons by Christof Paar - YouTube Cryptography Textbook Slides RSA is 100x slower than AES (figures 9-13) How to Create a Bootable Ubuntu USB Drive, for Mac, in OS X EDB (Evan's Debugger) Alternatives and Similar Software - AlternativeTo.net How to install 32 bit software on a 64 bit Kali Linux system How to Reverse Engineering with Radare2 -- INTERESTING FOR PROJECTS OSCP study material : Georgia Weidman's book recommended A book for those interested in PWK/OSCP -- Georgia Weidman's book recommended Scapy Documents Metasploitable 2 Exploitability Guide | Rapid7 Metasploitable 2 enumeration - Hacking Tutorials Metasploitable 2 vulnerability assessment - Hacking Tutorials Running Metasploitable2 on VirtualBox The Kali Linux Certified Professional | Kali Linux Monitor Apache Web Server Using Mod_status -- WORKS ON UBUNTU Understanding Python's "with" statement PSExec for Lateral Movement Unable to Contact IP Driver, error code 5 Windows 2008 Server hosted on Vmware How to Make a Domain User the Local Administrator for all PCs Post-Exploitation in Windows: From Local Admin To Domain Admin (efficiently) | pentestmonkey Pass-the-hash attacks: Tools and Mitigation (2010) PSExec Pass the Hash - Metasploit Unleashed How to download a file using windows command line mouse pointer is offset up and to the left -- VMware Communities -- USEFUL TROUBLESHOOTING The "SYSTEM" challenge -- Decoder's Blog Attack Methods for Gaining Domain Admin Rights in Active Directory Penetration Testing in Active Directory using Metasploit (Part 2) Attack Simulation: from No Access to Domain Admin Exploit MS17-010 vulnerability on Windows Server 2012/2016 using Metasploit and TheFatRat - YouTube HOW TO EXPLOIT ETERNALROMANCE/SYNERGY TO GET A METERPRETER SESSION ON WINDOWS SERVER 2016 Eternalromance: Exploiting Windows Server 2003 - Hacking Tutorials Network access: Named Pipes that can be accessed anonymously A Red Teamer's guide to pivoting Privilege Escalation - Metasploit Unleashed VMware Fix: Windows cannot find the Microsoft Software License Terms Meter your Ethernet connection in Windows 10 Metasploit: Module database cache not built yet, using slow search -- HANDY FIX RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation Pwning with Responder - USE IN PROJECT Gladius: Automatic Responder Cracking Seeing the unseen characters with cat! How to see hidden characters..... | Unix Metasploit privilege escalation with udev virtual machine - Guest OS resolution (text too small) in vmware workstation 12 player metasploit - How do you send a 64 bit meterpreter stager? Locating Those Nasty Passwords in Group Policy Preferences Using PowerShell Ubuntu Apache Default MaxKeepAliveRequests is 100 Enable SSH on Kali Linux Enable SSH on Kali Linux -- Doctor Chaos The Easiest Metasploit Guide You’ll Ever Read -- MANY GOOD PROJECTS HERE Transferring files from Kali to Windows (post exploitation) Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition)--GOOD FOR PROJECTS AND OSCP My First Go with BloodHound Windows Password Hashes: LM, NTLM, Net-NTLMv2, oh my! RPC_ENUM - RID Cycling Attack - TrustedSec -- Recommended by @J0hnnyXm4s CrackMapExec: post-exploitation for large Active Directory networks -- Recommended by @J0hnnyXm4s InitString / evil-ssdp Spoof SSDP replies to phish for credentials and NetNTLM challenge/response Seth: Perform a MitM attack and extract clear text credentials from RDP connections Multiple Ways to Get root through Writable File Setup of AD Penetration Lab ifconfig - How can I display eth0's IP address at the login screen on Precise Server? - Ask Ubuntu Privilege Escalation & Post-Exploitation Resources -- VERY USEFUL Multiple Ways to Bypass UAC using Metasploit Passing OSCP OSCP Journey: Exam & Lab Prep Tips ntroducing the Metasploit Vulnerable Service Emulator Installing Python 3 on Mac OS X -- The Hitchhiker's Guide to Python Pipenv & Virtual Environments -- The Hitchhiker's Guide to Python SSH on Kali New Unsorted LinksCh 5j: Zone Transfer Test Online | HackerTarget.comWhen target machine dont have "nc" installed ? Don't forget there is "Whois" Malware writing - Python malware The Journey to Try Harder: TJnull's Preparation Guide for PWK/OSCP Modifying Empire to Evade Windows Defender :: Mike Gualtieri Transferring files from Kali to Windows (post exploitation)--VERY USEFUL Ricochet Security Assessment Public Report public-pentesting-reports Metasploit Cheat Sheet - Comparitech HTB boxes similar to the OSCP : oscp OSCP Practice -- Hack The Box :: Forums How to Pass OSCP Like Boss. - Parth Desani - Medium How I Passed the OSCP on the First Try My journey to pass OSCP in 3 months - NetOSec |