Ethical Hacking

The course is not on the list Without time-table
Code Completion Credits Range Language
BI-EHA Z,ZK 5 2P+2C Czech
Garant předmětu:
Department of Information Security

The course gives a professional and academic introduction to computer and information security using the ethical hacking approach, which enables improved defence thanks to adopting an attacker mindset when discovering vulnerabilities, hands-on experience with different attacks, facilitates linking theory and practice in significant areas of one's digital literacy, and can therefore be utilized by (future) security professionals, (informed) decision-makers, (savvy) users and developers alike.

This course is taught in English.


Recommended knowledge: OS Linux, web applications, database systems (SQL), basics of computer networks, and cryptography. It is an advantage to have the following courses completed or take them together with BI-EHA: BI-PS1, BI-DBS, BI-BEZ, BI-PSI a BI-TWA.1

Syllabus of lectures:

1. Introduction to Ethical Hacking and Penetration Testing

2. Sniffing, Spoofing & Traffic Analysis

3. Web Security I

4. Web Security II

5. Web Security III

6. Wireless Security

7. Authentication, Credentials, Passwords

8. Scoring

9. Operating Systems Security

10. Android Security

11. Embedded Systems Security, Automotive

12. Cloud Security

Syllabus of tutorials:

Lectures are intertwined with exercises/tutorials.

Study Objective:

Upon completion of the course, the students will:

* be introduced to (both theory and practice of) common computer and information security vulnerabilities in their interdisciplinary nature

* be able to perform basic penetration testing tasks (as defined by pentest-standard.org) using software tools and their own program code

* understand the broader context of cybersecurity (macro level), the wide range of related topics for further self-driven education and/or professional /academic specialization, and become savvier ICT users and developers (micro level)

* perceive ethical hacking as a 'problem-discovery' and 'problem-solving' tool (as opposed to 'problem-creating' tool)

Study materials:

[1] P. Engebretson, The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, 2nd edition. Amsterdam; Boston: Syngress, 2013.

[2] G. Weidman, Penetration Testing: A Hands-On Introduction to Hacking, 1st edition. San Francisco: No Starch Press, 2014.

[3] D. Regalado et al., Gray Hat Hacking The Ethical Hacker's Handbook, 4th edition. McGraw-Hill Education, 2015.

[4] P. Kim, The Hacker Playbook 2: Practical Guide To Penetration Testing. CreateSpace Independent Publishing Platform, 2015.

[5] T. J. O'Connor, Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, 1st edition. Amsterdam; Boston: Syngress, 2012.

[6] J. Seitz, Black Hat Python: Python Programming for Hackers and Pentesters, 1st edition. San Francisco: No Starch Press, 2014.

[7] J. Seitz, Gray Hat Python: Python Programming for Hackers and Reverse Engineers, 1st edition. San Francisco: No Starch Press, 2009.

[8] D. Kennedy et al., Metasploit: The Penetration Tester's Guide, 1st edition. San Francisco: No Starch Press, 2011.

[9] C. P. Paulino, Nmap 6: Network Exploration and Security Auditing Cookbook. Birmingham, UK: Packt Publishing, 2012.

[10] C. Sanders, Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, 2nd edition. San Francisco, CA: No Starch Press, 2011.

[11] T. Heriyanto et al., Kali Linux: Assuring Security By Penetration Testing. Birmingham, UK: Packt Publishing, 2014

Further information:
No time-table has been prepared for this course
The course is a part of the following study plans:
Data valid to 2023-09-28
Aktualizace výše uvedených informací naleznete na adrese https://bilakniha.cvut.cz/en/predmet5083506.html