Candidates can get Best Gray Hat Hacking The Ethical Hackers Handbook 3rd Edition Books 2018 also a Top List of Main Study Materials for 2017-2018 entrance exam in India.
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition
by Allen Harper and Shon Harris
- ETHICAL HACKING COURSE PROPOSAL* version 0.2 This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. JAKUB RUZICKA linkedin.com/in/littlerose firstname.lastname@example.org * I’m currently working on the course offering in 2017/2018 and looking for collaborators (do not hesitate to drop me a line!)
- OUTLINE LITERATURE SYLLABUS TEACHING METHODS EXAMINATION ENTRY REQUIREMENTS INTENDED LEARNING OUTCOMES ANNOTATION
- ANNOTATION The course gives a professional and academic introduction to computer and information security using the ethical hacking approach, which enables improved defence thanks to adopting an attacker mindset when discovering vulnerabilities, hands-on experience with different attacks, facilitates linking theory and practice in significant areas of one’s digital literacy, and can therefore be utilized by (future) security professionals, (informed) decision- makers, (savvy) users and developers alike.
- INTENDED LEARNING OUTCOMES
- INTENDED LEARNING OUTCOMES Upon completion of the course, the students will: ■ be introduced to (both theory and practice of) common computer and information security vulnerabilities in their interdisciplinary nature ■ be able to perform basic penetration testing tasks (as defined by pentest-standard.org) using software tools and their own program code ■ understand the broader context of cybersecurity (macro level), the wide range of related topics for further self-driven education and/or professional /academic specialization, and become savvier ICT users and developers (micro level) ■ perceive ethical hacking as a ‘problem-discovery’ and ‘problem-solving’ tool (as opposed to ‘problem-creating’ tool)
- INTENDED LEARNING OUTCOMES Upon completion of the course, the students will not: ■ become computer security experts (however, you will be able to have a technically competent talk with a computer security expert and/or know what to ask as a client) ■ become expert hackers and/or expert penetration testers (however, you will acquire enough skills to find, test and fix common basic computer security threats and know what to do next to grow) ■ take ‘it is secure’ for an answer (you will want to know how/when/where/why it is secure and how/when/where/why it is not) ■ perceive the ‘ethical’ in ‘ethical hacking’ as needless =) (at the first lecture of our course, following the example of similar courses, we will sign a mutual agreement regarding the conditions under which the course is taught, how to ethically and legally use your knowledge and skills, and what is /is not ok)
- ENTRY REQUIREMENTS
- ENTRY REQUIREMENTS As this should be an introductory-level course, we’ll stick to the higher-level overview and a breadth of topics (as opposed to depth /specialization, which, in turn, will be part of your final projects). We believe that anyone with enough determination, motivation and willingness to work hard (it’s worth it!) can learn anything and make great progress (khanacademy.org/youcanlearnanything). Therefore, we welcome anyone with and without prior computer security interest /experience or programming experience; visiting and domestic students; students inside and outside the Faculty of Information Technology (we’d love to see collaboration of students across various disciplines); students who intend to pass the final exam and those who just want to expand their knowledge (a diverse community is stronger and more vibrant). We’ll attempt to accommodate you by making the curriculum easy to understand (while leaving it factually correct), teaming up more experienced and less experienced students, individual consultations, and referring to open educational resources suitable for meeting necessary prerequisites or for one’s goal-directed knowledge expansion. That said, motivated ICT beginners who want to pass the course (as opposed to just auditing it) should (naturally) be ready to invest a significant part of their time in their personal development. Basic knowledge of computer science (any introductory course /professional experience /…), user knowledge of computer devices, common operating systems, possibly also network protocols (the very basics), and developer /practical experience with any programming language and/or any database management system (and a taste for learning new syntax, technologies, specifications, …)* can reinforce course participants’ protection against being overwhelmed during the semester. * All of these (and much more) can be reviewed using online open educational resources even before the course begins. We also plan to organize an information meeting for anyone interested in taking this course. Note: Course vacancies might be, free of charge, offered to the general public including but not limited to employees, freelancers, high school students, individuals on parental leave, senior citizens, and so on.
- EXAMINATION Project defence of teams consisting of (roughly) 3 students in the form of performing a penetration test in a (small and prearranged) organization*, which will be developed continuously during the whole semester (you should be able to handle the next logical step of the project after each of our f2f sessions), and which will be assessed by course lecturers and your client alike. The penetration test is expected to cover the main course topics with a specialization of each team member on a particular area she/he finds most meaningful with regards to her/his goals (it’ll be discussed with her/him during the project defence and also ensures individual contributions of all members of a team). * You will need to sign an agreement there (pentest-standard.org/index.php/Pre-engagement) for both your and the company’s protection. Even though neither (pun intended) contracting party will be financially remunerated, it’s a great way to get your first professional contact and/or recommendation.
- EXAMINATION Evaluation criteria: 20% research around the infrastructure of an organization and possible attack vectors (background and theory) 40% vulnerability analysis and exploitation (analyses, assessment, documentation, methodology, tools used, program code, raw data) 20% suggested measures (technical as well as regulatory /policies) 20% executive summary, presentation, answers to questions The course is graded A (≥90%), B (≥70%), C (≥60%), or D (<60%). A, B or C is needed to pass the course. In accordance with the examination regulations of Charles University in Prague (cuni.cz/UKEN-121-version1-cu__studyexam_7thcode.pdf), you have the right to two resit dates (i.e., max three project defences in total).
- MOTIVATION ■ improve your skills and translate theory into practice ■ gain confidence but also appreciate the huge amount of areas where one could/should build up her/his expertise ■ put a successful project on your resume and earn a professional contact who can recommend you Note: It’s important to get the job done and it doesn’t matter (too much) which tools you use. Even though it’s possible (and understandable) that you might tend to use the same procedures and methods you’ve seen at the lectures, students’ /teams’ own research and testing tailored to the needs and infrastructure of a particular organization is expected. It’s not assumed that your (likely ‘first ever’) report will be perfect (nor that you’ll discover a zero-day vulnerability =)). However, it should be apparent that you’ve tried hard (everything from the course and beyond it, based on your own research). Moreover, thanks to your client’s questions, the project defence will, in a natural manner, also cover the theory and the broader cybersecurity context (practical experience with explaining computer security to a non-expert audience).
- TEACHING METHODS
- F2F BLOCK TEACHING SESSIONS ■ interactive* /live /real-time rather than ‘scripted’ lectures (semi-formal discussion and on-time explanation of a concept) including hands-on tutorials /labs ■ short intros /’sketches’ by the lecturers (an attacker vs. a user or a defender) ■ going from the micro level (a specific vulnerability) to the macro level (corporate /national /international) ■ beginning with a particular technology /device /another entity (essential background theory, known vulnerabilities and exploits), followed by how-to using existing tools and/or one’s own program code (testing and understanding what’s happening under the hood), concluded by discussion of possible solutions, alternatives, more general questions, relations to other topics, … ■ vulnerable physical devices, virtual machines and/or informed ‘sparring partners’ allowing the students to try out different attacks ■ engagement questions and mock assignments (not only) from professional certifications’ exams ■ short trips ‘into the field’ (visiting a public space with the objective of educating the general population via proofs of concepts, visiting a computer security company, …) ■ BYOD (Bring Your Own Device) as you’ll need to set up and use your own development environment * Be engaged if you feel it improves your learning efficiency. Have a discussion, ask questions, write on the online whiteboard /contribute to the shared study material (see Distance Learning), share your personal experience and/or what you find online during the lecture (trust, but verify).
- DISTANCE LEARNING ■ open educational resources suggested for each session ■ Q&A forum (How do I ask a good question? stackoverflow.com/help/how-to-ask) ■ sharing your work in progress and discussing it with others ■ (if you agree) shared notes /study material /wiki /… created by the students of the course and for the students of the course (also reviewed and co-created by the lecturers), where one can focus on creating background for her/his specialization ■ voluntary ‘challenges’, small pen test tasks to reinforce your skills
- GUEST LECTURERS (POSSIBLY WEBINARS) ■ professionals, researchers, authors, prospective employers, … ■ expertise in a particular core topic of our course and/or on request (based on what is most meaningful to you with regard to your final project and/or your personal professional /academic goals and interests) Note: Class attendance is voluntary (naturally). Interact with the course in a way that suits you best. It’s totally fine if you’re a self-driven learner who approaches the lecturers only when she/he needs their help. Similarly, you might just want to audit the course (you don’t want to complete it) and/or hand-pick only the topics that interest you. On the other hand, if you are not engaged because you think we can do better, by all means, tell us so that we can work on it! Make the course our joint project. Let’s adjust and approve the course structure and course requirements at the very beginning so that it supports your individual and our common goals (answering all ‘Why?’ questions and introducing you to the reasoning behind the course should boost your self-motivation). Take the initiative and come up with ideas for lectures /course topics /guests /…, get involved by teaching what you know /are good at /what you want to improve in /…, contribute to the development of the course in order to obtain your desired life /professional /academic /… skills.
- MAIN TOOLS ■ Kali Linux ■ Linux command line ■ Python ■ VirtualBox
- 1. INTRODUCTION & PREREQUISITES ■ Introduction to Computer & Information Security ■ Introduction to Ethical Hacking & Penetration Testing ■ Law & Ethics of Offensive Security ■ Computer Science & Computer Fundamentals ■ Communication Protocols, Networking Technologies, Web Technologies ■ Introduction to Kali Linux ■ Introduction to Linux Command Line ■ Introduction to Python Programming
- 2. FOOTPRINTING, INTELLIGENCE GATHERING, THREAT MODELING ■ Active & Passive Reconnaissance ■ Physical Security ■ Social Engineering ■ Network Analysis ■ Intrusion Detection and Prevention ■ Firewalls & Antiviruses Note: The 2nd and 3rd blocks of the course (to which we’ll probably dedicate most of our time) cover working with vulnerability scanners, exploitation tools and other available tools, and/or developing Bash shell and Python scripts.
- 3. VULNERABILITY ANALYSIS, EXPLOITATION, POST EXPLOITATION ■ Active & Passive Attacks ■ Software, Database, Wireless, Web Application, OS & Mobile Security ■ Architecture & Security of Popular Operating Systems: Linux, Windows, OS X, Android, iOS, Chrome OS, BSD ■ Viruses, Worms, Rootkits, Trojans, Backdoors, Bots, Ransomware, Spyware, Adware & Other Malware ■ Host Attacks, Network Attacks, Spoofing, Denial of Service ■ Applied Cryptography, Password Cracking ■ Black Box & White Box Testing ■ Source Code Auditing, Fuzzing ■ Digital & Computer Forensics ■ Steganography ■ Hardware Security, Firmware, Booting ■ Malware Analysis, C/C++, Assembly ■ Debugging, Disassembly, Reverse Engineering
- 4. REPORTING, MEASURES, BUSINESS, MANAGEMENT ■ Writing a Penetration Testing Report ■ Disaster Recovery, Incident Response ■ Standards (and Their Shortcomings), Regulatory Compliance, Security Policies ■ Security Management, Risk Assessment and Security Metrics ■ Security Education and Awareness ■ Security Measures and Software /Solutions
- 5. MACRO & MICRO-LEVEL CYBERSECURITY ■ History of Computer Security ■ Milestones and Famous Hacks, Attacks & Malware ■ Economics of Cybercrime ■ Cyberwarfare, Critical Infrastructure Security ■ Privacy & Surveillance
- 6. APPLICATIONS & GETTING OUT OF YOUR COMFORT ZONE ■ Cloud Computing Security ■ Peer-to-Peer Network Security ■ Programming Languages Security ■ Embedded Device & Internet of Things Security ■ Augmented Reality & Virtual Reality Security ■ Point of Sale Security ■ E-commerce Payment Systems Security ■ Cryptocurrencies Security ■ Deep Web & Dark Web ■ Hacking Satellites ■ Hacking Cars, Drones, Planes, Trains, … ■ Hacking Washing Machines, Fridges, … ■ Quantum Computing ■ Artificial Intelligence ■ Big Data ■ Bioengineering & Biohacking ■ 3D Printing ■ Game Hacking ■ GPU malware ■ (…) Disclaimer: In spite of the fact that we’ll try to fit our sessions’ continuity with a typical sequence of steps in a penetration test (pentest-standard.org), the content of the course and the order of its sections /teaching blocks might be subject to change based on pace, level of proficiency, and other requirements of the course group. At the end of the course, we’ll apply the obtained knowledge and skills to areas beyond our comfort zone, which should be a lot of fun and expanding one’s horizons, but possibly not directly related to the final projects, therefore giving you some extra time to work on it.
- LITERATURE The students are not required to read any of the following publications but might find them handy when looking for inspiration, reference, sample code, or when some part of the course takes their interest so that they want to follow it up with more in-depth self-directed study. Further online /paperback study resources, tutorials, libraries, frameworks, and other tools will be introduced within specific topics of the course. Visit the Charles University in Prague Central Catalog at ckis.cuni.cz to access some of the books and/or their alternatives. A short metadiscussion: Bear in mind that the gals and guys who published the books below, speak at conferences, write blogs, etc. (most likely) are not the same gals and guys that might want to exploit your /your client’s vulnerability. Being a ‘good guy’ means that you are, for the most part, also taught by the ‘good guys’. It’s therefore worth to purposefully practice the bad guy’s mindset, for which we can’t provide you with any guaranteed manual. The well-documented attack vectors and (often) US- centric /written by US authors resources do not substitute your own research in your particular environment. Moreover, this list is by no means comprehensive and we’ll be able to give you a (much) more targeted recommendation if you tell us where you are (regarding your current knowledge and skills in a particular area) and where you want to be. On top of that: “Practice, practice, practice.”