IT

IT5043: Ethical Hacking Syllabus for IT 8th Sem 2019 Regulation Anna University (Professional Elective-VII)

Ethical Hacking detailed syllabus for Information Technology (IT) for 2019 regulation curriculum has been taken from the Anna Universities official website and presented for the IT students. For course code, course name, number of credits for a course and other scheme related information, do visit full semester subjects post given below.

For Information Technology 8th Sem scheme and its subjects, do visit IT 8th Sem 2019 regulation scheme. For Professional Elective-VII scheme and its subjects refer to IT Professional Elective-VII syllabus scheme. The detailed syllabus of ethical hacking is as follows.

Ethical Hacking

Course Objective:

For the complete syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Unit I

Introduction To Hacking
Introduction to Hacking – Important Terminologies – Penetration Test – Vulnerability Assessments versus Penetration Test – Pre-Engagement – Rules of Engagement -Penetration Testing Methodologies – OSSTMM – NIST – OWASP – Categories of Penetration Test – Types of Penetration Tests – Vulnerability Assessment Summary -Reports.

Suggested Activities:

  • In-class activity to understand the penetration testing methodologies.
  • Practical – Use security tools in Kali Linux to assess the vulnerabilities.
  • Prepare Vulnerability Assessment summary reports.

Suggested Evaluation Methods:

  • Assignment on categories of penetration testing and vulnerability summary reports .
  • Quiz on penetration testing methodologies, OSSTMM and OWASP.

Unit II

For the complete syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Unit III

Network Attacks
Vulnerability Data Resources – Exploit Databases – Network Sniffing – Types of Sniffing -Promiscuous versus Nonpromiscuous Mode – MITM Attacks – ARP Attacks – Denial of Service Attacks -Hijacking Session with MITM Attack – SSL Strip: Stripping HTTPS Traffic -DNS Spoofing – ARP Spoofing Attack Manipulating the DNS Records – DHCP Spoofing -Remote Exploitation – Attacking Network Remote Services – Overview of Brute Force Attacks – Traditional Brute Force – Attacking SMTP – Attacking SQL Servers – Testing for Weak Authentication.

Suggested Activities:

  • Familiarizing with different types of attacks such as sniffing, spoofing etc.
  • Demonstrating the MITM attack using ARP Poisoning using Kali Linux.
  • Teaching with case studies: SSL Stripping, SQL Injection, Brute Force attacks.

Suggested Evaluation Methods:

  • Assignment on denial of service (DoS) attack and hijacking session with MITM attack.

    • Quizzes on SSL stripping, ARP spoofing and weak authentication.

Unit IV

For the complete syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Unit V

Wireless and Web Hacking
Wireless Hacking – Introducing Aircrack- Cracking the WEP – Cracking a WPA/WPA2 Wireless Network Using Aircrack-ng – Evil Twin Attack – Causing Denial of Service on the Original AP – Web Hacking – Attacking the Authentication – Brute Force and Dictionary Attacks – Types of Authentication – Log-In Protection Mechanisms – Captcha Validation Flaw – Captcha RESET Flaw – Manipulating User-Agents to Bypass Captcha and Other Protection – Authentication Bypass Attacks – Testing for the Vulnerability – Automating It with Burp Suite – Session Attacks – SQL Injection Attacks – XSS (Cross-Site Scripting) -Types of Cross-Site Scripting – Cross-Site Request Forgery (CSRF) – SSRF Attacks.

Suggested Activities:

  • Cracking the WEP and WPA/WPA2 passphrase using Cracking tool in Kali Linux.
  • Design a web application with different authentication mechanism.
  • Understand the protection mechanism to prevent against various server attacks.

Suggested Evaluation Methods:

  • Assignment on evil twin attack and denial of service attack on access point in WLAN.
  • Quizzes on types of authentication and vulnerabilities in a web application.

Course Outcome:

For the complete syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Text Books:

  1. Rafay Baloch, “Ethical Hacking and Penetration Testing Guide”, CRC Press, 2014.

References:

  1. Kevin Beaver, “Ethical Hacking for Dummies”, Sixth Edition, Wiley, 2018.
  2. Jon Erickson , “Hacking: The Art of Exploitation”, Second Edition, Rogunix, 2007.

For detailed syllabus of all the other subjects of Information Technology 8th Sem, visit IT 8th Sem subject syllabuses for 2019 regulation.

For all Information Technology results, visit Anna University IT all semester results direct link.

View All Post

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.