Syllabus
Unit I
Introduction to Ethical Hacking & Information Security
- Study and demonstration of Information Security concepts: threats, attack vectors, and security controls.
- Case study analysis on the impact of unethical hacking and discussion on ethical hacking roles (White Hat, Grey Hat, Black Hat).
- Identification and classification of information security laws, standards, and compliance frameworks (ISO 27001, IT Act).
- Hands-on demonstration of penetration testing phases and ethical hacking methodologies.
Unit II
Reconnaissance & Social Engineering
- Perform passive reconnaissance using search engines and public information (Google hacking basics).
- Conduct footprinting using WHOIS and DNS lookup tools.
- Demonstrate network scanning techniques using authorized scanners (e.g., Nmap).
- Packet capturing and analysis using sniffing tools (e.g., Wireshark).
- Social engineering attack scenarios—analysis and defense strategies (email phishing simulation).
Unit III
TCP/IP Vulnerabilities & Cryptography
- Demonstrate TCP/IP vulnerabilities using simulated lab scenarios (IP spoofing and SYN flood analysis).
- Study and implementation of ICMP-based attack detection and mitigation.
- Analyze encryption algorithms and popular ciphers (AES, DES, RSA).
- Perform password strength analysis and cracking demonstration using controlled datasets.
- Implement cryptographic hashing and verify data integrity.
Unit IV
Attacks, Vulnerabilities & Incident Handling
- Simulate session hijacking scenarios and analyze prevention techniques.
- Demonstrate denial-of-service attack detection and mitigation strategies.
- Study buffer overflow vulnerabilities using secure coding practices.
- Analyze web application vulnerabilities (SQL Injection, XSS) using test environments.
- Identify operating system vulnerabilities and apply security patches.
- Perform incident response and handling using a simulated security breach scenario.
Objectives and Outcomes
Course Description
This course introduces students to a wide range of topics related to ethical hacking and penetration testing tools. The course provides an in-depth understanding of how to effectively protect computer networks by simulating attacks in a controlled environment.
Course Objectives
- To Understand the core foundations of ethics in regard to computer security.
- Learn about the hacker mindset and the history of hackers
- Understand basic networking and security technologies
- Gain a basic understanding of security policy
- Learn about basic system defense infrastructure
Course Outcomes
|
CO
|
Description
|
|
CO1
|
Build a secure virtualized environment for ethical hacking simulations.
|
|
CO2
|
Demonstrate proficiency in gathering intelligence and enumerating network services.
|
|
CO3
|
Analyze network packets to detect vulnerabilities and intercept sensitive data.
|
|
CO4
|
Execute system and web-based exploits using industry-standard frameworks like Metasploit and Burp Suite.
|
CO-PO Mapping
|
CO
|
PO1
|
PO2
|
PO3
|
PO4
|
PO5
|
PO6
|
PO7
|
PO8
|
|
CO1
|
2
|
–
|
–
|
–
|
3
|
–
|
–
|
–
|
|
CO2
|
–
|
2
|
–
|
–
|
3
|
–
|
–
|
–
|
|
CO3
|
–
|
2
|
–
|
3
|
3
|
–
|
–
|
–
|
|
CO4
|
–
|
–
|
3
|
–
|
3
|
–
|
1
|
–
|
