Presentation and workshop documents are linked from the table below. The lecture presentations are available as pdf documents with 1 page per sheet (click e.g. L01) or as pdf handouts with 4 pages per sheet (click e.g. H01). The workshop presentations are available for the tasks (click e.g. W01) and for the solutions (click e.g. WS01). All lectures and workshops are recorded as podcasts. Podcasts can be downloaded from the table (click e.g. PL01, PW01).
Week Date Type |
L# | Topic | Podcast | For interested |
Home exam tasks |
---|---|---|---|---|---|
W35 Lect. |
Basis of ethical hacking, general information gathering. Laszlo Erdodi |
|
|
||
W35 WS |
|
Tasks on general information gathering, obtaining key information, documents, hidden web content. |
|
||
W36 Lect. |
Technical information gathering, identifying the network of the target. Laszlo Erdodi |
||||
W36 WS |
|
Tasks on collecting network information, identifying the ip ranges of the target. Laszlo Erdodi |
|
|
|
W37 Lect. |
Network reconnaissance, port scanning. Laszlo Erdodi |
|
Nmap port scanning | ||
W37 WS |
|
Port scanning the practice network, finding services. Laszlo Erdodi |
|
||
W38 Lect. |
Get in touch with the services: attacking ftp, smtp, dns, ssh. |
||||
W38 WS |
Attacking services in the practice network. Laszlo Erdodi |
|
|||
W39 Lect. |
Web hacking basis: client side bypass, tampering data, brute-forcing. Laszlo Erdodi |
|
|||
W39 WS |
Attacking webpages in the practice network. Laszlo Erdodi |
|
|||
W40 Lect. |
Web hacking on the client side: Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks. Laszlo Erdodi |
||||
W40 WS |
Attacking webpages in the practice network. Laszlo Erdodi |
|
|||
W41
|
No lecture | ||||
W41
|
No workshop |
|
|||
W42 Lect. |
Sql injection, Xpath injection, Server side template injection, File inclusion. Laszlo Erdodi |
||||
W42 WS |
Attacking webpages in the practice network. Laszlo Erdodi |
|
|||
W43 Lect. |
Software vulnerability exploitation: stack overflow, Return Oriented Programming. Laszlo Erdodi |
|
|||
W43 WS |
|
Writing basic exploits for vulnerabilities. |
|
||
W44 Lect. |
|
Software vulnerability exploitation 2: attacking the heap, using Metasploit for exploitation. |
|
||
W44 WS |
|
Metasploit practice. |
|
||
W45 Lect. |
|
Software fuzzing Social Engineering |
|
||
W45 WS |
|
Social engineering practice Laszlo Erdodi |
|||
W46 Lect. |
Internal network hacking: Sniffing the traffic, ARP poisoning, DNS poisoning. |
||||
W46 WS |
|
ARP poisoning in the target network. |
|
||
W47 Lect. |
Offline password cracking |
|
|||
W47 WS |
Cracking hashes with different techniques |
||||
W48 Lect. |
Wireless hacking, Review, Sample exam |
||||
W48 WS |
|
Supervision, Exam preparation |
|
||
Back to IN5290 2022 main page.