National University of Sciences and Technology
Home | Back
IS-825 Vulnerability Exploitation and Defense
Campus MCS
Programs PG
Session Spring Semester 2017
Course Title Vulnerability Exploitation and Defense
Course Code IS-825
Credit Hours 3+0
Course Objectives The course presents participants with contemporary ethical attacking
Detail Content
  1. Introduction to Ethical Hacking Understanding Ethical Hacking Terminology , Identifying different types of Hacking Technologies, Five Stages of Ethical Hacking, Hacker Classes, Vulnerability Research Legal Implications of Hacking
  2. Footprinting and Social Engineering Introduction to foot printing, Information gathering methodology, DNS Enumeration Who is and ARIN Lookups, Introduction to Social Engineering, Common type of social engineering attacks, Phishing Attacks, Online Scams, Social Engineering countermeasures
  3. Scanning and Enumeration Port Scanning , Network Scanning , Vulnerability Scanning ,Ping Sweep techniques, Understanding Nmap Command switches ,Using SYN, Stealth, XMAS,NULL and FIN Scans ,Understanding Banner Grabbing and OS Fingerprinting ,Using proxy servers to launch an attack, Understanding IP spoofing and HTTP tunneling
  4. System Hacking Password cracking techniques , Redirecting the SMB Logon to Attacker , Redirecting SMB, NetBIOS DoS attacks, Password cracking countermeasures, Understanding Keyloggers and other spy ware technologies , Escalating Privileges, Buffer Overflow Attacks , Understanding Root kits, Understand How to break into a system
  5. Sniffing Understanding protocols susceptible to sniffing, Active and passive sniffing, ARP poisoning, Understanding MAC flooding, DNS Spoofing , Sniffing countermeasures
  6. Hacking Web Servers Hacking Web Servers, Web Application Vulnerabilities, Web-Based Password Cracking Techniques
Text/Ref Books
  1. EC-Council Official Certified Ethical Hacker by Kimberly Graves
  2. Aggressive Network Self-Defense by Neil R. Wyler, Bruce Potter, Chris Hurley
  3. “Meta spoilt: The Penetration Tester's” by David Kennedy by(Author), Jim O'Gorman, (Author), Devon Kearns , (Author), Mati Aharoni (Author)
  4. “The Shell coder's Handbook: Discovering and Exploiting Security Holes” by Chris Anley , John Heasman , Felix Linder.
  5. Web Application Vulnerabilities: Detect, Exploit, Prevent by Steven Palmer
Time Schedule Spring Semester 2015
Faculty/Resource Person Lec Waleed Bin Shahid, MS
National University of Science and Technology, Islamabad
Discipline: Information Security
Specialization: Information Security