This module will cover the following topic areas:



Introduction to ethical hacking

Ethical hacking phases

Approaches to penetration testing

Common Vulnerability Scoring Systems

Programming Skills (Bash)

Programming Skills (Python)

Ethical hacking tools

Privileges escalation

An introduction to C and its use in forensics

Exploitation development

Hacking the invisible (wireless penetration testing)

Portfolio report – A written portfolio that details approaches to ethical hacking and the tools available, and capabilities. The portfolio will also include a review of systems and a comparison of typical vulnerabilities (Learning Outcomes 1 and 2).

Practical artefact – The artefact will involve planning a procedural penetration test and carrying this out with a record of results (Learning Outcomes 3 and 4).

Students will be required to complete background reading prior to each lecture / tutorial. The background reading will help them underpin the practical demonstrations. Practical tasks will be used to re-enforce and apply theory to encourage an analytical and problem-based approach to penetration testing. Students will work through the module material provided on the Virtual Learning Environment (VLE) at their own pace. The material will include some practical activities and review questions that allow students to assimilate the concepts and skills required by the module. Google scholars, E-books, Research papers and journals will be used to support study on the module.

1. Demonstrate knowledge and understanding of a range of ethical hacking methods, tools, techniques, and systems and their application.

Knowledge and Understanding,

Application

2. Identify weaknesses and vulnerabilities on target system(s) and critically evaluate them in order to propose mitigation techniques.

Analysis,
Learning,
Problem Solving



3. Demonstrate practical skills involved in exploiting vulnerabilities and securing networked services and stand-alone systems.

Knowledge and Understanding,
Application, Learning



4. Communicate effectively the results of a planned penetration test.

Communication

Web Application Security, Andrew Hoffman, O’Reilly, 2020

Wireless Hacking, Hugo Hoffman, independently published, 2020

Gray Hat Hacking, Allen Harper et. al, McGraw-Hill Education; 5th edition, 2018

The Web Application Hacker’s Handbook, Dafydd Stuttard and Marcus Pinto, Wiley; 2nd edition, 2011

CEH v11 Certified Ethical Hacker Study Guide + Practice Tests Set, Sybex; 2nd edition, 2021

Ethical Hacking: A Hands-On Introduction to Breaking, Daniel Graham, No Starch Press, 2021¿

Access to the Virtual Learning Environment (VLE)

Access to virtual lab environment.

Access to digital library.

Access to a desktop or laptop that supports virtualisation.

A reliable Internet connection.

In this module you will study computer systems and network infrastructure as an attractive target to attackers. Hackers often manipulate software vulnerabilities and poor configuration to successfully gain access and steal information. To secure a system it is essential for computer security professionals to understand the structure, configuration, tools and techniques that hackers rely upon to successfully commit their act. It is also important to test the network regularly and discover any vulnerability due to miss configuration or poor patching.