CIS*6540 - Advanced Penetration Testing and Exploit Development
This course provides practical knowledge on ethical hacking. Students learn about common security issues and various tools to discover and exploit these issues. Students learn how to plan, execute, and document a penetration test, and how to develop customized exploits to penetrate a target platform.
Upon successful completion of this course, students will have demonstrated the ability to:
- Develop a rigorous penetration testing report by:
- Conducting structured discovery of security vulnerabilities in networks and web services;
- Conducting effective penetration tests given known threats towards networks and web services;
- Detecting software vulnerabilities and developing proof of concept exploits to demonstrate those; and
- Proposing concrete methods to fix discovered security vulnerabilities;
- Integrate ethics, regulations, and best practices relating to penetration testing and exploit development activities; and
- Work collaboratively in teams to conduct research and communicate rational and reasoned arguments using appropriate methods.
- Introduction, Penetration Testing Standards, Legal and Ethical Issues
- Host and Network Scanning Techniques
- Exploiting Software Vulnerabilities
- Defeating OS and Complier Specific Defences
- Attacks on User Authentication
- Social Engineering and Wireless Networks
- Exploiting Web Applications
- Countermeasures, Fuzz Testing
- Patch Exploitatiion, Exploitation Frameworks
|Assessment Item||Weight||Learning Outcomes|
|Practical Exam||60%||LO1, LO2, LO3|
You are responsible for ensuring that your computer system meets the necessary system requirements. Use the browser check tool to ensure your browser settings are compatible and up to date (results will be displayed in a new browser window).
*Course details are subject to change.