#REQUEST.pageInfo.pagedescription#

Site Navigation

COMP9050 - Offensive Security

banner1
Title:Offensive Security
Long Title:Offensive Security
Module Code:COMP9050
 
Credits: 10
NFQ Level:Expert
Field of Study: Computer Science
Valid From: Semester 1 - 2016/17 ( September 2016 )
Module Delivered in 2 programme(s)
Module Coordinator: TIM HORGAN
Module Author: Sean McSweeney
Module Description: The increasing prevalence of cyber attacks has increased the requirement in organizations to perform regular vulnerabilities assessment and penetration testing. This offensive approach to information security is a emergine field and is rapidly evolving and thus there is an acute lack of suitably skilled individuals. In this module the student will develop a sophisticated theoretical and practical knowledge of both Web Application and Network Penetration Testing.
Learning Outcomes
On successful completion of this module the learner will be able to:
LO1 Discuss the challenges associated with network and web application penetration testing.
LO2 Classify current and emerging network vulnerabilities.
LO3 Examine web application vulnerabilities (OWASP Top Ten).
LO4 Employ host exploitation attacks to compromise network nodes.
LO5 Assess the activities involved in each stage of a network and web application penetration test.
LO6 Employ a suite of advanced tools to perform both web appliction and network penetraion tests.
LO7 Appraise current and emerging offensive security techniques.
Pre-requisite learning
Module Recommendations
This is prior learning (or a practical skill) that is strongly recommended before enrolment in this module. You may enrol in this module if you have not acquired the recommended learning but you will have considerable difficulty in passing (i.e. achieving the learning outcomes of) the module. While the prior learning is expressed as named CIT module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
No recommendations listed
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. You may not earn additional credit for the same learning and therefore you may not enrol in this module if you have successfully completed any modules in the incompatible list.
No incompatible modules listed
Co-requisite Modules
No Co-requisite modules listed
Requirements
This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. You may not enrol on this module if you have not acquired the learning specified in this section.
No requirements listed
Co-requisites
No Co Requisites listed
 

Module Content & Assessment

Indicative Content
Penetration Testing Overview
Reconnaissance Techniques, Network Scanning Overview, Vulnerability Assessment, Exploitation, Post Exploitation and Reporting
Reconnaissance Techniques.
Social engineering. Automated reconnaissance and search engine mining. DNS interrogation. Zone transfers. Recon-ng, Maltego, the Harvester
Scanning Techniques
Port scanning. OS fingerprinting. Vulnerability scanning. Network mapping. Packet capture and manipulation. Nmap, OpenVAS, Nessus, w3af, Burp
Network Attacks
Bypassing network access/admission control. Exploiting EAP-MD5 authentication. Scripting for real-world pen tester tasks. Detection avoidance techniques. Tools: Metasploit, ShellNoob, Yersinia
Web Application Attacks
OWASP Top 10, SQL Injection. Cross-Site Request Forgery. Command injection. Tools: SamuraiWTF, Burp, sqlninja
Wireless Attacks
Exploiting vulnerabilities in 802.11, WEP, WPA and LEAP. Tools: AirCrack-ng, Bluesnarfer, Fern WiFi Cracker
Host Exploitation
Linux code execution redirection and memory leaks. Defeating stack protection on the Linux OS. Windows 7, 8 and 10 exploitation. Creating an exploit module. Windows stack exploitation.
Post Exploitation Methods
Backdoor kits and reverse shells. Implementing Port Forwarding Relays. Post exploitation with shellcode and exploit kits. Shell installation of VNC/RDP/SSH. Tools: BDF, Cryptcat, netcat
Password Attacks
Password Hash Representation method. Automated Password Guessing. Password cracking. Extracting Hashes and Passwords from Memory. Using Rainbow Tables. Tools: Ncrack, John the Ripper, TrueCrack
Assessment Breakdown%
Course Work100.00%
Course Work
Assessment Type Assessment Description Outcome addressed % of total Assessment Date
Written Report This report will assess the student's theoretical knowledge of penetration testing techniques, tools and frameworks. The student may be expected to write a current state of the art for offensive security and how this is applicable to a particular industry. 1,2,3,7 40.0 Week 5
Project This project will evaluate the student's capacity to perform a network penetration test. The student may be explected to employ and describe reconnaissance, network mapping, vulnerability assessment, exploit crafting techniques and password attacks. 2,4,5,6 30.0 Week 8
Project The focus of this project will be to execute and document a web application penetration test. The student will be expected to employ both theoretical and practical knowledge learned in the module to perform this activity. 3,6 30.0 Sem End
No End of Module Formal Examination
Reassessment Requirement
Coursework Only
This module is reassessed solely on the basis of re-submitted coursework. There is no repeat written examination.

The institute reserves the right to alter the nature and timings of assessment

 

Module Workload

Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture Lecture delivering theory underpinning learning outcomes. 4.0 Every Week 4.00
Lab Lab to support learning outcomes. 2.0 Every Week 2.00
Independent & Directed Learning (Non-contact) Independent study. 8.0 Every Week 8.00
Total Hours 14.00
Total Weekly Learner Workload 14.00
Total Weekly Contact Hours 6.00
Workload: Part Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture Lecture delivering theory underpinning learning outcomes. 4.0 Every Week 4.00
Lab Lab to support learning outcomes. 2.0 Every Week 2.00
Independent & Directed Learning (Non-contact) Independent study. 8.0 Every Week 8.00
Total Hours 14.00
Total Weekly Learner Workload 14.00
Total Weekly Contact Hours 6.00
 

Module Resources

Recommended Book Resources
  • Peter Kim 2015, The Hacker Playbook 2: Practical Guide To Penetration Testing, CreateSpace Independent Publishing Platform [ISBN: 1512214566]
  • Rafay Baloch 2014, Ethical Hacking and Penetration Testing Guide, Auerbach Publications [ISBN: 1482231611]
  • Dafydd Stuttard 2011, The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Ed., Wiley [ISBN: 0470170778]
  • Ben Clark 2014, Rtfm: Red Team Field Manual, 1 Ed., CreateSpace Independent Publishing Platform [ISBN: 1494295504]
Recommended Article/Paper Resources
  • Mainka, Christian, Juraj Somorovsky, and Jörg Schwenk. 2012, Penetration testing tool for web services security., IEEE Eighth World Congress on Services
Supplementary Article/Paper Resources
  • Büchler, Matthias, Johan Oudinet, and Alexander Pretschner. 2012, Semi-automatic security testing of web applications from a secure model., IEEE Sixth International Conference on Software Security and Reliability
Other Resources
 

Module Delivered in

Programme Code Programme Semester Delivery
CR_KINSE_9 Master of Science in Information Security 2 Mandatory
CR_KINSY_9 Postgraduate Diploma in Science in Information Security 2 Mandatory

Cork Institute of Technology
Rossa Avenue, Bishopstown, Cork

Tel: 021-4326100     Fax: 021-4545343
Email: help@cit.edu.ie