Security & Ethical Hacking: Attacking the Network

Overview

This course explains the science and art behind offensive security techniques used in penetration testing of networks and systems. A review of networking concepts is given. Students will utilize low-level programming through network interfaces, in executing a variety of network attacks, while learning to use essential auxiliary tooling for both recon and active attacks. An introduction to cryptogpahy for pentesters is provided. An understanding of python programming and networking basics is required. Course assessments are practical work, quizzes and exams. This course can be taken for academic credit as part of CU Boulder’s Masters of Science in Computer Science (MS-CS) degrees offered on the Coursera platform. This fully accredited graduate degree offer targeted courses, short 8-week sessions, and pay-as-you-go tuition. Admission is based on performance in three preliminary courses, not academic history. CU degrees on Coursera are ideal for recent graduates or working professionals. Learn more: MS in Computer Science: https://coursera.org/degrees/ms-computer-science-boulder

Syllabus

Introductory Concepts

Module 1 provides an introduction to the course sequence, motivations, ethical concepts and challenges, and a refresher on networking concepts.

Essential Tooling and Libraries

Module 2 provides an in-depth technical introduction to network packet crafting and interpretation with scapy. Other essential tools such as ncat (and the older netcat!), as well as an introduction to monitoring tools.

Recon and Discovery with Nmap

Module 3 provides a detailed exposition of Nmap for host discovery, port scanning, service and operating system identification. We touch on firewalking (firewall bypass) and evasion techniques in heavily monitored environments. We also discuss other, related tooling, and manual construction with scapy for some things beyond nmap native capability.

Network Manipulation, Positioning and Practical Attacks/Defenses

Module 4 examines how network recon leads to a variety of network attacks, and the timeline of modern browser-built defenses in encrypted communication, and how these can be bypassed. An advanced attack scenario with malicious software updates is presented.

Encrypted Tunneling for Remote Attacks with SSH

Most advanced attackers possess evasive capabilities when operating campaigns in any target network -- module 5 builds on previous material and focuses specifically on masking attacker activities with network tunneling. We examine the SSH protocol and tunneling forms, as well as how to use dynamic socks proxies to enable any remote tool to covertly tunnel into, and operate within, a target space.