Ethical Hacking

• Explain each of the phases in the Cyber Kill Chain
• List commonly used reconnaissance techniques and the sources of data that they provide
• Perform an open source intelligence investigation
• Identify services on a host system
• Analyze a host system for known (and unknown) vulnerabilities
• Infiltrate host system by exploiting vulnerabilities using publicly available tools
• Explain common techniques for lateral movement, retaining access and establishing communication with Command and Control Server
• Explain common techniques for exfiltration of data through covert channels

This course provides students with practical experience in network security, so that they better understand the threat landscape and the techniques and tools commonly used to exploit vulnerabilities and exploit systems. It provides hands-on experience with penetration testing and ethical hacking.
Students are introduced to all phases of the Cyber Kill Chain, from hostile reconnaissance to data exfiltration, and learn how to conduct a penetration test and document discovered vulnerabilities in a penetration test report.

02239/02233, The course is an advanced course that requires basic understanding of both computer and network security.

Lectures, exercises and assignments

Throughout the Ethical Hacking course, a number of hacking tools will be demonstrated.
It should be emphasized that these tools must never be used for illegitimate purposes. Never hack a system that you do not own or where you have a precise written contract with the owner and never hack a system that you depend on.
If you are in doubt as to whether or not the application of a given tool is legal or not, you should contact either DTU’s legal counsel or relevant public authorities