Workshop Duration: 2 days (16 hrs.)
The duration of this workshop will be two consecutive days, with eight hour session each day in a total of sixteen hours properly divided into theory and hands on sessions. At the end of this workshop, a small competition will be organized among the participating students and winners will be awarded with a
Workshop Level: Beginner Level
(Best suited for all B.Tech/B.E./BCA/BSc Engg. 1st & 2nd year students)
Workshop Certification: Certified by Robosapiens Technologies Pvt. Ltd.
Looking to organise this Workshop in your college campus
click here!!
Workshop Content:
"A hacker is a person who breaks into computers. The term hacker who types a few commands at a computer screen—and poof! The computer spits back account numbers or other confidential data. In reality, a good hacker just has to understand how a computer system works and know what tools to employ in order to find a security weakness."
Different Types of Hacker Classes:
1. Black Hat
2. White Hat
3. Grey Hat
Ethical Hackers Vs Crackers:
Ethical hackers are usually security professionals or network penetration testers who use their hacking skills and toolsets for defensive and protective purposes.
The term cracker describes a hacker who uses their hacking skills and toolset for destructive or offensive purposes such as disseminating viruses or performing DoS attacks to compromise or bring down systems and networks.
Two Day workshop Schedule:
Day 1
Phase One: |
Ethics
- Hacking history : How it all began
- Why is security needed?
- What is ethical hacking?
- Ethical Hacker Vs Malicious hacker
- Types of Hackers
- Building an approach for ethical hacking
Windows security & Google Hacking
- Windows security
- Registry
- Port & Services
- Securing Windows
- Looking for loop holes in windows
- What is Google and how does it work?
- Google tricks
- Basic hacks
- How can Google hacking help an Ethical Hacker?
- Preventing Google crawls
- Practical class: Case studies
Basics of Internet, Networking & Hacking
- What is a Network?
- Types of network – LANs, WANs & WLANs.
- What is Internet?
- History of the Internet.
- Basic Structure.
- What is a Server?
- What is an IP Address?
- What is a domain name?
- IP-Domain Relation.
- Client-Server Relationship Model.
- Internet networking.
- What is a port?
- What is Programming?
- Types of programming languages.
- What is a Programming loophole or error?
- Basic explanation of exploitation of loopholes.
|
|
Day 1
Phase Two: |
Scanning
- What I scanning?
- Objectives of Scanning
- Practical Class
- Scanning tools to be used:
- Nmap
- Null Scan
- Firewalk
- XMAS Scan
- NIKTO
- GFI Languard
Types of threats in the Internet age
- Viruses: Trojans, Worms, Malware, Spyware
- Modes of spreading
- Different Ways a Trojan can Get into a System
- Indications of a Trojan Attack
- Some Famous Trojans and Ports They Use
- How to Determine which Ports are Listening
- Concepts
- Famous Trojans
- How to Detect Trojans?
- Netstat
- MS Configuration Utility
- Countermeasures
- Phishing sites
- Sniffers
- Spoofing
- Session Hijacking
- Spoofing Vs Hijacking
- Types of Hijacking
E-Mail Hacking, Firewalls & DOS attacks
- How does an email work?
- Tracing an email
- Spam
- What is spamming?
- Methods of prevention
- Laws about spamming
- Fake emails
- Detecting fake emails
- What is a firewall? & How can it help you
- How a firewall works
- Demo on installing and using firewall
- What is a DOS attack?
- What is a DDOS attack?
- DOS Vs DDOS
- Types of DOS attacks
- Key loggers & how it works?
|
|
Day 2
Phase Three: |
Hacking web servers
- Web Application Vulnerabilities
- Web based password cracking techniques
- SQL injection
- PHP injection
- Hacking wireless networks
The new age OS: LINUX
- What is LINUX
- LINUX Vs Windows
- Advantages and disadvantages over each other
- Cost factor
- Support
- GUI & Security factor
- Ubuntu: A flavor of LINUX
More on Session hijacking
- Understanding sessions
- Passive Vs Active session hijack
- TCP sessions and HTTP sessions
- TCP session hijacking: Telnet
- Stealing Cookies to hijack session ID: XSS
More on PHP injection
- Understanding server side scripting
- Using code injection to escalate privileges
- Briefings on PHP, ASP etc.
- Coding PHP shell
- Using PHP shells
- Exploiting file upload vulnerability
- PHP vulnerable functions and safe mode
- Prevention of code injection
|
|
Day 2
Phase Four: |
More on SQL injection
- Defining SQL
- Understanding web application
- Using SQL to login via middleware language
- Checking SQL injection vulnerability
- URL and Forms
- SQL Query SELECT, DROP etc.
- SQL cheat sheets
- Using source changes to bypass client side validation
- PHP magic quotes
- Using SQL injection tools
- Importance of server side validation
More on sniffing
- Introduction: Active Vs passive
- DNS, ARP
- Tools: Wireshark, Ettercap, Cain n Abel
- Detecting sniffing
- DNS poisoning
- Router hacking
- Emulating WAN Sniffing
|
|
Day 2
Phase Five: |
Cryptography
- Introduction to Cryptography
- Encryption and Decryption
- Cryptographic Algorithms
- Secure Socket Layer
- Digital signature
- Cryptography tools
- Cryptography attacks
|
|
Day 2
Phase Six: Optional |
Password Cracking
- How to steal passwords
- Hashing algorithm
- Active brute force attack
- Passive brute force attack
- Web based password cracking techniques
|
|
