CSEC504 PENETRATION TESTING AND VULNERABILITY ANALYSIS
| Course Code: |
9100504 |
| METU Credit (Theoretical-Laboratory hours/week): |
3(0-0) |
| ECTS Credit: |
8.0 |
| Department: |
Cyber Security |
| Language of Instruction: |
English |
| Level of Study: |
Graduate |
| Course Coordinator: |
|
| Offered Semester: |
Fall Semesters. |
Course Content
Introduction to penetration testing. Penetration testing planning; determining scope and rules of engagement documentation. Penetration testing tools: setting up virtual up and toolset. Reconnaissance phase: open source intelligence. information gathering. correlation. verification. and priorization. Scanning phase: enumeration. port scanning. and vulnerability analysis. Exploitation phase: manual exploitation. password cracking and Metasploit framework. Post-exploitation phase: Data gathering. network analysis. maintaining access. pivoting. Reporting phase: penetration test report structure and components. Bypassing security controls and avoiding detection.
