Module Details

Module Code: COMP9050
Title: Offensive Security
Long Title: Offensive Security
NFQ Level: Expert
Valid From: Semester 1 - 2016/17 ( September 2016 )
Duration: 1 Semester
Credits: 10
Field of Study: 4811 - Computer Science
Module Delivered in: 2 programme(s)
Module Description: The increasing prevalence of cyber attacks has increased the requirement in organizations to perform regular vulnerabilities assessment and penetration testing. This offensive approach to information security is a emergine field and is rapidly evolving and thus there is an acute lack of suitably skilled individuals. In this module the student will develop a sophisticated theoretical and practical knowledge of both Web Application and Network Penetration Testing.
 
Learning Outcomes
On successful completion of this module the learner will be able to:
# Learning Outcome Description
LO1 Discuss the challenges associated with network and web application penetration testing.
LO2 Classify current and emerging network vulnerabilities.
LO3 Examine web application vulnerabilities (OWASP Top Ten).
LO4 Employ host exploitation attacks to compromise network nodes.
LO5 Assess the activities involved in each stage of a network and web application penetration test.
LO6 Employ a suite of advanced tools to perform both web appliction and network penetraion tests.
LO7 Appraise current and emerging offensive security techniques.
Dependencies
Module Recommendations

This is prior learning (or a practical skill) that is strongly recommended before enrolment in this module. You may enrol in this module if you have not acquired the recommended learning but you will have considerable difficulty in passing (i.e. achieving the learning outcomes of) the module. While the prior learning is expressed as named MTU module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. You may not earn additional credit for the same learning and therefore you may not enrol in this module if you have successfully completed any modules in the incompatible list.
No incompatible modules listed
Co-requisite Modules
No Co-requisite modules listed
Requirements

This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. You may not enrol on this module if you have not acquired the learning specified in this section.
No requirements listed
 
Indicative Content
Penetration Testing Overview
Reconnaissance Techniques, Network Scanning Overview, Vulnerability Assessment, Exploitation, Post Exploitation and Reporting
Reconnaissance Techniques.
Social engineering. Automated reconnaissance and search engine mining. DNS interrogation. Zone transfers. Recon-ng, Maltego, the Harvester
Scanning Techniques
Port scanning. OS fingerprinting. Vulnerability scanning. Network mapping. Packet capture and manipulation. Nmap, OpenVAS, Nessus, w3af, Burp
Network Attacks
Bypassing network access/admission control. Exploiting EAP-MD5 authentication. Scripting for real-world pen tester tasks. Detection avoidance techniques. Tools: Metasploit, ShellNoob, Yersinia
Web Application Attacks
OWASP Top 10, SQL Injection. Cross-Site Request Forgery. Command injection. Tools: SamuraiWTF, Burp, sqlninja
Wireless Attacks
Exploiting vulnerabilities in 802.11, WEP, WPA and LEAP. Tools: AirCrack-ng, Bluesnarfer, Fern WiFi Cracker
Host Exploitation
Linux code execution redirection and memory leaks. Defeating stack protection on the Linux OS. Windows 7, 8 and 10 exploitation. Creating an exploit module. Windows stack exploitation.
Post Exploitation Methods
Backdoor kits and reverse shells. Implementing Port Forwarding Relays. Post exploitation with shellcode and exploit kits. Shell installation of VNC/RDP/SSH. Tools: BDF, Cryptcat, netcat
Password Attacks
Password Hash Representation method. Automated Password Guessing. Password cracking. Extracting Hashes and Passwords from Memory. Using Rainbow Tables. Tools: Ncrack, John the Ripper, TrueCrack
Module Content & Assessment
Assessment Breakdown%
Coursework100.00%

Assessments

Coursework
Assessment Type Written Report % of Total Mark 40
Timing Week 5 Learning Outcomes 1,2,3,7
Assessment Description
This report will assess the student's theoretical knowledge of penetration testing techniques, tools and frameworks. The student may be expected to write a current state of the art for offensive security and how this is applicable to a particular industry.
Assessment Type Project % of Total Mark 30
Timing Week 8 Learning Outcomes 2,4,5,6
Assessment Description
This project will evaluate the student's capacity to perform a network penetration test. The student may be explected to employ and describe reconnaissance, network mapping, vulnerability assessment, exploit crafting techniques and password attacks.
Assessment Type Project % of Total Mark 30
Timing Sem End Learning Outcomes 3,6
Assessment Description
The focus of this project will be to execute and document a web application penetration test. The student will be expected to employ both theoretical and practical knowledge learned in the module to perform this activity.
No End of Module Formal Examination
Reassessment Requirement
Coursework Only
This module is reassessed solely on the basis of re-submitted coursework. There is no repeat written examination.

The University reserves the right to alter the nature and timings of assessment

 

Module Workload

Workload: Full Time
Workload Type Contact Type Workload Description Frequency Average Weekly Learner Workload Hours
Lecture Contact Lecture delivering theory underpinning learning outcomes. Every Week 4.00 4
Lab Contact Lab to support learning outcomes. Every Week 2.00 2
Independent & Directed Learning (Non-contact) Non Contact Independent study. Every Week 8.00 8
Total Hours 14.00
Total Weekly Learner Workload 14.00
Total Weekly Contact Hours 6.00
Workload: Part Time
Workload Type Contact Type Workload Description Frequency Average Weekly Learner Workload Hours
Lecture Contact Lecture delivering theory underpinning learning outcomes. Every Week 4.00 4
Lab Contact Lab to support learning outcomes. Every Week 2.00 2
Independent & Directed Learning (Non-contact) Non Contact Independent study. Every Week 8.00 8
Total Hours 14.00
Total Weekly Learner Workload 14.00
Total Weekly Contact Hours 6.00
 
Module Resources
Recommended Book Resources
  • Peter Kim. (2015), The Hacker Playbook 2: Practical Guide To Penetration Testing, CreateSpace Independent Publishing Platform, [ISBN: 1512214566].
  • Rafay Baloch. (2014), Ethical Hacking and Penetration Testing Guide, Auerbach Publications, [ISBN: 1482231611].
  • Dafydd Stuttard. (2011), The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd. Wiley, [ISBN: 0470170778].
  • Ben Clark. (2014), Rtfm: Red Team Field Manual, 1. CreateSpace Independent Publishing Platform, [ISBN: 1494295504].
Recommended Article/Paper Resources
  • Mainka, Christian, Juraj Somorovsky, and Jörg Schwenk.. (2012), Penetration testing tool for web services security., IEEE Eighth World Congress on Services.
Supplementary Article/Paper Resources
  • Büchler, Matthias, Johan Oudinet, and Alexander Pretschner.. (2012), Semi-automatic security testing of web applications from a secure model., IEEE Sixth International Conference on Software Security and Reliability.
Other Resources
 
Module Delivered in
Programme Code Programme Semester Delivery
CR_KINSE_9 Master of Science in Cybersecurity 2 Mandatory
CR_KINSY_9 Postgraduate Diploma in Science in Cybersecurity 2 Mandatory