Following are the two categories for ethical hacking. You can choose any one task from the following two categories.
Category 1:
List of Tasks of Ethical hacking : (Please find the resources that are purposefully meant for ethical hacking)
· DDOS attack (Distributed Denial of Service Attack)
· Man-in the middle attack
· Arp Spoofing
· Arp Poisoning (Using Ettercap tool)
· DNS Spoofing
· SSL Stripping
· Session Hijacking Attack (session ID and Cookie stealing)
· Attacks on Vulnerable Websites
· Weak Passwords cracking
Category 2:
List of tasks to mitigate/prevent the system:
· Detection of DOS attack (Pcap files link: https:
www.unb.ca/cic/datasets/ddos-2019.html)
· Detection of vulnerable websites
· Detection of Deauth/Disassociation packets on Wi-Fi channel using Kismet
· Detection of anomaly detection using Machine Learning (Explore Weka tool, you can get a dataset of DOS attack from this link: https:
www.unb.ca/cic/datasets/ddos-2019.html
· Firewall configuration using ACL rules
· Detection of MIM attack
You may choose one tool for each categorie to make the presentation
Ethical hacking Guidelines: Demonstration of Tool
DEMONSTRATION OF ETHICAL HACKING TOOL AND PRESENTATION
Term-end Submission
Note: During this course, we will be using several network security tools. These tools are legitimate tools
used by network administrators and security professionals for network analysis or security assessment. It is
highly important that you use the network tools that you download only for educational purposes. Never,
intentionally, or otherwise, use any of these tools for malicious purposes or for gaining unauthorized access.
Follow the guidelines and principles of ethical hacking.
Submission Guidelines :
The objective of this task is to explore, learn, and demonstrate one of the ethical hacking tools that security
professionals and experts used for ethical purposes. You are expected to choose one of the tools from a given
list, explore and learn it within the boundary of ethical hacking.
Once you are getting acquainted with the tool, you will need to show step by step demonstration of that tool
using a presentation slide and demonstration. You can do a live demonstration, or you can record your
demonstration and submit it to your instructor to play in front of the class.
You can choose the tool for the listed tasks, but the selection is not limited to the list. Before you will start
exploring a tool, you will have to confirm your tool with your instructor.
Reference Material: To set the expectation, the reference recording and PowerPoint slide of “ implications of
weak passwords and how easily you can crack the weak password of the Wi-Fi access point using a tool
(Airecrack-ng)” is given to you. Follow the same nomenclature while working on your demonstration and
presentation slide.
You can find a reference link on Moodle (Ethical Tool Demonstration/Presentation Section).
XXXXXXXXXXRecording of Demonstration : Consist of recording of demonstration of tool
XXXXXXXXXXPresentation slides 2: PPT slide on Attack on Wi-Fi access point and prevention
Note : Students are encouraged to work on demonstration of tool from the first week of the course.
Here are the steps:
XXXXXXXXXXChose one of the tools from given list or of your choice (You can not demonstrate the usage of
the following tools that we are exploring during labs/assignments.)
a XXXXXXXXXXExclude following tools - Traceroute, Wireshark, Nslookup, Hping3, Snort, NMAP,
Aircrack-ng suite, Airodump-ng
XXXXXXXXXXConfirm your selection with your instructor before start working on it.
XXXXXXXXXXTo enhance your understanding, watch various videos, read reference material on google before
start practical hands-on practice.
XXXXXXXXXXOnce you have enough resources, install/configure the tool. Understand various options.
Ethical hacking Guidelines: Demonstration of Tool
XXXXXXXXXXPrepare a demonstration and presentation slides by considering the following points.
a XXXXXXXXXXOverview of your demonstration: This includes one of the following.
i XXXXXXXXXXHow Security professionals can use this tool for ethical hacking OR
ii. How to gain unauthorized access OR
iii. How to attack the system to learn the weaknesses in the system for mitigation OR
iv. How to prevent the network from attacks.
. Quick overview of installation, system requirement to install and execute the tool
c XXXXXXXXXXDemonstration of your tool
d. Security implications/ mitigations
e XXXXXXXXXXConclusion
Demonstration and Presentation :
You are expected to present your topic in front of your class during the last week of this course by live
demonstration or recording. You have given 5-7 minutes to present your topic. After that, there will be a
quick Q&A round of 2 minutes.
Submission: (What to submit)
• XXXXXXXXXXRecording of the demonstration of your tool
• XXXXXXXXXXPowerPoint slide
Following are the two categories for ethical hacking. You can choose any one task from the following two
categories.
Category 1:
List of Tasks of Ethical hacking : (You can be able to find the resources that are purposefully meant for
ethical hacking)
XXXXXXXXXXDDOS attack (Distributed Denial of Service Attack)
XXXXXXXXXXMan-in the middle attack
XXXXXXXXXXArp Spoofing
XXXXXXXXXXArp Poisoning (Using Ettercap tool)
XXXXXXXXXXDNS Spoofing
XXXXXXXXXXSSL Stripping
XXXXXXXXXXSession Hijacking Attack (session ID and Cookie stealing)
XXXXXXXXXXAttacks on Vulnerable Websites
XXXXXXXXXXWeak Passwords cracking
List of tasks to mitigate/prevent the system:
10. Detection of DOS attack (pcap files link: https:
www.unb.ca/cic/datasets/ddos-2019.html)
11. Detection of vulnerable websites
https:
www.unb.ca/cic/datasets/ddos-2019.html
Ethical hacking Guidelines: Demonstration of Tool
12. Detection of Deauth/Disassociation packets on Wi-Fi channel using Kismet
13. Detection of anomaly detection using Machine Learning (Explore Weka tool, you can get dataset
XXXXXXXXXXof DOS attack from this link: https:
www.unb.ca/cic/datasets/ddos-2019.html )
14. Firewall configuration using ACL rules
15. Detection of MIM attack
https:
www.unb.ca/cic/datasets/ddos-2019.html