>
Course Unit Title | Course Unit Code | Type of Course Unit | Level of Course Unit | Year of Study | Semester | ECTS Credits |
---|---|---|---|---|---|---|
Penetration Testing and Vulnerability Assesment | BLM612 | Elective | Doctorate degree | 1 | Spring | 8 |
Prof. Dr. Yaşar BECERİKLİ
Prof. Dr. Nevcihan DURU
1) Discusses whether white hat (ethical) hackers can and can do legally.
2) Determines and plans the extent of penetration testing.
3) Scans the target network using up-to-date scanning techniques.
4) Detects vulnerabilities in target systems using vulnerability analysis tools.
5) Detects vulnerabilities in Microsoft and Linux Operating System.
6) Exploit vulnerabilities identified using vulnerability exploitation tools and exploitation codes.
7) Attack passwords after the exploitation phase.
8) Reports the findings obtained in the penetrations test.
9) Detect and bypass security controls, such as firewalls and intrusion prevention systems.
10) Sets a virtual penetration testing lab.
Program Competencies | |||||||||||||
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | ||
Learning Outcomes | |||||||||||||
1 | Low | Middle | Low | No relation | Middle | Middle | Middle | Low | Low | No relation | Low | Low | |
2 | Low | Low | Middle | Middle | Middle | Middle | Middle | Middle | Middle | Middle | Middle | Low | |
3 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
4 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
5 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
6 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
7 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
8 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
9 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
10 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation |
Face to Face
None
Not Required
Introduction to penetration testing. Penetration testing planning: determining scope and rules of engagement documentation. Penetration testing tools: setting up virtual up and toolset. Reconnaissance phase: open source intelligence, information gathering, correlation, verification, and prioritization. Scanning phase: enumeration, port scanning, and vulnerability analysis. Exploitation phase: manual exploitation, password cracking and Metasploit framework. Post-exploitation phase: Data gathering, network analysis, maintaining access, pivoting. Reporting phase: penetration test report structure and components. Bypassing security controls and avoiding detection.
Turkish
Not Required