Presentation and workshop documents are linked from the table below. The lecture presentations are available as pdf documents with 1 page per sheet (click e.g. L01) or as pdf handouts with 4 pages per sheet (click e.g. H01). The workshop presentations are available for the tasks (click e.g. W01) and for the solutions (click e.g. WS01). All lectures and workshops are recorded as podcasts. Podcasts can be downloaded from the table (click e.g. PL01, PW01).
All the lectures and workshops will be presented with Zoom:
| Week Date Type |
L# | Topic | Podcast | For interested |
Home exam tasks |
|---|---|---|---|---|---|
|
W35 Lect. |
L01 |
Basis of ethical hacking, general information gathering. Laszlo Erdodi |
|
|
|
|
W35 WS |
|
Tasks on general information gathering, obtaining key information, documents, hidden web content. |
|
WH01 | |
|
W36 Lect. |
L02 |
Technical information gathering, identifying the network of the target. Laszlo Erdodi |
|||
|
W36 WS |
|
Tasks on collecting network information, identifying the ip ranges of the target. Laszlo Erdodi |
|
WH02 | |
|
W37 Lect. |
L03 |
Network reconnaissance, port scanning. Laszlo Erdodi |
|
Nmap port scanning | |
|
W37 WS |
|
Port scanning the practice network, finding services. Laszlo Erdodi |
|
WH03 | |
|
W38 Lect. |
L04 |
Get in touch with the services: attacking ftp, smtp, dns, ssh. |
|||
|
W38 WS |
W04 | Attacking services in the practice network. Laszlo Erdodi |
|
WH04 | |
|
W39 Lect. |
L05 | Web hacking basis: client side bypass, tampering data, brute-forcing. Laszlo Erdodi |
|
||
|
W39 WS |
W05 | Attacking webpages in the practice network. Laszlo Erdodi |
|
WH05 | |
|
W40 Lect. |
L06 | Web hacking on the client side: Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks. Laszlo Erdodi |
|||
|
W40 WS |
W06 | Attacking webpages in the practice network. Laszlo Erdodi |
|
WH06 | |
|
W41 Lect. |
L07 | Sql injection, Xpath injection, Server side template injection, File inclusion. Laszlo Erdodi |
|||
|
W41 WS |
W07 |
Attacking webpages in the practice network. |
|
||
|
W42 Lect. |
L08 | Software vulnerability exploitation: stack overflow, Return Oriented Programming. Laszlo Erdodi |
|||
|
W42 WS |
Writing basic exploits for vulnerabilities. Laszlo Erdodi |
|
|||
|
W43 Lect. |
L09 | Software vulnerability exploitation 2: attacking the heap, using metasploit for exploitation. Laszlo Erdodi |
|
||
|
W43 WS |
W09
|
Metasploit practice. |
|
||
|
W44 Lect. |
Software fuzzing Social Engineering UiO-Hacking-Arena{Welc0me_t0_IN5290}
|
|
|||
|
W44 WS |
Social engineering practice |
|
|||
|
W45 Lect. |
L11
|
Internal network hacking: Sniffing the traffic, ARP poisoning, DNS poisoning.
|
|
||
|
W45 WS |
W11
|
ARP poisoning in the target network. Laszlo Erdodi |
|||
|
W46 Lect. |
L12 |
Offline password cracking.
|
|||
|
W46 WS |
Cracking hashes with different techniques. Trond Arne S?rby, Solveig Bruvoll
|
|
|||
|
W47 Lect. |
L13 |
Wireless hacking, Review, Sample exam Laszlo Erdodi |
|
||
|
W47 WS |
Supervision, Exam preparation |
||||
|
|
|
||||
|
|
|
|
|||
Back to IN5290 2020 main page.