VELAGAPUDI RAMAKRISHNA

SIDDHARTHA ENGINEERING COLLEGE::VIJAYAWADA

(AUTONOMOUS)
DEPARTMENT OF IT
MICRO LEVEL SYLLABUS
Class Honors Regulation VR20
Subject Code 20ITH6801B Year & Semester III/IV, 6th semester
Title of the Subject PENETRATION TESTING AND VULNERABILITY ASSESSMENT

Unit Content/Topics Covered Text Chapter/ Page

No (mention Sub Topics as found in books) Book Section No. Number
Unit Vulnerability Management Governance [ T1] Chapter 1 6
I Security basics 1.1 7
The CIA triad 1.1.1 7
Confidentiality 1.1.2 8
Integrity 1.1.3 9
Availability 1.1.4 9
Identification 1.1.5 10
Authentication 1.1.6 10
Authorization 1.1.7 11
Auditing 1.1.8 12
Accounting 1.1.9 13
Non–repudiation 1.1.10 14
Vulnerability 1.1.11 14
Threats 1.1.12 14-15
Exposure 1.1.13 15
Risk 1.1.14 15
Safeguards 1.1.15 16
Attack vectors 1.1.16 16
Understanding the need for security assessments 1.2 17
Types of security tests 1.3 17
Security testing 1.4 18-19
Vulnerability assessment versus penetration testing 1.5 19
Security assessment 1.6 20
Security audit 1.7 20-21
Response to some fraud/incident 1.8 22
Safeguarding/protecting critical infrastructures 1.9 23
Bottom-up 1.10 25
Top-down 1.11 25-26
Vulnerability assessment policy template 1.12 27-29
Penetration testing standards 2 30
Penetration testing lifecycle 2.1 30-32
Industry standards 2.2 32
Open Web Application Security Project testing guide 2.2.1 32-33
(OWASP)
Benefits of the framework 2.2.2 33
Penetration testing execution standard (PTES) 2.3 34
Benefits of the framework 2.3.1 34
Unit Security Assessment Prerequisites [T1] Chapter 3 49
II Target scoping and planning 3.1 50-51
Preparing a detailed checklist of test requirements 3.1.1 51-52
Suitable time frame and testing hours 3.1.2 52-53
 Identifying stakeholders 3.1.3 53-54
Vulnerability Assessment 3.2 55
Deciding upon the type of vulnerability assessment- 3.2.1 55
Types of vulnerability assessment 3.2.2 55
Types of vulnerability assessment based on the 3.2.3 55-57
location
External vulnerability assessment 3.2.3.1 56
Internal vulnerability assessment 3.2.3.2 57
Based on knowledge about 3.3 57-58
environment/infrastructure(Types)
Black-box testing 3.3.1 58
White-box testing 3.3.2 58
Gray-box testing 3.3.3 58
Announced and unannounced testing 3.4 58
Automated testing 3.5 59-60
Authenticated and unauthenticated scans 3.5.1 59
Agentless and agent-based scans 3.5.2 60
Manual testing 3.5.3 60
Estimating the resources and deliverables 3.6 61-64
Preparing a test plan 3.6.1 63-64
Getting approval and signing NDAs 3.6.2 64
Confidentiality and nondisclosure agreements 3.7 65
Unit Information Gathering [T1] Chapter 4 66
III Introduction 4.1 66-67
Passive information gathering 4.1 67
Reverse IP lookup 4.1.2 68-
Site report 4.1.3 68
Site archive and way-back 4.1.4 69
Site metadata 4.1.5 70
Looking for vulnerable systems using Shodan 4.1.6 71-73
Advanced information gathering using Maltego 4.1.7 74-75
theHarvester 4.1.8 75-76
Active information gathering 4.2 77
Active information gathering with SPARTA 4.2.1 77-79
Recon-ng 4.2.2 80-81
Dmitry 4.2.3 82
Gaining Network Access [T1] Chapter 6 104-
Gaining remote access 6.1 104
Direct access 6.2 105
Target behind router 6.3 105
Cracking passwords 6.4 106
Identifying hashes 6.5 107
Cracking Windows passwords 6.6 108
Unit Assessing Web Application Security [T1] Chapter 7 124
IV Importance of web application security testing 7.1 125
Application profiling 7.2 125-26
Common web application security testing tools 7.3 126
Authentication 7.4 126
Credentials over a secure channel 7.5 127-128
Authentication error messages 7.6 128
Password policy 7.7 129
Business logic flaws- 7.8 137-139
Testing for business logic flaws 7.8.1 138
 Auditing and logging. 7.8.2 139
Vulnerability Scoring [T1] Chapter 10 166
Requirements for vulnerability scoring 10.1 166
Vulnerability scoring using CVSS 10.2 167
Exploitability metrics 10.3 168
Attack vector 10.4 168
Attack complexity 10.5 169
Privileges required 10.6 169
User interaction 10.7 170
Scope 10.8 170
Impact metrics 10.9 170
Confidentiality impact 10.9.1 171
Integrity impact 10.9.2 171
Availability impact 10.9.3 171
Report confidence 10.10 173
Text Book:
[T1] Sagar Rahalkar, Network Vulnerability Assessment, Packt, 1st Ed, 2018
Reference Books:
[R1] Andrew Whitaker and Daniel P. Newman, Penetration Testing and Network Defence- The
practical guide to simulating, detecting an responding to network attacks, Cisco Press,
2010.
[R2] Vivek Ramachandran, BackTrack 5 Wireless Penetration Testing, Beginners guide Master
bleeding edge wireless testing techniques with BackTrack 5, PACKT Publishing, 2011.
[R3] Mayor, K.K.Mookey, Jacopo Cervini, Fairuzan Roslan, Kevin Beaver, Metasploit Toolkit
for Penetration Testing, Exploit Development and vulnerability Research, Syngress
publications, Elsevier, 2007.
E-resources and other digital material
[1]. John R Williams, Abel Sanchez , MIT Professional Education, “Cloud DevOps”, 2022
https://professional.mit.edu/course-catalog/cloud-devops-continuous-transformation
[2]. Courseera, “Cloud Application Security”, 2021,
https://www.mooc-list.com/course/cloud-application-security-coursera
[3]. Suresh S, Udemy, “Server Virtualization”, 2021
https://www.udemy.com/tutorial/cloud-computing-the-technical-essentials/basics-of-
virtualization/
[4] Prof.SowmyaKantiGhosh,IITKharagpur, “Cloud Computing”2022
https://nptel.ac.in/courses/106/105/106105167/

Designation Name in Capitals Signature with Date

Course Coordinator Dr.S.SUHASINI

Module Coordinator Dr.S.SUHASINI

Program Coordinator Dr.G.KALYANI

Head of the Department Dr. M.SUNEETHA