Difference between revisions of "Ethical Hacking"

Revision as of 07:54, 19 October 2024

Outline kuliah Ethical Hacking untuk 15 modul dengan fokus pada pengetahuan praktis dan skill hacking. Tiap pertemuan menggabungkan teori dan hands-on lab untuk mengembangkan keterampilan secara bertahap:

Pengantar Ethical Hacking

[[Definisi Ethical Hacking {en}]]
[[Peran dan Tanggung Jawab Ethical Hacker {en}]]
[[Legalitas, Etika, dan Hukum terkait Hacking {en}]]
[[Perangkat Tool dan Lingkungan Kerja (VM, Kali Linux) {en}]]
[[Hands-on: Setup Lab dan Lingkungan Testing Aman {en}]]

Metodologi Penetration Testing

[[Fase Penetration Testing (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks) {en}]]
[[Standar Penetration Testing (OWASP, NIST) {en}]]
[[Hands-on: Membuat Rencana Penetration Testing {en}]]

Reconnaissance (Information Gathering)

[[Teknik Open Source Intelligence (OSINT) {en}]]
[[Passive dan Active Reconnaissance {en}]]
[[Tools: WHOIS, dig, Maltego, Google Dorking {en}]]
[[Hands-on: Pengumpulan Informasi Target secara Pasif {en}]]

Scanning dan Enumeration

[[Network Scanning: Nmap, Netcat {en}]]
[[Vulnerability Scanning: OpenVAS, Nessus {en}]]
[[Enumeration Services: SMB, SNMP, FTP, HTTP {en}]]
[[Hands-on: Identifikasi Port, Services, dan Vulnerability Target {en}]]

Exploitation Basics

[[Pengertian Eksploitasi {en}]]
[[Memahami Common Vulnerabilities (CVE) {en}]]
[[Membuat Exploit sederhana berdasarkan CVE {en}]]
[[Memilih dan Memodifikasi Exploit {en}]]
[[Tools: Metasploit Framework {en}]]
[[Hands-on: Menggunakan Metasploit untuk Eksploitasi {en}]]

Web Application Hacking - Bagian 1

[[Konsep HTTP, Session, dan Cookies {en}]]
[[Vulnerabilities umum: SQL Injection, XSS {en}]]
[[Tools: Burp Suite, OWASP ZAP {en}]]
[[Hands-on: Eksploitasi SQL Injection pada Aplikasi Web {en}]]

Web Application Hacking - Bagian 2

[[CSRF (Cross-Site Request Forgery) {en}]]
[[RCE (Remote Code Execution) {en}]]
[[Directory Traversal, File Inclusion {en}]]
[[Hands-on: Menggunakan Burp Suite untuk Menganalisis dan Mengeksploitasi Web App {en}]]

Password Cracking dan Authentication Bypass

[[Teknik Password Cracking (Brute Force, Dictionary, Rainbow Table) {en}]]
[[Bypass Authentication: Vulnerable Login Forms {en}]]
[[Tools: John the Ripper, Hydra {en}]]
[[Hands-on: Password Cracking dan Authentication Bypass {en}]]

Wireless Network Hacking

[[Teknik dan Protokol Wireless (WEP, WPA/WPA2) {en}]]
[[Attacks: Man in The Middle {en}]]
[[Attacks: WEP Cracking, WPA Handshake Capture {en}]]
[[Tools: Aircrack-ng, Wireshark {en}]]
[[Hands-on: Menyerang Wireless Network dan Memecahkan Password WiFi {en}]]

Social Engineering

[[Teknik Social Engineering: Phishing, Pretexting, Baiting {en}]]
[[Email Spoofing dan Spear Phishing {en}]]
[[Tools: Social Engineering Toolkit (SET) {en}]]
[[Hands-on: Simulasi Phishing Attack {en}]]

Privilege Escalation

[[Konsep Privilege Escalation {en}]]
[[Local vs Remote Escalation {en}]]
[[Exploiting Misconfigured Services {en}]]
[[Hands-on: Menaikkan Privilege di Sistem Linux dan Windows {en}]]

Post-Exploitation dan Maintaining Access

[[Backdoors dan Persistence {en}]]
[[Data Exfiltration {en}]]
[[Cleaning Tracks: Log Deletion, Anti-Forensics {en}]]
[[Hands-on: Menginstal Backdoor dan Teknik Persistensi di Sistem Target {en}]]

@@ Line 8: / Line 8: @@
 * [[Perangkat Tool dan Lingkungan Kerja (VM, Kali Linux)]]
 * [[Hands-on: Setup Lab dan Lingkungan Testing Aman]]
+* [[Definisi Ethical Hacking {en}]]
+* [[Peran dan Tanggung Jawab Ethical Hacker {en}]]
+* [[Legalitas, Etika, dan Hukum terkait Hacking {en}]]
+* [[Perangkat Tool dan Lingkungan Kerja (VM, Kali Linux) {en}]]
+* [[Hands-on: Setup Lab dan Lingkungan Testing Aman {en}]]
 ==Metodologi Penetration Testing==
@@ Line 13: / Line 21: @@
 * [[Standar Penetration Testing (OWASP, NIST)]]
 * [[Hands-on: Membuat Rencana Penetration Testing]]
+* [[Fase Penetration Testing (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks) {en}]]
+* [[Standar Penetration Testing (OWASP, NIST) {en}]]
+* [[Hands-on: Membuat Rencana Penetration Testing {en}]]
 ==Reconnaissance (Information Gathering)==
@@ Line 19: / Line 31: @@
 * [[Tools: WHOIS, dig, Maltego, Google Dorking]]
 * [[Hands-on: Pengumpulan Informasi Target secara Pasif]]
+* [[Teknik Open Source Intelligence (OSINT) {en}]]
+* [[Passive dan Active Reconnaissance {en}]]
+* [[Tools: WHOIS, dig, Maltego, Google Dorking {en}]]
+* [[Hands-on: Pengumpulan Informasi Target secara Pasif {en}]]
 ==Scanning dan Enumeration==
@@ Line 25: / Line 43: @@
 * [[Enumeration Services: SMB, SNMP, FTP, HTTP]]
 * [[Hands-on: Identifikasi Port, Services, dan Vulnerability Target]]
+* [[Network Scanning: Nmap, Netcat {en}]]
+* [[Vulnerability Scanning: OpenVAS, Nessus {en}]]
+* [[Enumeration Services: SMB, SNMP, FTP, HTTP {en}]]
+* [[Hands-on: Identifikasi Port, Services, dan Vulnerability Target {en}]]
 ==Exploitation Basics==
@@ Line 33: / Line 57: @@
 * [[Tools: Metasploit Framework]]
 * [[Hands-on: Menggunakan Metasploit untuk Eksploitasi]]
+* [[Pengertian Eksploitasi {en}]]
+* [[Memahami Common Vulnerabilities (CVE) {en}]]
+* [[Membuat Exploit sederhana berdasarkan CVE {en}]]
+* [[Memilih dan Memodifikasi Exploit {en}]]
+* [[Tools: Metasploit Framework {en}]]
+* [[Hands-on: Menggunakan Metasploit untuk Eksploitasi {en}]]
 ==Web Application Hacking - Bagian 1==
@@ Line 39: / Line 70: @@
 * [[Tools: Burp Suite, OWASP ZAP]]
 * [[Hands-on: Eksploitasi SQL Injection pada Aplikasi Web]]
+* [[Konsep HTTP, Session, dan Cookies {en}]]
+* [[Vulnerabilities umum: SQL Injection, XSS {en}]]
+* [[Tools: Burp Suite, OWASP ZAP {en}]]
+* [[Hands-on: Eksploitasi SQL Injection pada Aplikasi Web {en}]]
 ==Web Application Hacking - Bagian 2==
@@ Line 45: / Line 81: @@
 * [[Directory Traversal, File Inclusion]]
 * [[Hands-on: Menggunakan Burp Suite untuk Menganalisis dan Mengeksploitasi Web App]]
+* [[CSRF (Cross-Site Request Forgery) {en}]]
+* [[RCE (Remote Code Execution) {en}]]
+* [[Directory Traversal, File Inclusion {en}]]
+* [[Hands-on: Menggunakan Burp Suite untuk Menganalisis dan Mengeksploitasi Web App {en}]]
 ==Password Cracking dan Authentication Bypass==
@@ Line 51: / Line 93: @@
 * [[Tools: John the Ripper, Hydra]]
 * [[Hands-on: Password Cracking dan Authentication Bypass]]
+* [[Teknik Password Cracking (Brute Force, Dictionary, Rainbow Table) {en}]]
+* [[Bypass Authentication: Vulnerable Login Forms {en}]]
+* [[Tools: John the Ripper, Hydra {en}]]
+* [[Hands-on: Password Cracking dan Authentication Bypass {en}]]
 ==Wireless Network Hacking==
@@ Line 58: / Line 106: @@
 * [[Tools: Aircrack-ng, Wireshark]]
 * [[Hands-on: Menyerang Wireless Network dan Memecahkan Password WiFi]]
+* [[Teknik dan Protokol Wireless (WEP, WPA/WPA2) {en}]]
+* [[Attacks: Man in The Middle {en}]]
+* [[Attacks: WEP Cracking, WPA Handshake Capture {en}]]
+* [[Tools: Aircrack-ng, Wireshark {en}]]
+* [[Hands-on: Menyerang Wireless Network dan Memecahkan Password WiFi {en}]]
 ==Social Engineering==
@@ Line 64: / Line 120: @@
 * [[Tools: Social Engineering Toolkit (SET)]]
 * [[Hands-on: Simulasi Phishing Attack]]
+* [[Teknik Social Engineering: Phishing, Pretexting, Baiting {en}]]
+* [[Email Spoofing dan Spear Phishing {en}]]
+* [[Tools: Social Engineering Toolkit (SET) {en}]]
+* [[Hands-on: Simulasi Phishing Attack {en}]]
 ==Privilege Escalation==
@@ Line 70: / Line 132: @@
 * [[Exploiting Misconfigured Services]]
 * [[Hands-on: Menaikkan Privilege di Sistem Linux dan Windows]]
+* [[Konsep Privilege Escalation {en}]]
+* [[Local vs Remote Escalation {en}]]
+* [[Exploiting Misconfigured Services {en}]]
+* [[Hands-on: Menaikkan Privilege di Sistem Linux dan Windows {en}]]
 ==Post-Exploitation dan Maintaining Access==
@@ Line 76: / Line 144: @@
 * [[Cleaning Tracks: Log Deletion, Anti-Forensics]]
 * [[Hands-on: Menginstal Backdoor dan Teknik Persistensi di Sistem Target]]
+* [[Backdoors dan Persistence {en}]]
+* [[Data Exfiltration {en}]]
+* [[Cleaning Tracks: Log Deletion, Anti-Forensics {en}]]
+* [[Hands-on: Menginstal Backdoor dan Teknik Persistensi di Sistem Target {en}]]
 ==Mobile Hacking==