Ethical Hacking

From OnnoWiki
Jump to navigation Jump to search

Outline kuliah Ethical Hacking untuk 15 modul dengan fokus pada pengetahuan praktis dan skill hacking. Tiap pertemuan menggabungkan teori dan hands-on lab untuk mengembangkan keterampilan secara bertahap:

Pengantar Ethical Hacking


  • [[Definisi Ethical Hacking {en} ]]
  • [[Peran dan Tanggung Jawab Ethical Hacker {en} ]]
  • [[Legalitas, Etika, dan Hukum terkait Hacking {en} ]]
  • [[Perangkat Tool dan Lingkungan Kerja (VM, Kali Linux) {en} ]]
  • [[Hands-on: Setup Lab dan Lingkungan Testing Aman {en} ]]

Metodologi Penetration Testing

  • [[Fase Penetration Testing (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks) {en}]]
  • [[Standar Penetration Testing (OWASP, NIST) {en}]]
  • [[Hands-on: Membuat Rencana Penetration Testing {en}]]

Reconnaissance (Information Gathering)

  • [[Teknik Open Source Intelligence (OSINT) {en}]]
  • [[Passive dan Active Reconnaissance {en}]]
  • [[Tools: WHOIS, dig, Maltego, Google Dorking {en}]]
  • [[Hands-on: Pengumpulan Informasi Target secara Pasif {en}]]


Scanning dan Enumeration

  • [[Network Scanning: Nmap, Netcat {en}]]
  • [[Vulnerability Scanning: OpenVAS, Nessus {en}]]
  • [[Enumeration Services: SMB, SNMP, FTP, HTTP {en}]]
  • [[Hands-on: Identifikasi Port, Services, dan Vulnerability Target {en}]]


Exploitation Basics

  • [[Pengertian Eksploitasi {en}]]
  • [[Memahami Common Vulnerabilities (CVE) {en}]]
  • [[Membuat Exploit sederhana berdasarkan CVE {en}]]
  • [[Memilih dan Memodifikasi Exploit {en}]]
  • [[Tools: Metasploit Framework {en}]]
  • [[Hands-on: Menggunakan Metasploit untuk Eksploitasi {en}]]

Web Application Hacking - Bagian 1

  • [[Konsep HTTP, Session, dan Cookies {en}]]
  • [[Vulnerabilities umum: SQL Injection, XSS {en}]]
  • [[Tools: Burp Suite, OWASP ZAP {en}]]
  • [[Hands-on: Eksploitasi SQL Injection pada Aplikasi Web {en}]]

Web Application Hacking - Bagian 2

  • [[CSRF (Cross-Site Request Forgery) {en}]]
  • [[RCE (Remote Code Execution) {en}]]
  • [[Directory Traversal, File Inclusion {en}]]
  • [[Hands-on: Menggunakan Burp Suite untuk Menganalisis dan Mengeksploitasi Web App {en}]]


Password Cracking dan Authentication Bypass

  • [[Teknik Password Cracking (Brute Force, Dictionary, Rainbow Table) {en}]]
  • [[Bypass Authentication: Vulnerable Login Forms {en}]]
  • [[Tools: John the Ripper, Hydra {en}]]
  • [[Hands-on: Password Cracking dan Authentication Bypass {en}]]


Wireless Network Hacking

  • [[Teknik dan Protokol Wireless (WEP, WPA/WPA2) {en}]]
  • [[Attacks: Man in The Middle {en}]]
  • [[Attacks: WEP Cracking, WPA Handshake Capture {en}]]
  • [[Tools: Aircrack-ng, Wireshark {en}]]
  • [[Hands-on: Menyerang Wireless Network dan Memecahkan Password WiFi {en}]]


Social Engineering

  • [[Teknik Social Engineering: Phishing, Pretexting, Baiting {en}]]
  • [[Email Spoofing dan Spear Phishing {en}]]
  • [[Tools: Social Engineering Toolkit (SET) {en}]]
  • [[Hands-on: Simulasi Phishing Attack {en}]]


Privilege Escalation

  • [[Konsep Privilege Escalation {en}]]
  • [[Local vs Remote Escalation {en}]]
  • [[Exploiting Misconfigured Services {en}]]
  • [[Hands-on: Menaikkan Privilege di Sistem Linux dan Windows {en}]]


Post-Exploitation dan Maintaining Access

  • [[Backdoors dan Persistence {en}]]
  • [[Data Exfiltration {en}]]
  • [[Cleaning Tracks: Log Deletion, Anti-Forensics {en}]]
  • [[Hands-on: Menginstal Backdoor dan Teknik Persistensi di Sistem Target {en}]]



Mobile Hacking

Capture The Flag (CTF) Challenge dan Review

Report Penetration Test