Ethical Hacking

From OnnoWiki
Revision as of 07:59, 19 October 2024 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Outline kuliah Ethical Hacking untuk 15 modul dengan fokus pada pengetahuan praktis dan skill hacking. Tiap pertemuan menggabungkan teori dan hands-on lab untuk mengembangkan keterampilan secara bertahap:

Pengantar Ethical Hacking


  • [[Definisi Ethical Hacking <en> ]]
  • [[Peran dan Tanggung Jawab Ethical Hacker <en> ]]
  • [[Legalitas, Etika, dan Hukum terkait Hacking <en> ]]
  • [[Perangkat Tool dan Lingkungan Kerja (VM, Kali Linux) <en> ]]
  • [[Hands-on: Setup Lab dan Lingkungan Testing Aman <en> ]]

Metodologi Penetration Testing

  • [[Fase Penetration Testing (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks) <en>]]
  • [[Standar Penetration Testing (OWASP, NIST) <en>]]
  • [[Hands-on: Membuat Rencana Penetration Testing <en>]]

Reconnaissance (Information Gathering)

  • [[Teknik Open Source Intelligence (OSINT) <en>]]
  • [[Passive dan Active Reconnaissance <en>]]
  • [[Tools: WHOIS, dig, Maltego, Google Dorking <en>]]
  • [[Hands-on: Pengumpulan Informasi Target secara Pasif <en>]]


Scanning dan Enumeration

  • [[Network Scanning: Nmap, Netcat <en>]]
  • [[Vulnerability Scanning: OpenVAS, Nessus <en>]]
  • [[Enumeration Services: SMB, SNMP, FTP, HTTP <en>]]
  • [[Hands-on: Identifikasi Port, Services, dan Vulnerability Target <en>]]


Exploitation Basics

  • [[Pengertian Eksploitasi <en>]]
  • [[Memahami Common Vulnerabilities (CVE) <en>]]
  • [[Membuat Exploit sederhana berdasarkan CVE <en>]]
  • [[Memilih dan Memodifikasi Exploit <en>]]
  • [[Tools: Metasploit Framework <en>]]
  • [[Hands-on: Menggunakan Metasploit untuk Eksploitasi <en>]]

Web Application Hacking - Bagian 1

  • [[Konsep HTTP, Session, dan Cookies <en>]]
  • [[Vulnerabilities umum: SQL Injection, XSS <en>]]
  • [[Tools: Burp Suite, OWASP ZAP <en>]]
  • [[Hands-on: Eksploitasi SQL Injection pada Aplikasi Web <en>]]

Web Application Hacking - Bagian 2

  • [[CSRF (Cross-Site Request Forgery) <en>]]
  • [[RCE (Remote Code Execution) <en>]]
  • [[Directory Traversal, File Inclusion <en>]]
  • [[Hands-on: Menggunakan Burp Suite untuk Menganalisis dan Mengeksploitasi Web App <en>]]


Password Cracking dan Authentication Bypass

  • [[Teknik Password Cracking (Brute Force, Dictionary, Rainbow Table) <en>]]
  • [[Bypass Authentication: Vulnerable Login Forms <en>]]
  • [[Tools: John the Ripper, Hydra <en>]]
  • [[Hands-on: Password Cracking dan Authentication Bypass <en>]]


Wireless Network Hacking

  • [[Teknik dan Protokol Wireless (WEP, WPA/WPA2) <en>]]
  • [[Attacks: Man in The Middle <en>]]
  • [[Attacks: WEP Cracking, WPA Handshake Capture <en>]]
  • [[Tools: Aircrack-ng, Wireshark <en>]]
  • [[Hands-on: Menyerang Wireless Network dan Memecahkan Password WiFi <en>]]


Social Engineering

  • [[Teknik Social Engineering: Phishing, Pretexting, Baiting <en>]]
  • [[Email Spoofing dan Spear Phishing <en>]]
  • [[Tools: Social Engineering Toolkit (SET) <en>]]
  • [[Hands-on: Simulasi Phishing Attack <en>]]


Privilege Escalation

  • [[Konsep Privilege Escalation <en>]]
  • [[Local vs Remote Escalation <en>]]
  • [[Exploiting Misconfigured Services <en>]]
  • [[Hands-on: Menaikkan Privilege di Sistem Linux dan Windows <en>]]


Post-Exploitation dan Maintaining Access

  • [[Backdoors dan Persistence <en>]]
  • [[Data Exfiltration <en>]]
  • [[Cleaning Tracks: Log Deletion, Anti-Forensics <en>]]
  • [[Hands-on: Menginstal Backdoor dan Teknik Persistensi di Sistem Target <en>]]



Mobile Hacking

Capture The Flag (CTF) Challenge dan Review

Report Penetration Test