Course Information


Course Information
Course Title Code Semester L+U Hour Credits ECTS
PENETRATION TESTING SGM201 3. Semester 3 + 2 4.0 6.0

Prerequisites None

Language of Instruction Turkish
Course Level Associate's Degree
Course Type Compulsory
Mode of delivery
Course Coordinator
Instructors Mehmet Batuhan ÖZDAŞ
Assistants
Goals The aim of this course is to provide students with the basic principles of penetration testing. Thanks to this course, students will learn the tools required for penetration testing and the basic commands of operating systems. They will improve their programming skills with the coding to be applied in the course, and they will have the ability to scan for vulnerabilities in operating systems in web environments. In addition, they will learn about cyber-attacks and take ethical hacking courses.
Course Content Reconnaissance and Information Gathering, Network Scanning (NMAP), Vulnerability Scanning, Web Penetration Testing, Social Engineering, Bug Bounty
Learning Outcomes 1) Testing of vulnerable operating systems, vulnerability scanning, and scanning for vulnerabilities on the network.
2) Ability to carry out cyber-attacks to test network security, system security, and password security. Ability to penetrate the system by finding security vulnerabilities in various applications. Ability to bypass various antiviruses.
3) Ability to penetrate the system using the human factor. Gaining knowledge about ethical rules.

Weekly Topics (Content)
Week Topics Teaching and Learning Methods and Techniques Study Materials
1. Week Basic Concepts Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
2. Week Installation of Required Operating Systems Lecture; Question Answer; Discussion
Brainstorming
Project Based Learning; Problem Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
3. Week Discovery and Information Gathering Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
4. Week Network Scanning (NMAP) Lecture; Question Answer; Problem Solving; Discussion
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Activity (Web Search, Library Work, Trip, Observation, Interview etc.) Seminar
5. Week Vulnerability Scanning and Exploitation Lecture; Question Answer; Problem Solving; Discussion
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Project (Including Preparation and presentation Time) Seminar
6. Week Web Application Vulnerabilities Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
7. Week Web Application Vulnerabilities Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Homework Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
8. Week Midterm Exam Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
9. Week Web Penetration Testing Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
10. Week Web Penetration Testing Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Homework Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
11. Week Password Cracking in Ethical Hacking Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Homework Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
12. Week Social Engineering and Phishing Attack Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
13. Week Antivirus bypass techniques Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
14. Week Bug Bounty Lecture; Question Answer; Problem Solving; Discussion; Case Study
Brainstorming
Project Based Learning; Problem Based Learning; Case Based Learning
Presentation (Including Preparation Time) Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar

Sources Used in This Course
Recommended Sources
Andy Gill, Breaking into Information Security: Learning the Ropes 101, 2017.
David Kennedy, Jim O’Gorman, Devon Kearns, Mati Aharoni, Metasploit: The Penetration Tester’s Guide, 1st Edition, No Starch Press, Inc., 2011.
Georgia Weidman, Penetration Testing: A Hands-on Introduction to Hacking, No Starch Press, Inc., 2014.

ECTS credits and course workload
Event Quantity Duration (Hour) Total Workload (Hour)
Course Duration (Total weeks*Hours per week) 14 3
Work Hour outside Classroom (Preparation, strengthening) 14 5
Homework 3 4
Practice (Teaching Practice, Music/Musical Instrument Practice , Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) 14 2
Quiz 3 1
Midterm Exam 1 2
Time to prepare for Midterm Exam 1 8
Final Exam 1 2
Time to prepare for Final Exam 1 13
Total Workload
Total Workload / 30 (s)
ECTS Credit of the Course
Quick Access Hızlı Erişim Genişlet
Course Information