EMATE 2.0 Cybersecurity

This material was developed with funding from the
National Science Foundation under Grant # DUE 1601612

E-mate Contact Information:
Michael Qaissaunee
PI, E-MATE and E-MATE 2.0
Brookdale Community College
765 Newman Springs Road
Lincroft, NJ 07738
mqaissaunee@brookdalecc.edu

Subject Matter Expert Contact Information:
Jaime Mahoney
profjmahoney@gmail.com

HTML5 Animation Developer Contact Information:
Malcolm Johnstone
Learnobject, LLC
mal@learnobject.com

Note: Instructors please send individual links to the animations below to your students. Do not send them the link to this page unless you want them to see the answers to the Ethical Hacking Exams.

Faculty, please complete the Ethical Hacking Exam survey at the link below.

https://forms.gle/XGMQnNAQudyzvo4H7

Pen Testing

https://mirrorlearning.org/emate2/pen_testing/pub/pen_testing/Assets/index.html

Encryption

https://mirrorlearning.org/emate2/encryption/pub/encryption/Assets/index.html

Ethical Hacking Exam Version 2B

https://mirrorlearning.org/emate2/EH_exam_2B/pub/EH_exam_2B/Assets/index.html

SLOs:

1. Perform port scanning by downloading nmap and using it to port scan a web server (scan Pinterest)
2. Identify exploit as Session Hijacking and examine HTTP traffic using a screenshot of Wireshark showing session hijacking
3. Use sites that can be used for passive reconnaissance, specifically http://netcraft.com to look up a web server OS
4. Find type of encryption being used to secure the connection and cookies being used by website
5. Recommend what the target company should do to secure their site from this exploit in the future
6. Demonstrate problem solving skills

ANSWERS:

1. Client – “Flickr”
2. Host of Client Site – “Akamai”
3. Web Server OS – “Linux”
4. Complete Port Scan of Website – screenshot
5. Encryption used on site - “sha256RSA”
6. View cookies used on site – screenshot
7. Exploit - “cookie hijacking” or “session hijacking”

Morse code is melon20

 

 

Ethical Hacking Exam Version 2A

https://mirrorlearning.org/emate2/EH_exam_2A/pub/EH_exam_2A/Assets/index.html

SLOs:

1. Perform port scanning by downloading nmap and using it to port scan a web server (scan Pinterest)
2. Identify exploit as Session Hijacking and examine HTTP traffic using a screenshot of Wireshark showing session hijacking
3. Use sites that can be used for passive reconnaissance, specifically http://netcraft.com to look up a web server OS
4. Find type of encryption being used to secure the connection and cookies being used by website
5. Recommend what the target company should do to secure their site from this exploit in the future
6. Demonstrate problem solving skills

ANSWERS:

1. Client – “Pinterest”
2. Host of Client Site – “Akamai”
3. Web Server OS – “Linux”
4. Complete Port Scan of Website – screenshot
5. Encryption used on site - “sha256RSA”
6. View cookies used on site – screenshot
7. Exploit - “cookie hijacking” or “session hijacking”

 

Ethical Hacking Exam Version 1B

https://mirrorlearning.org/emate2/EH_exam_1B/pub/EH_exam_1B/Assets/index.html

SLOs:

1. Use Google hacking to get a password to an email address
2. Apply social engineering (pretexting/phishing) to the situation
3. Analyze the situation and explain what the exploit is
4. Use a device’s command line tools to determine it’s IP version 4 address
5. Decode an encrypted message
6. Use Google reverse image search
7. Demonstrate problem solving skills

Answers:

1. Window Message: Use google hacking to get the password for mermecles@gmail.com to open the locked box.

2. Computer Commands 1 and 2:
cmd
ipconfig /all

3. Computer 3 search box: gmail.com

4. Cipher: LUMP

5. Case Folder
#1: Exploit
ANS: “spoofed website” OR “spoofed site” OR “phishing”

6. #2: Hacker’s name
ANS: “Grant West”

7. #3: Assigned task
ANS: Write an email to direct users to the site. Email must include the spoofed web address: “www.aple.com”

 

Ethical Hacking Exam 1A

https://mirrorlearning.org/emate2/EH_exam_1A/pub/EH_exam_1A/Assets/index.html

 

Ethical Hacking Exam 1A

SLOs:

1. Use Google hacking to get a password to an email address
2. Apply social engineering (pretexting/phishing) to the situation
3. Analyze the situation and explain what the exploit is
4. Use a device’s command line tools to determine it’s MAC address
5. Decode an encrypted message
6. Use Google reverse image search
7. Demonstrate problem solving skills

Answers:

1. Text Message: Use google hacking to get the password for suprboy1@hotmail.com to open the locked box.

2. Computer Commands 1 and 2:
cmd
ipconfig /all

3. Computer 3 search box: hotmail.com

4. Cipher: GRACE

5. Case Folder
#1: Exploit
ANS: “spoofed website” OR “spoofed site” OR “phishing”

6. #2: Hacker’s name
ANS: “Michael Richo”

7. #3: Assigned task
ANS: Write an email to direct users to the site. Email must include the spoofed web address: “https://ec2-52-204-154-87.compute-1.amazonaws.com/”

 

Stuxnet

https://mirrorlearning.org/emate2/stuxnet/pub/stuxnet/Assets/index.html

 

Meltdown and Spectre

https://mirrorlearning.org/emate2/meltdown_spectre/pub/meltdown_spectre/Assets/index.html

 

Social Engineering

https://mirrorlearning.org/emate2/social_engineering/pub/social_engineering/Assets/index.html

 

Heartbleed

https://mirrorlearning.org/emate2/heartbleed/pub/heartbleed/Assets/index.html

 

Google Hacking

https://mirrorlearning.org/emate2/googlehacking/pub/googlehacking/Assets/index.html

 

Cyber Scenario

https://mirrorlearning.org/emate2/cyber_scenario/pub/cyber_scenario/Assets/index.html

 

Programming Primer

https://mirrorlearning.org/emate2/primer/pub/primer/Assets/index.html

 

Code Injection Attacks Quiz

https://mirrorlearning.org/emate2/codeinjectionquiz/pub/codeinjectionquiz/Assets/index.html

 

Code Injection Attacks

https://mirrorlearning.org/emate2/codeinjection/pub/codeinjection/Assets/index.html

Cross Site Scripting

https://mirrorlearning.org/emate2/crosssitescripting/pub/crosssitescripting/Assets/index.html

 

OS Command Injection Attacks

https://mirrorlearning.org/emate2/oscommandinjection/pub/oscommandinjection/Assets/index.html

 

Buffer Overflow

https://mirrorlearning.org/emate2/bufferoverflow/pub/bufferoverflow/Assets/index.html

 

Spoofing Attacks

https://mirrorlearning.org/emate2/spoofing/pub/spoofing1/Assets/index.html

 

SQL Injection

https://mirrorlearning.org/emate2/SQLinjection/pub/SQLinjection/Assets/index.html

 

Pizza Party

https://mirrorlearning.org/emate2/pizza_party_v7_may_12/pub/EMate_pizzaparty_exercise/EMate_pizzaparty_exercise.html

 

OSI Model

https://mirrorlearning.org/emate2/osimodel1/pub/osimodel1/Assets/index.html

 

Three-way Handshake

https://mirrorlearning.org/emate2/threewayhandshake/pub/threeway_handshake1_audio/Assets/index.html

 

Understanding Addresses

https://mirrorlearning.org/emate2/understanding_addresses/pub/EMate_understanding_addresses/Assets/index.html