Ethical hacking can be defined as the security practice in which a security expert attempts to break into a system, simulating the actions of a malicious cyber-attacker. These techniques play an essential role in checking for weaknesses and entry points in networks and infrastructures. This practice, in fact, helps the identification of security vulnerabilities which can then be resolved before a malicious attacker has the opportunity to exploit them. To achieve this goal, the security expert needs to use the same methods a malicious attacker would use. Given the value of ethical hacking, especially considering the damage caused by a successful malicious attack, there is an increasing interest in this field.
The seminar consists of two hands-on lectures in which the participants will have the opportunity to perform different types of attacks going from passive techniques, such as network sniffing, to active attacks, such as a man-in-the-middle attack aiming at password sniffing. The attacks will be performed exploiting virtual machinesto mimic the victim and attacker computers. The virtual machine configuration, as well as the theory concepts associated to the considered attacks will be discussed during the seminar. However, the virtual machine installation has to be performed before the seminar day. For this reason, a tutorial for the required installations is provided here.