Professional Documents
Culture Documents
Internship Document For College
Internship Document For College
PROJECT REPORT
FORMAT
For
BCA 5th Semester
SUBMITTED BY:
Avinash
Mankotia
(01120602020)
Batch: 2020-2023
PROJECT GUIDE:
Ms. Sweety ( BCA Dept)
NAME: Avinash
ENROLLMENT NO.: 01120602020
ACKNOWLEDGEMENT
First, I would like to thank Mr. Shivam Aggarwal of UPTOSKILLS India for giving me
the opportunity to do an internship within the organization.
I also would like all the people that worked along with me UPTOSKILLS India with their
patience and openness they created an enjoyable working environment.
It is indeed with a great sense of pleasure and immense sense of gratitude that I
acknowledge the help of these individuals.
I am highly indebted to Director of Tecnia institute of advanced studies Dr. Ajay Kumar,
for the facilities provided to accomplish this internship. I would like to thank my Head of
the Department Dr. Deepak Sonkar for his constructive criticism throughout my
internship.
I am extremely great full to my department staff members and friends who helped me in
successful completion of this internship.
And I am extremely thankful to my faculty guide Ms. Sania Kukkar for her immense
support and guidance.
ABSTRACT
In UPTOSKILLS we got to know and learn a lot of new things in Cyber Security and also learned about
the corporate culture. Every intern was assigned a task in the morning and was asked to devote 6 hours
and 6 days a week. The organisation offered us flexible working hours and the leaders were very
supportive and polite. Not just they taught us a lot in the Cyber Security but also taught us about team
work, leadership and working under pressure. We developed many small and big projects during this 3-
month internship. The learning was not just new to us but was also very fun. The first task of this
internship was to assimilate about networks which included various topologies, media, IP Addressing,
VLSM, CIDR, Subnetting, Protocols, TCP/IP Applications and Services. The second task was to master
Linux Administration and Commands, Security Policies, Physical Security, Risk Management, Threat
Modelling and Incident Management. The next task included deep knowledge of Foot printing and
Reconnaissance, Scanning Networks, Enumeration, Vulnerability Analysis, Sniffing. Social Engineering,
Evading IDS, Firewalls and Honeypots, Hacking Wireless Networks, IOT Hacking, Cloud Computing
and Cryptography. During my internship period a number of approaches and exposure methods were used
which included hands on training, various reading materials, Exposure to Cyber Security Industries and
conducting various penetration tests on websites. My responsibilities included me to have deep
knowledge of Linux operating systems and concepts related to hacking as mentioned above and a
profound understanding in various Cyber security tools.
CONTENTS
S No Topic Page
No
1. Brief Description of the Organization 1
2. Systems Analysis of Existing System 2
1 System specification
2 Tools and Technology
3. AIM 6
4. Execution 6
1
System/Project Requirement Specification
1, System specification
Hardware requirement:
The most common set of requirements defined by any operating system or software
application is the physical computer resources, also known as hardware, A hardware
requirements list is often accompanied by a hardware compatibility list (HCL),
especially in case of Operating systems. An HCL lists tested, compatible, and
sometimes incompatible hardware devices for a particular operating system or
application.
• Processor: 2.30 gigahertz (GHz) or faster.
• RAM: 8 gigabyte (GB) or more.
• Hard disk space: 512 GB (64-bit) or more.
Software Requirement:
2
2 TOOLS AND TECHNOLOGIS
1. Nmap/Zenmap (Scanning)
2. Metasploit
3. SQLMAP
Nmap/Zenmap
Metasploit
3
1. Auxiliaries
Auxiliaries are the modules that make Metasploit so easy to work with. A Metasploit
auxiliary is nothing but a specific piece of code written to perform a particular task.
For example, it can be used to check if we can access an FTP server anonymously or
to check if the webserver is vulnerable to a heart bleed attack. In fact, Metasploit has
more than 1,000 auxiliary modules that perform various tasks like scanning, fuzzing,
sniffing, and much more. These auxiliary modules are classified into 19 categories.
2. Payloads
You have already learned in the above topic that an exploit is a piece of code
that will be used against the component that is vulnerable. The exploit code
may run successfully, but what do you want to do once the exploit is
successfully defined by the payload. In simple terms, a payload can be defined
as the action that needs to be performed after the complete execution of an
exploit.
3. Exploits
4. Encoders
Metasploit helps you in generating a wide variety of payloads that you can
send to the target in multiple ways to perform any task. In the process, it is
quite possible that your payload gets detected by any of the security software
present on the target system or antivirus software. This is where encoders
came into work. Encoders use various algorithms and techniques to obscure
the payload in a way that it doesn’t get detected by antivirus software.
4
5. Post-Exploitation Activities (Post)
Once you have gained access to your target system using any of the available
exploits and here, we are talking about basic access, you can make use of the
post modules to further infiltrate the target system. These operations are
mostly done in Cyber Events with complete permissions and must be done in
an Ethical way. With the help of these modules, you can perform the
following post-exploitation activities:
Escalating user privileges to administrator or root.
Retrieving the system credentials
Stealing cookies and saved credentials
Capturing keystrokes on the target system
Executing custom Power Shell scripts for performing
SQLMAP
5
AIM
Try to login in website without Username or Password and also create
backdoors in website.
EXACUATION
Scanning
6
7
Searching for Database Table and get some vulnerability.
8
9
11
12
13
15
Adding backdoor in website.
16
17
CONCLUSION
18