Scribd Logo
Upload

Welcome to Scribd!

  • Group Assignment by Wakuma Tasisa and Gizework

    Uploaded by

    Juba
    6 views70 pages

    Original Title

    Group assignment by Wakuma Tasisa and Gizework

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views70 pages

    Group Assignment by Wakuma Tasisa and Gizework

    Uploaded by

    Juba

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 70

    AMBO UNIVERSITY WOLISO CAMPUS

    SCHOOL OF TECHNOLOGY AND INFORMATICS


    DEPARTMENT IF INFORMATION TECHNOLOGY
    MSc 2nd YEAR 1st SEMESTER
    COURSE TITLE: NETWORK SECURITY AND CYBER FORENSICS

    GROUP ASSIGNMEMT

    BY:

    NAME IDNO
    1. WAKUMA GELANA…………………….……….IT-PGR/015/14
    2. TASISA NIGUSSIE…………………………….…IT-PGR/014/1
    3. GIZEWORK MOGES…………………………..………………..IT-PGR/004/14

    SUBMISSION TO: Dr. LUBAK M.

    SUBMISSION DATE: MARCH, 2023


    Table of Contents
    NMAP and ZenMAP .................................................................................................................................... 1
    dnsenum ........................................................................................................................................................ 2
    dnsmap .......................................................................................................................................................... 4
    Port scan ........................................................................................................................................................ 5
    Nikto ............................................................................................................................................................. 9
    metasploit .................................................................................................................................................... 10
    SQL Injection .............................................................................................................................................. 15
    Social engineer for phishing toolkit ............................................................................................................ 21
    Denial of Service (DOS) Attacks using wireshark ..................................................................................... 25
    Burpsuite password attack .......................................................................................................................... 27
    Reverse engineering using dex2jar ............................................................................................................. 37
    Man in the Middle Attack MITM Using Wireshark ................................................................................... 37
    MITM (Man in the Middle) Attack using Bettercap ................................................................................... 43
    Password attacks John the Ripper ............................................................................................................... 47
    Password attacks using cewl ....................................................................................................................... 48
    Cain and Abel Gathering Hashes ................................................................................................................ 49
    Spoofing ...................................................................................................................................................... 52
    Maintaining Access Tools........................................................................................................................... 55
    Forensic Analysis with Autopsy ................................................................................................................. 58
    Gmail id sniffing and spoof ........................................................................................................................ 64

    Page | i
    NMAP and ZenMAP
    NMAP and ZenMAP are useful tools for the scanning phase of Ethical Hacking in Kali Linux.
    NMAP and ZenMAP are practically the same tool, however NMAP uses command line while
    ZenMAP has a GUI.
    To open, go to application  01-information gathering  nmap or zenmap
    Scanning single IP using nmap 10.9.37.125

    Scanning single IP using Zenmap 192.168.29.129

    Page | 1
    dnsenum
    To open, go to application  01-information gathering  DNS Analysis dnsenum

    Page | 2
    Page | 3
    dnsmap
    To open, go to application  01-information gathering  DNS Analysis dnsmap

    Page | 4
    Port scan
    To open, go to application  01-information gathering  Port scan

    Or the second method

    Page | 5
    Page | 6
    Page | 7
    Page | 8
    Nikto
    To open, go to application  02-vulnerability analysis  nikto

    Page | 9
    metasploit
    Exploitation Tools Using Metasploit
    Metasploit is a product of Rapid7 and most of the resources can be found on their web
    page www.metasploit.com. It is available in two versions - commercial and free edition. The
    differences between these two versions is not much hence, in this case we will be using the
    Community version (free).
    To open the Metasploit, go to Applications → Exploitation Tools → Metasploit.

    Page | 10
    Page | 11
    Page | 12
    Page | 13
    Page | 14
    SQL Injection
    SQL Injection on a Live Website Using Sql map

    Page | 15
    Page | 16
    Page | 17
    Page | 18
    Page | 19
    Page | 20
    Social engineer for phishing toolkit
    The Social-Engineer Toolkit (SET) is an open-source penetration testing framework designed
    for social engineering. SET has a number of custom attack vectors that allow you to make a
    believable attack in a fraction of time. These kinds of tools use human behaviors to trick them to
    the attack vectors.
    Step 1 − To open SET, go to Applications → Social Engineering Tools → Click “SET” Social
    Engineering Tool.

    Page | 21
    Page | 22
    Page | 23
    Page | 24
    Denial of Service (DOS) Attacks using wireshark

    Page | 25
    Page | 26
    Burpsuite password attack
    Burpsuite can be used as a sniffing tool between your browser and the webservers
    to find the parameters that the web application uses.
    To open Burpsuite, go to Applications → Web Application Analysis → Burpsuite.

    Page | 27
    Page | 28
    Page | 29
    Page | 30
    Page | 31
    Page | 32
    Page | 33
    Page | 34
    Page | 35
    Page | 36
    Reverse engineering using dex2jar
    To open it, go to Applications → Reverse Engineering → dex2jar

    Man in the Middle Attack MITM Using Wireshark

    To open it, go to Applications → 09-Sniffing & Spoofing → wireshark

    Page | 37
    Page | 38
    Page | 39
    Page | 40
    Page | 41
    Page | 42
    MITM (Man in the Middle) Attack using Bettercap

    Page | 43
    Page | 44
    Page | 45
    Page | 46
    Password attacks John the Ripper
    To open it, go to Applications → Password Attacks → John the Ripper

    Page | 47
    Password attacks using cewl
    To open it, go to Applications → Password Attacks → Cewl

    Page | 48
    Cain and Abel Gathering Hashes

    Page | 49
    Page | 50
    Page | 51
    Spoofing

    Page | 52
    Page | 53
    Page | 54
    Maintaining Access Tools

    Or

    Page | 55
    Page | 56
    Page | 57
    Forensic Analysis with Autopsy

    Page | 58
    Page | 59
    Page | 60
    Page | 61
    Page | 62
    Page | 63
    Gmail id sniffing and spoof

    Page | 64
    Page | 65
    Or hack other person Gmail account

    Page | 66
    Page | 67
    Page | 68

    You might also like