Scribd
Upload
32 views19 pages

CS Lab Nish

The document appears to be a report submitted by a student named Nish Mehta for their practical assignments in Cyber Security. It includes 10 practical assignments related to topics like TCP scanning using Nmap, port scanning with Nmap, TCP/UDP connectivity using Netcat, network vulnerability scanning with OpenVas, web application testing on DVWA, installing VM workstation, packet sniffing, creating viruses with Python, sniffing credentials with SET, and auditing their university's IT infrastructure. For each practical there is a short description of the aim and commands or code used along with screenshots of outputs.

Uploaded by

mehtanish.20.ce
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
32 views19 pages

CS Lab Nish

The document appears to be a report submitted by a student named Nish Mehta for their practical assignments in Cyber Security. It includes 10 practical assignments related to topics like TCP scanning using Nmap, port scanning with Nmap, TCP/UDP connectivity using Netcat, network vulnerability scanning with OpenVas, web application testing on DVWA, installing VM workstation, packet sniffing, creating viruses with Python, sniffing credentials with SET, and auditing their university's IT infrastructure. For each practical there is a short description of the aim and commands or code used along with screenshots of outputs.

Uploaded by

mehtanish.20.ce
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 19

NISH MEHTA IU2041050070 CE-A

INDUS INSTITUTE OF TECHNOLOGY & ENGINEERING


Cyber Security
Practical File (7 CE)

Submitted By :
NISH MEHTA IU2041050070
CE A

CYBER SECURITY 1
NISH MEHTA IU2041050070 CE-A

LIST OF EXPERIMENTS
Exp.No Title Date Sign
.
1 TCP Scanning using Nmap
2 Port Scanning using Nmap
3 TCP/UDP Connectivity using
Netcat
4 Network Vulnerability
Scanning using OpenVas
5 Web Application Testing On
DVWA
6 Install VM workstation in
Ubuntu and setup Windows
and Kali
7 Write a program to sniff
packet sent over a network
8 Create a Virus using python
script and implement attack

CYBER SECURITY 2
NISH MEHTA IU2041050070 CE-A

and analyze the effect of


various viruses.
9 Sniffing Website credentials
using Social Engineering
Toolkit.
10 Study and Audit Indus
University IT Infrastructure.

CYBER SECURITY 3
NISH MEHTA IU2041050070 CE-A

Practical 1
Aim: TCP Scanning using Nmap
TCP Scanning:
TCP Scanning is technique to scan and probe the particular
host or server for Open port using by establishing tcp
connection to particular port, if the server accepts the tcp
connect request the port is open and if it reject the request the
port is not open.

Commands:
nmap –help : for see the help section
nmap -sS -v -A 10.0.0.1/24 -Pn : this will scan for all 255 ip in this
subnet for openport.
OUTPUT:

CYBER SECURITY 4
NISH MEHTA IU2041050070 CE-A

CYBER SECURITY 5
NISH MEHTA IU2041050070 CE-A

Practical 2
AIM: Port Scanning using Nmap.
Port Scanning:
Port scanning is a method to find the open port and
service running on that particular port and its version in the
host or server by using probing particular ports using tcp
request and udp request.
There are wide range of tools available for port scanning like
NMAP, Naabu, MassScan, Metasploit etc.
Commands:
Nmap -sS -sV -Pn -p- --min-rate=1000 -A 127.0.0.1 : this will
scan for all the open port at localhost in range from 0 -65535.
OUTPUT:

CYBER SECURITY 6
NISH MEHTA IU2041050070 CE-A

Practical 3
AIM: TCP/UDP Connectivity using Netcat.
Netcat: Netcat or NC is a utility tool that uses TCP and UDP connections
to read and write in a network. It can be used for both attacking and
security. In the case of attacking. It helps us to debug the network along
with investing it. It runs on all operating systems.
Commands:
For TCP connection
Syntax: nc [Target IP Address] [Target Port]
nc 192.168.17.43 21
For UDP Connection
Syntax: nc -u [target ip] [target port]
nc -u 192.168.0.23 53

CYBER SECURITY 7
NISH MEHTA IU2041050070 CE-A

CYBER SECURITY 8
NISH MEHTA IU2041050070 CE-A

Practical 4
AIM : Network Vulnerability Scanning using OpenVas.
Openvas : OpenVAS is a full-featured vulnerability scanner. Its
capabilities include unauthenticated and authenticated testing, various
high-level and low-level internet and industrial protocols, performance
tuning for large-scale scans and a powerful internal programming
language to implement any type of vulnerability test.
The scanner obtains the tests for detecting vulnerabilities from a feed
that has a long history and daily updates

CYBER SECURITY 9
NISH MEHTA IU2041050070 CE-A

Report Summery:

CYBER SECURITY 10
NISH MEHTA IU2041050070 CE-A

Practical 5
Aim: Web Application Testing On DVWA
DVWA: damn Vulnerable web application is a intentionaly created
vulnerable virtual machine to learn various types of vulnerabilities and
how to detect them and how to exploit them.
it is open source and can be found in github
(https://github.com/digininja/DVWA)
Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web
application that is damn vulnerable. Its main goal is to be an aid for
security professionals to test their skills and tools in a legal
environment, help web developers better understand the processes of
securing web applications and to aid both students & teachers to learn
about web application security in a controlled class room environment.
The aim of DVWA is to practice some of the most common web
vulnerabilities, with various levels of difficulty, with a simple
straightforward interface. Please note, there are both documented and
undocumented vulnerabilities with this software. This is intentional.
You are encouraged to try and discover as many issues as possible.

CYBER SECURITY 11
NISH MEHTA IU2041050070 CE-A

CYBER SECURITY 12
NISH MEHTA IU2041050070 CE-A

Practical 6
Aim : Install VM workstation in Ubuntu and setup Windows and Kali
Procedure

Download kali vm from the kali.org

Opne virtual box and click new. enter details and path where the iso file

CYBER SECURITY 13
NISH MEHTA IU2041050070 CE-A

CYBER SECURITY 14
NISH MEHTA IU2041050070 CE-A

Practical 7
Aim : Write a program to sniff packet sent over a network
Program :
#!/usr/bin/env python3
from scapy.all import *
def handler(packet):
print(packet.summary())
if __name__ == "__main__":
sniff(iface="wlp1s0 ", prn=handler, store=0)

OUTPUT:

CYBER SECURITY 15
NISH MEHTA IU2041050070 CE-A

Practical 8
Aim: Create a Virus using python script and implement attack and
analyze the effect of various viruses.
Program:
import sys
import subprocess

def code(void):
print("infected")

code()
def file_creat():
for i in range(10000000):
subprocess.run(["touch", f"file_{i}"])

file_creat()
OUTPUT: this will freez your pc

CYBER SECURITY 16
NISH MEHTA IU2041050070 CE-A

Practical 9
Aim: Sniffing Website credentials using Social Engineering Toolkit
The Social-Engineer Toolkit is an open-source penetration testing
framework designed for social engineering. SET has a number of
custom attack vectors that allow you to make a believable attack
quickly. SET is a product of TrustedSec, LLC – an information security
consulting firm located in Cleveland, Ohio.
This is used by Pentester, Red teamer and also by cyber criminals to
attack on the people.

CYBER SECURITY 17
NISH MEHTA IU2041050070 CE-A

CYBER SECURITY 18
NISH MEHTA IU2041050070 CE-A

Practical 10
Aim: Study and Audit Indus University IT Infrastructure

CYBER SECURITY 19

You might also like