Scribd Logo
Upload

Welcome to Scribd!

  • 20 views

    Group Assignment by Wakuma Tasisa and Gizework

    Uploaded by

    Juba
    This document appears to be a group assignment submission for a course on network security and cyber forensics. It contains the names of 3 students and is addressed to their professor. The body of the document provides a table of contents that lists various cybersecurity tools and techniques covered in the assignment, including Nmap/Zenmap for port scanning, dnsenum/dnsmap for DNS analysis, Nikto for vulnerability scanning, Metasploit for exploitation, tools for SQL injection, phishing with Social-Engineer Toolkit, denial of service attacks with Wireshark, password cracking with Burpsuite, John the Ripper, and Cewl, man-in-the-middle attacks with Wireshark and Bettercap,

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Group Assignment by Wakuma Tasisa and Gizework

    Uploaded by

    Juba
    20 views70 pages
    This document appears to be a group assignment submission for a course on network security and cyber forensics. It contains the names of 3 students and is addressed to their professor. The body of the document provides a table of contents that lists various cybersecurity tools and techniques covered in the assignment, including Nmap/Zenmap for port scanning, dnsenum/dnsmap for DNS analysis, Nikto for vulnerability scanning, Metasploit for exploitation, tools for SQL injection, phishing with Social-Engineer Toolkit, denial of service attacks with Wireshark, password cracking with Burpsuite, John the Ripper, and Cewl, man-in-the-middle attacks with Wireshark and Bettercap,

    Original Title

    Group assignment by Wakuma Tasisa and Gizework

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document appears to be a group assignment submission for a course on network security and cyber forensics. It contains the names of 3 students and is addressed to their professor. The body of the document provides a table of contents that lists various cybersecurity tools and techniques covered in the assignment, including Nmap/Zenmap for port scanning, dnsenum/dnsmap for DNS analysis, Nikto for vulnerability scanning, Metasploit for exploitation, tools for SQL injection, phishing with Social-Engineer Toolkit, denial of service attacks with Wireshark, password cracking with Burpsuite, John the Ripper, and Cewl, man-in-the-middle attacks with Wireshark and Bettercap,

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    20 views70 pages

    Group Assignment by Wakuma Tasisa and Gizework

    Uploaded by

    Juba
    This document appears to be a group assignment submission for a course on network security and cyber forensics. It contains the names of 3 students and is addressed to their professor. The body of the document provides a table of contents that lists various cybersecurity tools and techniques covered in the assignment, including Nmap/Zenmap for port scanning, dnsenum/dnsmap for DNS analysis, Nikto for vulnerability scanning, Metasploit for exploitation, tools for SQL injection, phishing with Social-Engineer Toolkit, denial of service attacks with Wireshark, password cracking with Burpsuite, John the Ripper, and Cewl, man-in-the-middle attacks with Wireshark and Bettercap,

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 70

    AMBO UNIVERSITY WOLISO CAMPUS

    SCHOOL OF TECHNOLOGY AND INFORMATICS


    DEPARTMENT IF INFORMATION TECHNOLOGY
    MSc 2nd YEAR 1st SEMESTER
    COURSE TITLE: NETWORK SECURITY AND CYBER FORENSICS

    GROUP ASSIGNMEMT

    BY:

    NAME IDNO
    1. WAKUMA GELANA…………………….……….IT-PGR/015/14
    2. TASISA NIGUSSIE…………………………….…IT-PGR/014/1
    3. GIZEWORK MOGES…………………………..………………..IT-PGR/004/14

    SUBMISSION TO: Dr. LUBAK M.

    SUBMISSION DATE: MARCH, 2023


    Table of Contents
    NMAP and ZenMAP .................................................................................................................................... 1
    dnsenum ........................................................................................................................................................ 2
    dnsmap .......................................................................................................................................................... 4
    Port scan ........................................................................................................................................................ 5
    Nikto ............................................................................................................................................................. 9
    metasploit .................................................................................................................................................... 10
    SQL Injection .............................................................................................................................................. 15
    Social engineer for phishing toolkit ............................................................................................................ 21
    Denial of Service (DOS) Attacks using wireshark ..................................................................................... 25
    Burpsuite password attack .......................................................................................................................... 27
    Reverse engineering using dex2jar ............................................................................................................. 37
    Man in the Middle Attack MITM Using Wireshark ................................................................................... 37
    MITM (Man in the Middle) Attack using Bettercap ................................................................................... 43
    Password attacks John the Ripper ............................................................................................................... 47
    Password attacks using cewl ....................................................................................................................... 48
    Cain and Abel Gathering Hashes ................................................................................................................ 49
    Spoofing ...................................................................................................................................................... 52
    Maintaining Access Tools........................................................................................................................... 55
    Forensic Analysis with Autopsy ................................................................................................................. 58
    Gmail id sniffing and spoof ........................................................................................................................ 64

    Page | i
    NMAP and ZenMAP
    NMAP and ZenMAP are useful tools for the scanning phase of Ethical Hacking in Kali Linux.
    NMAP and ZenMAP are practically the same tool, however NMAP uses command line while
    ZenMAP has a GUI.
    To open, go to application  01-information gathering  nmap or zenmap
    Scanning single IP using nmap 10.9.37.125

    Scanning single IP using Zenmap 192.168.29.129

    Page | 1
    dnsenum
    To open, go to application  01-information gathering  DNS Analysis dnsenum

    Page | 2
    Page | 3
    dnsmap
    To open, go to application  01-information gathering  DNS Analysis dnsmap

    Page | 4
    Port scan
    To open, go to application  01-information gathering  Port scan

    Or the second method

    Page | 5
    Page | 6
    Page | 7
    Page | 8
    Nikto
    To open, go to application  02-vulnerability analysis  nikto

    Page | 9
    metasploit
    Exploitation Tools Using Metasploit
    Metasploit is a product of Rapid7 and most of the resources can be found on their web
    page www.metasploit.com. It is available in two versions - commercial and free edition. The
    differences between these two versions is not much hence, in this case we will be using the
    Community version (free).
    To open the Metasploit, go to Applications → Exploitation Tools → Metasploit.

    Page | 10
    Page | 11
    Page | 12
    Page | 13
    Page | 14
    SQL Injection
    SQL Injection on a Live Website Using Sql map

    Page | 15
    Page | 16
    Page | 17
    Page | 18
    Page | 19
    Page | 20
    Social engineer for phishing toolkit
    The Social-Engineer Toolkit (SET) is an open-source penetration testing framework designed
    for social engineering. SET has a number of custom attack vectors that allow you to make a
    believable attack in a fraction of time. These kinds of tools use human behaviors to trick them to
    the attack vectors.
    Step 1 − To open SET, go to Applications → Social Engineering Tools → Click “SET” Social
    Engineering Tool.

    Page | 21
    Page | 22
    Page | 23
    Page | 24
    Denial of Service (DOS) Attacks using wireshark

    Page | 25
    Page | 26
    Burpsuite password attack
    Burpsuite can be used as a sniffing tool between your browser and the webservers
    to find the parameters that the web application uses.
    To open Burpsuite, go to Applications → Web Application Analysis → Burpsuite.

    Page | 27
    Page | 28
    Page | 29
    Page | 30
    Page | 31
    Page | 32
    Page | 33
    Page | 34
    Page | 35
    Page | 36
    Reverse engineering using dex2jar
    To open it, go to Applications → Reverse Engineering → dex2jar

    Man in the Middle Attack MITM Using Wireshark

    To open it, go to Applications → 09-Sniffing & Spoofing → wireshark

    Page | 37
    Page | 38
    Page | 39
    Page | 40
    Page | 41
    Page | 42
    MITM (Man in the Middle) Attack using Bettercap

    Page | 43
    Page | 44
    Page | 45
    Page | 46
    Password attacks John the Ripper
    To open it, go to Applications → Password Attacks → John the Ripper

    Page | 47
    Password attacks using cewl
    To open it, go to Applications → Password Attacks → Cewl

    Page | 48
    Cain and Abel Gathering Hashes

    Page | 49
    Page | 50
    Page | 51
    Spoofing

    Page | 52
    Page | 53
    Page | 54
    Maintaining Access Tools

    Or

    Page | 55
    Page | 56
    Page | 57
    Forensic Analysis with Autopsy

    Page | 58
    Page | 59
    Page | 60
    Page | 61
    Page | 62
    Page | 63
    Gmail id sniffing and spoof

    Page | 64
    Page | 65
    Or hack other person Gmail account

    Page | 66
    Page | 67
    Page | 68

    You might also like