Reg no: 411622149007

VISION OF THE INSTITUTE

To emerge and rise as distinctive technical institution to create the learners to
meet the growing challenges of the industry and diverse societal needs of the
world.
MISSION OF THE INSTITUTE
To develop the institution as a “Centre of Excellence” offering engineering
education to students at undergraduate and post-graduate degree levels through
state-of-the-art technology on a par with international standards.
To create and sustain a community of learning that sticks on to social, ethical,
ecological, cultural and economic upliftment.
To undertake research in socially relevant, scientific and technology oriented
projects.
DEPARTMENT OF CYBER SECURITY
DEPARTMENT VISION:
Inspire and nurture the students to provide a sustainable compassionate and
research-focused educational framework in the field of cyber security for
creating a strong, robust, and cyber-attack free digital world.
DEPARTMENT MISSION:

● To be a globally prominent academic department for quality education

and state-of-the-art research in the field of cyber security with ethical
values and social commitment.

● To conduct knowledge transfer programs to enhance the technical

knowledge in the area of Cyber Security.

● To Develop cyber security expertise to protect the human safety and

security

Program Outcomes (POs)

 Reg no: 411622149007

● Engineering knowledge: Apply the knowledge of mathematics, science,

engineering fundamentals, and an engineering specialization to the solution of
complex engineering problems.

● Problem analysis: Identify, formulate, review research literature, and analyze

complex engineering problems reaching substantiated conclusions using first
principles of mathematics, natural sciences, and engineering sciences.

● Design/development of solutions: Design solutions for complex engineering

problems and design system components or processes that meet the specified
needs with appropriate consideration for the public health and safety, and the
cultural, societal, and environmental considerations.

● Conduct investigations of complex problems: Use research-based knowledge

and research methods including design of experiments, analysis and
interpretation of data, and synthesis of the information to provide valid
conclusions.

● Modern tool usage: Create, select, and apply appropriate techniques,

resources, and modern engineering and IT tools including prediction and
modeling to complex engineering activities with an understanding of
prediction and modeling to complex engineering activities with an
understanding of the limitations.

● The engineer and society: Apply reasoning informed by the contextual

knowledge to assess societal, health, safety, legal and cultural issues and the
consequent responsibilities relevant to the professional engineering practice.

● Environment and sustainability: Understand the impact of the professional

engineering solutions in societal and environmental contexts, and demonstrate
the knowledge of, and need for sustainable development.

● Ethics: Apply ethical principles and commit to professional ethics and

responsibilities and norms of the engineering practice.

● Individual and team work: Function effectively as an individual, and as a

member or leader in diverse teams, and in multidisciplinary settings.
 Reg no: 411622149007

● Communication: Communicate effectively on complex engineering activities

with the engineering community and with society at large, such as, being able
to comprehend and write effective reports and design documentation, make
effective presentations, and give and receive clear instructions.

● Project management and finance: Demonstrate knowledge and understanding

of the engineering and management principles and apply these to one’s own
work, as a member and leader in a team, to manage projects and in
multidisciplinary environments.

● Life-long learning: Recognize the need for, and have the preparation and
ability to engage in independent and life-long learning in the broadest context
of technological change.

PROGRAMME EDUCATIONAL OBJECTIVE:

● Apply their technical competence in computer science to solve real world

problems, with technical and people leadership.
● Conduct cutting edge research and develop solutions on problems of social
relevance.
● Work in a business environment, exhibiting team skills, work ethics, adaptability
and lifelong learning.

PROGRAMME SPECIFIC OUTCOMES:

● Exhibit design and programming skills to build and automate business

solutions using cutting edge technologies.

● Strong theoretical foundation leading to excellence and excitement towards

research, to provide elegant solutions to complex problems.
 Reg no: 411622149007

INSTRUCTIONS TO STUDENTS

● Before entering the lab the student should carry the following things (MANDATORY)

1. Identity card issued by the college.

2. Class notes
3. Lab observation book
4. Lab Manual
5. Lab Record

● Student must sign in and sign out in the register provided when attending the lab session

without fail.

● Come to the laboratory in time. Students, who are late more than 15 min., will not be

allowed to attend the lab.

● Students need to maintain 100% attendance in lab if not a strict action will be taken.

● All students must follow a Dress Code while in the laboratory

● Foods, drinks are NOT allowed.

● All bags must be left at the indicated place.

● Refer to the lab staff if you need any help in using the lab.

● Respect the laboratory and its other users.

● Workspace must be kept clean and tidy after experiment is completed.

 Reg no: 411622149007

● Read the Manual carefully before coming to the laboratory and be sure about what you

are supposed to do.

● Do the experiments as per the instructions given in the manual.

● Copy all the programs to observation which are taught in class before attending the lab

session.

● Students are not supposed to use floppy disks, pen drives without permission of lab- in

charge.

● Lab records need to be submitted on or before the date of submission

CCS374-WEB APPLICATION SECURITY

COURSE OBJECTIVES:

● To understand the fundamentals of web application security

● To focus on wide aspects of secure development and deployment of web applications

● To learn how to build secure APIs

● To learn the basics of vulnerability assessment and penetration testing

● To get an insight about Hacking techniques and Tools.

PRACTICAL EXERCISES: 30 PERIODS

1. Install wireshark and explore the various protocols

1. Analyze the difference between HTTP vs HTTPS
2. Analyze the various security mechanisms embedded with different protocols.

2. Identify the vulnerabilities using OWASP ZAP tool

3. Create simple REST API using python for following operation

 Reg no: 411622149007

1. GET
2. PUSH
3. POST
4. DELETE

4. Install Burp Suite to do following vulnerabilities:

1. SQL injection
2. Cross-site scripting (XSS)

5. Attack the website using Social Engineering method

COURSE OUTCOMES:

COs Course Outcomes Experiments

List

CO1 1
Understanding the basic concepts of web application security and the
need for it

CO2 Be acquainted with the process for secure development and 2

deployment of web applications

CO3 3
Acquire the skill to design and develop Secure Web Applications that
use Secure APIs

CO4 Be able to get the importance of carrying out vulnerability 2,4,8

assessment and penetration testing

CO5 Acquire the skill to think like a hacker and to use hackers tool sets 5,8

Mapping of Course Outcomes with the PO’s and PSO’s

COs PO1 PO3 PO4 PO5 PO6 PO7 PO8 PO PO1 PO1 PO12
/ PO2 9 0 1 PSO1 PSO2
POs

CO1 1 2 3

CO2 2 1 1 2 2

CO3 1 2 3 1 3 3 2

CO4 2 1 3 1 2 1 2 2
 Reg no: 411622149007

CO5 2 3 2 1 1 2 1 2 3

1-Low, 2-Medium, 3-High, ’-‘No correlation

Relevance of COs, POs and PSOs

Exp. Relevance Relevance of Pos

Title of Experiments
No. of COs & PSOs

1 Install Wireshark and explore the various protocols CO1

1.Analyze the difference between HTTP vs HTTPS

2.Analyze the various security mechanisms embedded

with different protocols.

2 Identify the vulnerabilities using OWASP ZAP tool

CO2,CO4

3 Create simple REST API using python for following

operation CO3

1. GET
2. PUSH
3. POST
4. DELETE

4 Install Burp Suite to do following vulnerabilities: CO4,CO5

1.SQL injection

2.Cross-site scripting (XSS)

 Reg no: 411622149007

5 Attack the website using Social Engineering method CO5

ADDITIONAL EXPERIMENTS

6 Vulnerability Assessment Using Nessus

-

7 Email Analysis using MBOX Viewer

OPEN BASED PROGRAM

8 Automated and Penetration Testing using KF Sensor

CO4,CO5

TABLE OF CONTENTS

Exp. MARKS SIGN

Title of Experiments
No.

1 Install Wireshark and explore the various protocols

1.Analyze the difference between HTTP vs HTTPS

2.Analyze the various security mechanisms embedded

with different protocols.

2 Identify the vulnerabilities using OWASP ZAP tool

3 Create simple REST API using python for following

operation
GET
PUSH
POST
DELETE

4 Install Burp Suite to do following vulnerabilities:

1.SQL injection

2.Cross-site scripting (XSS)

 Reg no: 411622149007

5 Attack the website using Social Engineering method

ADDITIONAL EXPERIMENTS

6 Vulnerability Assessment Using Nessus

7 Email Analysis using MBOX Viewer

OPEN BASED PROGRAM

8 Automated and Penetration Testing using KF Sensor

EX NO:1a Install Wireshark and explore the various protocols

Date:
Analyze the difference between HTTP vs HTTPS

Aim:
To analyze the difference between HTTP vs HTTPS using wireshark tool in kali linux.

Algorithm:
Step 1: Install Wireshark
1. Open Terminal in Kali Linux.
2. Update the package list:
>> sudo apt update
 Reg no: 411622149007

3. Install Wireshark:
>>sudo apt install wireshark

4. During installation, it may prompt you with: Should non-superusers be able to capture
packets? (YES/NO)
Select YES
5. Verify installation:
>>Wireshark-v

Step 2: Launch Wireshark

1. Start Wireshark:
 Reg no: 411622149007

>>sudo wireshark

2. Select the network interface (e.g., eth0, wlan0) to monitor network traffic.

3. Click on Start Capture (blue shark fin icon).

Step 3: Analyze HTTP vs HTTPS Protocols
1. Open any browser and visit:
o HTTP site: http://example.com
o HTTPS site: https://example.com
2. Switch back to Wireshark and filter the captured packets:
 Reg no: 411622149007

3. Compare HTTP and HTTPS traffic:

o HTTP Traffic:
1. Data is visible as plain text in the Info or Packet Details pane.
o HTTPS Traffic:
1. Data is encrypted (secured by TLS/SSL) and cannot be read directly.

Step 4: Save Captured Data

1. Stop the capture.
2. Save the file.
VIVA QUESTIONS
1.What is Wireshark, and how is it used?
 Reg no: 411622149007

2.What is the key difference between HTTP and HTTPS?

3.Which protocols can you analyze using Wireshark?

4.How does Wireshark capture packets?

5.Why is HTTPS more secure than HTTP?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)
 Reg no: 411622149007

Result:
Thus to Analyze the difference between HTTP vs HTTPS using wireshark tool in kali
linux was successfully executed and the output was verified.

EX NO:1b Analyze the various security mechanisms embedded with different

protocols
Date:
 Reg no: 411622149007

Aim:
To analyze the various security mechanisms embedded with different protocols using
wireshark tool in kali linux.

Algorithm:
Step 1: Launch Wireshark
1. Start Wireshark:
>>sudo wireshark
2. Select the network interface (e.g., eth0, wlan0) to monitor network traffic.
3. Click on Start Capture (blue shark fin icon).

Step 2: Analyze Security Mechanisms in Protocols

1. Inspect HTTP packets:
o Look for fields like User-Agent, Host, Referer, and cookies in the header.
o Observe how data is transferred without encryption.

2. Inspect HTTPS packets:

o Analyze the TLS handshake process (Client Hello, Server Hello, Certificate
Exchange).
o Observe encryption details such as cipher suites and certificates.
 Reg no: 411622149007

3. Identify security mechanisms:

o TLS version (e.g., TLS 1.2 or 1.3).
o Encryption algorithms and certificates.

Step 5: Save Captured Data

1. Stop the capture.
2. Save the file:

VIVA QUESTIONS:
1.What is the purpose of IPSec in network security?

2.How does TLS/SSL secure communication in HTTPS?

3.What security mechanism does SSH use for secure access?

4.How does DNSSEC improve DNS security?

 Reg no: 411622149007

5.What are SYN flood attacks, and how are they prevented?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
Thus to analyze the various security mechanisms embedded with different protocols in
wireshark tool using kali linux was successfully executed and the output was verified

EX NO:2 Identify the vulnerabilities using OWASP ZAP tool

 Reg no: 411622149007

DATE:

Aim:
To identify the vulnerabilities using OWASP ZAP tool in kali linux.

Algorithm:
Step 1: Install Zaproxy tool.
>>sudo apt install zaproxy

Step 2: Start Zaproxy tool.

>>zaproxy

Step 3: Press Automated scan

1. Give the URL to scan.
2. Click attack.
 Reg no: 411622149007

Step 3: Press Alert.

1. To see the vulnerabilities in the website.
 Reg no: 411622149007

VIVA QUESTIONS:
1.What is OWASP ZAP, and what is its purpose?

2.What is the difference between Passive Scan and Active Scan in ZAP?

3.How does ZAP detect SQL Injection vulnerabilities?

 Reg no: 411622149007

4.What security risks can OWASP ZAP identify?

5.How can we mitigate vulnerabilities detected by OWASP ZAP?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
 Reg no: 411622149007

Thus to identify the vulnerabilities using OWASP ZAP tool using kali linux was
successfully executed was the output was verified

EX NO: 3 Create simple REST API using python for following operation
1. GET
Date: 2.PUSH
3.POST
4.DELETE

Aim:
To create simple REST API using python for the following operation GET , PUSH ,
POST , DELETE using Post man in kali linux.

Algorithm:
Step 1: Write a python program .
>>vim app.py (For writing the program)
Program:
from flask import Flask, request, jsonify
app = Flask(__name__)

# Sample data to work with

books = [
{"id": 1, "title": "1984", "author": "George Orwell"},
{"id": 2, "title": "To Kill a Mockingbird", "author": "Harper Lee"},
]

# Get all books

@app.route('/books', methods=['GET'])
def get_books():
return jsonify({"books": books})
 Reg no: 411622149007

# Get a single book by ID

@app.route('/books/<int:book_id>', methods=['GET'])
def get_book(book_id):
book = next((book for book in books if book["id"] == book_id), None)
if book is None:
return jsonify({"error": "Book not found"}), 404
return jsonify({"book": book})

# Add a new book

@app.route('/books', methods=['POST'])
def add_book():
new_book = request.get_json()
books.append(new_book)
return jsonify(new_book), 201

# Update an existing book by ID

@app.route('/books/<int:book_id>', methods=['PUT'])
def update_book(book_id):
updated_book = request.get_json()
book = next((book for book in books if book["id"] == book_id), None)
if book is None:
return jsonify({"error": "Book not found"}), 404
book.update(updated_book)
return jsonify(book)

# Delete a book by ID
@app.route('/books/<int:book_id>', methods=['DELETE'])
 Reg no: 411622149007

def delete_book(book_id):
global books
books = [book for book in books if book["id"] != book_id]
return '', 204

if __name__ == '__main__':
app.run(debug=True)
>>python app.py (For compiling)

Step 2: Download postman in kali linux.

Step 3: Open postman.
1.GET Operation
a. In HTTP link type :http://127.0.0.1:5000/books
b. Select GET
c. Click send
 Reg no: 411622149007

2.PUT Operation
a. In HTTP link type :http://127.0.0.1:5000/books/1
b. Select PUT
c. Click send
 Reg no: 411622149007

3.POST Operation
a. In HTTP link type :http://127.0.0.1:5000/books
b. Select POST
c. Click send

4.DELETE Operation
a. In HTTP link type :http://127.0.0.1:5000/books/1
b. Select DELETE
c. Click send
 Reg no: 411622149007

VIVA QUESTIONS

1️.What is REST API, and how does it work?

2.What is the difference between PUT and POST methods?

3️.What are the advantages of FastAPI over Flask?

4️.How does FastAPI handle data validation?

 Reg no: 411622149007

5️.How can you test a FastAPI REST API?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
Thus to create simple REST API using python for the following operation GET , PUSH ,
POST , DELETE using kali linux was successfully executed and the output was verified.
 Reg no: 411622149007

EX NO:4a Install burp suite to do following operation

Date:
SQL Injection

Aim:
To demonstrate SQL Injection using burp suite tool in kali linux.

Algorithm:

Step1: Install burp suite.

>> sudo apt install burpsuite

Step2: Start burp suite.

>>burpsuite

Step3: SQL Injection

1. In burpsuite, click proxy
2. In proxy, open browser
3. In browser, type vulnweb
4. Get the webpage link to perform SQL Injection
5. The link is send to the repeater
6. In repeater, perform the SQL attack using query

1 ‘OR’ 1 ’=’ 1
 Reg no: 411622149007

VIVA QUESTIONS:

1️.What is SQL Injection, and how does it work?

2️.How can Burp Suite help detect SQL Injection vulnerabilities?

3️.What are common SQL Injection payloads?

 Reg no: 411622149007

4️.What is the role of the Intruder tool in Burp Suite for SQL Injection?

5️.How can SQL Injection be prevented?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
 Reg no: 411622149007

Thus to demonstrate SQL Injection using burp suite tool in kali linux was successfully
executed and the output was verified.

EX NO: 4b Cross-Site Scripting(XSS)

Date:

Aim:
To demonstrate the Cross-Site Scripting (XSS) using burp suite in kali linux.

Algorithm:

Step1: Install burp suite.

>> sudo apt install burpsuite

Step2: Start burp suite.

>>burpsuite

Step3: Cross-Site Scripting(XSS)

1. In burpsuite, click proxy
2. In proxy, open browser
3. In browser, type vulnweb
4. Get the webpage link to perform Cross-Site Scripting(XSS)
5. The link is send to the repeater
6. In repeater, perform the XSS attack using query

<script>alert(“XSS”)</script>
 Reg no: 411622149007

VIVA QUESTIONS:

1️.What is Cross-Site Scripting (XSS), and how does it work?

2️.What are the different types of XSS attacks?

3️.How does Burp Suite help in detecting XSS vulnerabilities?

 Reg no: 411622149007

4️.What are common XSS payloads?

5️. How can XSS be prevented?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
 Reg no: 411622149007

Thus to demonstrate the Cross-Site Scripting (XSS) using burp suite in kali linux was
successfully executed and the output was verified.

EX NO:5 Attack the website using Social Engineering Method

Date:

Aim:
To attack the website using Social Engineering Method using Zphisher in Kali linux.

Algorithm:

Step1: Download zphisher.

>> sudo apt install zphisher

Step2: Change directory.

>> cd zphisher

Step3: Start zphisher.

>> bash zphisher.sh
 Reg no: 411622149007

Step 4: Select an option

1. Select the type of the website to attack the victim.

Step 5: Open the URL in the browser

1. Open the browser
2. Copy the URL
3. Paste in the browser
4. Open the web page

Step 6: Save the output in the folder.

 Reg no: 411622149007

VIVA QUESTIONS

1️.What is social engineering in cybersecurity?

2️.What are common types of social engineering attacks?

3️.How does phishing work in social engineering?

4️.What is the best way to defend against social engineering attacks?.

 Reg no: 411622149007

5️.How can organizations test their employees against social engineering threats?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

Result:
 Reg no: 411622149007

Thus to attack the website using Social Engineering Method using Zphisher in Kali linux
was successfully executed and the output was verified.

EX NO:6 VULNERABILITY ASSESSMENT USING NESSUS

Date:

Vulnerability Assessment using Nessus

AIM
To perform a vulnerability scan on a target system using Nessus and analyze the discovered
vulnerabilities.

ALGORITHM
Software/Tools Required:

● Nessus Essentials (free version) installed from:

https://www.tenable.com/products/nessus

● One target machine (Linux or Windows)

● Web browser (for accessing Nessus dashboard)

● Internet connection (for plugin updates)

⚙️Procedure:

✅ Step 1: Install Nessus

● Download Nessus from the official website.

● Choose your OS version (Windows/Linux/macOS).

● Install and start the Nessus service.

● Open browser and go to https://localhost:8834

● Select Nessus Essentials and register with your email to get the activation code.

● Wait for plugin installation and updates (can take 10-15 mins).
 Reg no: 411622149007

✅ Step 2: Create a New Scan

● Log in to the Nessus dashboard.

● Go to Scans > New Scan.

● Select Basic Network Scan (or Advanced Scan).

● Provide scan details:

o Name: My First Scan

o Targets: Enter IP address of target machine (e.g., 192.168.1.10)

● Save the scan.

✅ Step 3: Run the Scan

● Click on the scan you just created.

● Click Launch to start scanning.

● Wait for the scan to complete (depends on network and system size).

✅ Step 4: Analyze the Results

● After the scan, click on the scan name to view results.

 Reg no: 411622149007

● Nessus shows vulnerabilities categorized by severity:

o Critical

o High

o Medium

o Low

o ⚪ Info

✅ Expected Output:

Example Scan Summary:

Severi Cou
ty nt
Critica
2
l
High 5
Mediu
12
m
Low 10
Info 8
 Reg no: 411622149007

Example Vulnerabilities Found:

Plugin Severi
Name Description
ID ty

100000 SMBv1 is outdated and vulnerable to

SMBv1 Enabled High
1 attacks like WannaCry

100000 Apache HTTP Server Mediu Multiple CVEs affecting outdated

2 Multiple Vulnerabilities m Apache version

100000 SSL/TLS certificate has expired and

SSL Certificate Expired Low
3 may affect secure communication

100000 Critica Target system uses default username

Default Admin Credentials
4 l and password, a major security risk

Report Generation:

● Click on Export > PDF/HTML.

● Include details like plugin output, affected ports, and remediation steps.

● Use the report for documentation or patch management.

VIVA QUESTIONS

1.What is Nessus and what is it used for?

2.What are the different types of scans in Nessus?

 Reg no: 411622149007

3.What is the difference between credentialed and non-credentialed scans?

4.What does a Nessus scan report include?

5.Can Nessus detect web application vulnerabilities?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)
 Reg no: 411622149007

RESULT
The Nessus scan was completed successfully, revealing multiple system vulnerabilities. A
detailed report with severity levels and remediation steps was generated.

EX NO:7
Date: Email Analysis using MBOX Viewer

Aim:
To perform email analysis using tools like MBOX Viewer by filtering and searching mailbox
data based on various criteria.

Tool Required:
MBOX Viewer (or any reliable MBOX file viewer)
MBOX File (exported from a Gmail account via Google Takeout)

Algorithm:
Step 1: Obtain the MBOX File from Gmail
Apply a label to Gmail messages you want to export (e.g., "Messages to Download").
Visit Google Takeout.
Click Deselect All, then scroll to Mail and check only the label you applied.
Click Next, leave file type as default, and select Create Archive.
Once ready, download the ZIP file which contains the .mbox file.
 Reg no: 411622149007

Step 2: Install MBOX Viewer

Download and install an MBOX viewer tool (e.g., SysTools MBOX Viewer, Kernel MBOX
Viewer, or FreeViewer).

Launch the tool on your system.

Step 3: Open the MBOX File

Use the Open or Import option to load the MBOX file into the viewer.
The application will display the mailbox content such as inbox, sent, drafts, etc.

Step 4: View Mailboxes and Folders

Navigate through the interface to view individual mail folders and messages.
Mails are typically organized by sender, date, subject, etc.

Step 5: Filter Mailbox Data

Apply filters like:
Date range
Sender/Receiver email
Subject keyword
Helps focus on relevant emails for analysis.

Step 6: Search Specific Items

Use the search bar to find specific:

Keywords
Email addresses
Subject lines
Helps quickly locate important messages or patterns.
 Reg no: 411622149007

Step 7: Analyze Email Content

Examine headers, attachments, thread history, and metadata.
Identify suspicious activity, conversation flow, or attachment types.

♦ Step 8: Metadata Analysis

Look at header information:

Metadata
Use in Forensics
Field

From/To/CC Check sender & recipients

Date Timeline building

Subject Identify sensitive content

Uniquely identify
Message-ID
messages

Received Trace email routing

Identify email
User-Agent
client/device

Look for header manipulation, spoofing, or mismatches.

Step 9: Content & Keyword Analysis

● Search for suspicious keywords, file extensions, or phrases.

● Use filters:

o By date range

o By sender/recipient

o By keyword or attachment type

● Identify:

o Harassment or threats
 Reg no: 411622149007

o Phishing attempts

o Intellectual property leakage

o Malware attachments

OUTPUT

VIVA QUESTIONS:
 Reg no: 411622149007

1: What is an MBOX file?

2: How can you export emails from Gmail into an MBOX file?

3: What is the purpose of MBOX Viewer?

4: How can you filter emails in MBOX Viewer?

5: What can you analyze from an email using MBOX Viewer?

 Reg no: 411622149007

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)

RESULT
Thus Nessus scan completed successfully, revealing multiple system vulnerabilities and Detailed
report generated with severity levels and remediation steps.

EX NO:8 OPEN BASED PROGRAM

Date: AUTOMATED AND PENETRATION TESTING USING KF
SENSOR

AIM
To explore automated and penetration tools on network (KF Sensor)
ALGORITHM
HONEYPOTS When it comes to computer security, honeypots are all the rage. Honeypots can
detect unauthorized activities that might never be picked up by a traditional intrusion detection
system. Furthermore, since almost all access to a honeypot is unauthorized, nearly everything in
a honeypot's logs is worth paying attention to. Honeypots can act as a decoy to keep hackers
away from your production servers. At the same time though, a honeypot can be a little tricky to
deploy. In this article, I will walk you through the process of deploying a honeypot.
There are many different types of honeypot systems. Honeypots can be hardware appliances or
they can be software based. Software based firewalls can reside on top of a variety of operating
systems. For the most part though, honeypots fall into two basic categories; real and virtual. A
virtual honeypot is essentially an emulated server. There are both hardware and software
implementations of virtual honeypots. For example, if a network administrator was concerned
that someone might try to exploit an FTP server, the administrator might deploy a honeypot
appliance that emulates an FTP server. Downloading and installing KF Sensor
 Reg no: 411622149007

● The KF Sensor download consists of a 1.7 MB self-extracting executable file

● . Download the file and copy it into an empty folder on your computer.

● When you double click on the file, it will launch a very basic Setup program.

● The only thing special that you need to know about the Setup process is
that it will require a reboot

Modifying the Honeypot's behavior

● To create or modify rules, select the Edit Active Scenario command from the scenario
menu.
● When you do, you will see a dialog box which contains a summary of all of the existing
rules.
 Reg no: 411622149007

● You can either select a rule and click the Edit button to edit a rule, or you can click the
Add button to create a new rule.
● Both procedures work similarly.

Click the Add button and you will see the Add Listen dialog box

● The first thing that this dialog box asks for is a name. This is just a name for the rule.

● Pick something descriptive though, because the name that you enter is what will show
up in the logs whenever the rule is triggered.
 Reg no: 411622149007

● The next few fields are protocol, port, and Bind Address. These fields allow you to choose what
the rule is listening for. For example, you could configure the rule to listen to TCP port 1023 on
IP address 192.168.1.100. The bind address portion of the rule is optional though. If you leave
the bind address blank, the rule will listen across all of the machine's NICs.
● Now that you have defined the listener, it's time to configure the action that the rule takes when
traffic is detected on the specified port. Your options are close, read and close, Sim Banner, and
SimStd Server.
● The close option tells the rule to just terminate the connection. Read and close logs the
information and then terminates the connection. The SimStd Server and Sim Banner options 78
pertain to server emulation. The Sim Banner option allows you to perform a very simple server
emulation, such as what you might use to emulate an FTP server.
● The Sim STD Server option allows you to emulate a more complex server, such as an IIS server.

● If you choose to use one of the sim options, you will have to fill in the simulator's name just
below the Time Out field.
 Reg no: 411622149007

● The other part of the Action section that's worth mentioning is the severity section. KFSensor
treated some events as severe and other events as a more moderate threat. The dialog box's
Severity drop down list allows you to determine what level of severity should be associated with
the event that you are logging.
● The final portion of the Add Listen dialog box is the Visitor DOS Attack Limits section. This
section allows you to prevent denial of service attacks against KFSensor. You can determine the
maximum number of connections to the machine per IP address (remember that this applies on a
per rule basis).
● If your threshold is exceeded, you can choose to either ignore the excessive connections or you
can lock out the offending IP address.
● Now that you have configured the new rule, select the Active Button to Enable/Disable. The new
rule should now be in effect.

VIVA QUESTIONS

1.What is a honeypot and what is its primary purpose in network security?

2.What are the types of honeypots?

3. What is KF Sensor, and why is it used?

 Reg no: 411622149007

4.What are the steps involved in installing KF Sensor?

5. How do you create or modify a rule in KF Sensor?

AIM& EXECUTION OUTPUT& VIVA TOTAL DISSEMINATIO TIMEL GRAND

AND RESULT VOCE N OF Y TOTAL(A1
ALGORITH DEBUGGING (10M) (5M) (A1) LEARNED SUBMIS +B1)
M (5M) (10M) (30M) PO’s / PSO’s SION
OF (40M)
RECOR
D

(B1)

(10M)
 Reg no: 411622149007

RESULT

The KF Sensor tool was successfully installed and configured to simulate various network
services. Honeypot rules were created and tested to monitor and analyze unauthorized access
attempts.