10.93M
Category: informaticsinformatics

Hacking Lab Practice

1.

Hacking LAB
Dr Bishwajeet Pandey, SMIEEE
Director-Gyancity Research Consultancy Pvt Ltd, India
PhD (Gran Sasso Science Institute, L'Aquila, Italy)
Visiting Professor at
L.N. Gumilyov Eurasian National University, Kazakhstan
UCSI UNIVERSITY-Malaysia

2.

ABOUT COURSE TEACHER
PhD from Gran Sasso Science Institute, Italy
PhD Supervisor Prof Paolo Prinetto from Politecnico Di Torino, Italy
MTech from Indian Institute of Information Technology, Gwalior, India
Visited 47 Countries Across The Globe
Written 200+ Research paper with 212 Researcher from 93 Universities
Scopus Profile: https://www.scopus.com/authid/detail.uri?authorId=57203239026
Google Scholar: https://scholar.google.com/citations?user=UZ_8yAMAAAAJ&hl=hi
IBM Certified Solution Designer
EC-Council Certified Ethical Hacker
AWS Certified Cloud Practitioner
Email: [email protected], [email protected], [email protected]

3.

Hacking LAB: Practices
1.
Working with network commands in Windows and Linux (Assignment Week 1: Make a list of 50 Commands with syntax and
usage)
2. Capturing and Analyzing Network Traffic using Wireshark (Assignment Week 2: Case study of TCP 3-way handshake) or
(Assignment Week 2: Capture HTTP packet and extract username and Password using Ettercap and Wireshark)
3. Website technical information gathering using maltego, httrack, whois. (Assignment Week 3: Chose any two tools from
OSINTFramework.com and discuss the steps to use it)
4. Full Scan, Half Open Scan, Stealth Scan and XMAS Scan using NMAP (Assignment Week 4: Run Any 10 NSE Scripts )
5. Perform Host Discovery, Service Discovery(FTP, Telnet, SSH, Java RMI Server, SMB), Port Scanning using Metasploit or
(Assignment Week 5: Demonstrate Eternal Blue, VSFTPD, OpenSSH exploit using Metasploit)
6. Social engineering using SEToolkit (Assignment Week 6: Create a Clone of GMAIL using SEToolkit)
7. Web parameter poisoning using burp suite (Assignment Week 7: Change the price of all item to 1 USD on e-commerce shopping
cart)
8. Create Fake Harmless Virus using Notepad (Assignment Week 8: Create a MAC/Window and Android Spyware
with MSFVenom)
9. Malware Classification using Convolutional Neural Networks using Google Colab (Assignment Week 9: Malware Classification
using Convolutional Neural Networks using Jupyter Notebook)
10. Perform session hijacking using Zed Attack Proxy (ZAP) (Assignment Week 10: Perform Session Hijacking using Wireshark)

4.

Reconnaissance using Maltego
Maltego
is
an
open
source
intelligence and forensics application.
It will offer you timous mining and
gathering of information as well as
the representation of this information
in a easy to understand format.
To perform active and passive
reconnaissance using Meltago and
HTtrack mirroring tools to collect
technical
information
from
scanme.nmap.org
sudo apt install maltego

5.

Reconnaissance using Maltego
root@kali:~# maltego -h
java is /usr/bin/java
found java executable in PATH
pwd: file:/usr/share/maltego/maltego-ui/modules/ext/Java_Config_App.jar
install conf: /usr/share/maltego/etc/maltego.conf
install version: v4.2.17
user conf: /root/.maltego/v4.2.17/etc/maltego.conf
current java: /usr/lib/jvm/java-11-openjdk-amd64
/usr/lib/jvm: /usr/lib/jvm
/usr/lib/jvm: /usr/lib/jvm/java-11-openjdk-amd64
/usr/lib/jvm: /usr/lib/jvm/openjdk-11
/usr/lib/jvm: /usr/lib/jvm/default-java
/usr/lib/jvm: /usr/lib/jvm/java-1.11.0-openjdk-amd64

6.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

7.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

8.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

9.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

10.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

11.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

12.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

13.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

14.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

15.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

16.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

17.

Reconnaissance using Maltego
root@kali:~# maltego scanme.nmap.org

18.

Website Mirroring
HTTrack is an offline browser utility, allowing you to download a World
Wide website from the Internet to a local directory, building recursively all
directories, getting html, images, and other files from the server to your
computer.
HTTrack arranges the original site’s relative link-structure. Simply open a
page of the “mirrored” website in your browser, and you can browse the site
from link to link, as if you were viewing it online. HTTrack can also update
an existing mirrored site, and resume interrupted downloads. HTTrack is
fully configurable, and has an integrated help system.

19.

Website Mirroring

20.

Know IP Address of any website:
Ping
Open Terminal
• In Mac, Press Command+Space,
Type Terminal
In Linux, Press Ctrl + T / Ctrl + Alt + T
$ ping microsoft.com

21.

Know IP Address of any website:
nslookup
Open Terminal
• In Mac, Press Command+Space,
Type Terminal
In Linux, Press Ctrl + T / Ctrl + Alt + T
$ nslookup microsoft.com

22.

Know IP Address of any website:
DNSLookup
Open Browser
https://www.whatismyip.com/dns-lookup/

23.

Dedicated IP and Shared Hosting
Some Domains has a range of
IP
addresses
Some domains has a unique IP
Address.
Some domains have not a
unique IP Address, where
multiple website share a single
IP and this process is known as
shared
hosting.
In order to know, with whom
we a are sharing IP there is a
website
called
ipneighbors.com

24.

Complete information about any website
Open Browser
https://website.informer.com

25.

Complete information about any website
Open Browser
https://website.informer.com

26.

Complete information about any website
Open Browser
https://website.informer.com

27.

WHOIS LOOKUP
Although Website Informer tell us about Who is information also but we can also
access who is directly on
Whois.domaintools.com
Whois.net
Whosi.info

28.

WHOIS LOOKUP

29.

Complete information about any website
Open Browser https://website.informer.com

30.

Information Gathering of Website From Email
Open Gmail
Go to Reply
Show Originals

31.

Information Gathering of Website From Email
Open Gmail
Go to Reply
Show Originals

32.

Information Gathering of Website From Email
Open Gmail
Go to Reply
Show Originals

33.

Week 3 Assignment
English     Русский Rules