Similar presentations:
Hacking Lab Practice
1.
Hacking LABDr Bishwajeet Pandey, SMIEEE
Director-Gyancity Research Consultancy Pvt Ltd, India
PhD (Gran Sasso Science Institute, L'Aquila, Italy)
Visiting Professor at
L.N. Gumilyov Eurasian National University, Kazakhstan
UCSI UNIVERSITY-Malaysia
2.
ABOUT COURSE TEACHERPhD from Gran Sasso Science Institute, Italy
PhD Supervisor Prof Paolo Prinetto from Politecnico Di Torino, Italy
MTech from Indian Institute of Information Technology, Gwalior, India
Visited 47 Countries Across The Globe
Written 200+ Research paper with 212 Researcher from 93 Universities
Scopus Profile: https://www.scopus.com/authid/detail.uri?authorId=57203239026
Google Scholar: https://scholar.google.com/citations?user=UZ_8yAMAAAAJ&hl=hi
IBM Certified Solution Designer
EC-Council Certified Ethical Hacker
AWS Certified Cloud Practitioner
Email: [email protected], [email protected], [email protected]
3.
Hacking LAB: Practices1.
Working with network commands in Windows and Linux (Assignment Week 1: Make a list of 50 Commands with syntax and
usage)
2. Capturing and Analyzing Network Traffic using Wireshark (Assignment Week 2: Case study of TCP 3-way handshake) or
(Assignment Week 2: Capture HTTP packet and extract username and Password using Ettercap and Wireshark)
3. Website technical information gathering using maltego, httrack, whois. (Assignment Week 3: Chose any two tools from
OSINTFramework.com and discuss the steps to use it)
4. Full Scan, Half Open Scan, Stealth Scan and XMAS Scan using NMAP (Assignment Week 4: Run Any 10 NSE Scripts )
5. Perform Host Discovery, Service Discovery(FTP, Telnet, SSH, Java RMI Server, SMB), Port Scanning using Metasploit or
(Assignment Week 5: Demonstrate Eternal Blue, VSFTPD, OpenSSH exploit using Metasploit)
6. Social engineering using SEToolkit (Assignment Week 6: Create a Clone of GMAIL using SEToolkit)
7. Web parameter poisoning using burp suite (Assignment Week 7: Change the price of all item to 1 USD on e-commerce shopping
cart)
8. Create Fake Harmless Virus using Notepad (Assignment Week 8: Create a MAC/Window and Android Spyware
with MSFVenom)
9. Malware Classification using Convolutional Neural Networks using Google Colab (Assignment Week 9: Malware Classification
using Convolutional Neural Networks using Jupyter Notebook)
10. Perform session hijacking using Zed Attack Proxy (ZAP) (Assignment Week 10: Perform Session Hijacking using Wireshark)
4.
Reconnaissance using MaltegoMaltego
is
an
open
source
intelligence and forensics application.
It will offer you timous mining and
gathering of information as well as
the representation of this information
in a easy to understand format.
To perform active and passive
reconnaissance using Meltago and
HTtrack mirroring tools to collect
technical
information
from
scanme.nmap.org
sudo apt install maltego
5.
Reconnaissance using Maltegoroot@kali:~# maltego -h
java is /usr/bin/java
found java executable in PATH
pwd: file:/usr/share/maltego/maltego-ui/modules/ext/Java_Config_App.jar
install conf: /usr/share/maltego/etc/maltego.conf
install version: v4.2.17
user conf: /root/.maltego/v4.2.17/etc/maltego.conf
current java: /usr/lib/jvm/java-11-openjdk-amd64
/usr/lib/jvm: /usr/lib/jvm
/usr/lib/jvm: /usr/lib/jvm/java-11-openjdk-amd64
/usr/lib/jvm: /usr/lib/jvm/openjdk-11
/usr/lib/jvm: /usr/lib/jvm/default-java
/usr/lib/jvm: /usr/lib/jvm/java-1.11.0-openjdk-amd64
6.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
7.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
8.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
9.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
10.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
11.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
12.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
13.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
14.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
15.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
16.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
17.
Reconnaissance using Maltegoroot@kali:~# maltego scanme.nmap.org
18.
Website MirroringHTTrack is an offline browser utility, allowing you to download a World
Wide website from the Internet to a local directory, building recursively all
directories, getting html, images, and other files from the server to your
computer.
HTTrack arranges the original site’s relative link-structure. Simply open a
page of the “mirrored” website in your browser, and you can browse the site
from link to link, as if you were viewing it online. HTTrack can also update
an existing mirrored site, and resume interrupted downloads. HTTrack is
fully configurable, and has an integrated help system.
19.
Website Mirroring20.
Know IP Address of any website:Ping
Open Terminal
• In Mac, Press Command+Space,
Type Terminal
In Linux, Press Ctrl + T / Ctrl + Alt + T
$ ping microsoft.com
21.
Know IP Address of any website:nslookup
Open Terminal
• In Mac, Press Command+Space,
Type Terminal
In Linux, Press Ctrl + T / Ctrl + Alt + T
$ nslookup microsoft.com
22.
Know IP Address of any website:DNSLookup
Open Browser
https://www.whatismyip.com/dns-lookup/
23.
Dedicated IP and Shared HostingSome Domains has a range of
IP
addresses
Some domains has a unique IP
Address.
Some domains have not a
unique IP Address, where
multiple website share a single
IP and this process is known as
shared
hosting.
In order to know, with whom
we a are sharing IP there is a
website
called
ipneighbors.com
24.
Complete information about any websiteOpen Browser
https://website.informer.com
25.
Complete information about any websiteOpen Browser
https://website.informer.com
26.
Complete information about any websiteOpen Browser
https://website.informer.com
27.
WHOIS LOOKUPAlthough Website Informer tell us about Who is information also but we can also
access who is directly on
Whois.domaintools.com
Whois.net
Whosi.info
28.
WHOIS LOOKUP29.
Complete information about any websiteOpen Browser https://website.informer.com
30.
Information Gathering of Website From EmailOpen Gmail
Go to Reply
Show Originals
31.
Information Gathering of Website From EmailOpen Gmail
Go to Reply
Show Originals
32.
Information Gathering of Website From EmailOpen Gmail
Go to Reply
Show Originals