Scribd
Upload
4 views8 pages

Day 01 Notes

This document outlines a free internship program focused on cyber security, covering topics such as networking protocols, ethical hacking steps, and server basics. It includes a roadmap for learning, recommended tools, and various assignments to practice skills in penetration testing and vulnerability analysis. The program emphasizes both offensive and defensive certifications, providing a comprehensive introduction to the field of cyber security.

Uploaded by

Waqar Roy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views8 pages

Day 01 Notes

This document outlines a free internship program focused on cyber security, covering topics such as networking protocols, ethical hacking steps, and server basics. It includes a roadmap for learning, recommended tools, and various assignments to practice skills in penetration testing and vulnerability analysis. The program emphasizes both offensive and defensive certifications, providing a comprehensive introduction to the field of cyber security.

Uploaded by

Waqar Roy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

FREE INTERNSHIP - CYBER SECURITY

1. INTRODUCTION TO CYBER SECURITY


2. ROAD MAP
3. NETWORKING PROTOCOLS
4. LAB SETUP
5. CHOOSING OS
6. SERVER BASICS
7. STEPS IN ETHICAL HACKING

1. INTRODUCTION TO CYBER SECURITY - Offensive | Defensive Certifications

DEFENSIVE - CCNA, MCSA, SQL, AWS


OFFENSIVE
PEN-200 - Pentration Testing With Kali Linux
OSCP - Offensive Security Certified Professional
CISSP- Certified Information Systems Security Professional
CASP+ - CompTIA Advanced Security Practitioner

2. ROADMAP

3. NETWORKING PROTOCOLS

Below are the basics of network which you should be aware of to learn cyber security
IP (Classes, Subnets, Private / Public IP, NID, BID, DHCP, DNS)
Protocols - TCP/UDP, 3 way handshake, tcp flags, tcp port numbers
4. LAB SETUP
Tools - Virtual box, Vmware
Android Mobile - Geny Motion
Advanced - Cloud (AWS) Costly

5. CHOOSING OS
Ethical Hacking / Pentesting - Kali Linux
Wireless/RF - Parrot OS
Advanced Pentesting - Black arc (28gb)
Forensics - DEFT
6. SERVER BASICS
Types of Servers
Web Servers - Apache HTTP Server, Internet Information Services, lighttpd
(pronounced lighty), Jigsaw Server, LiteSpeed Web Server(LSWS)
Application Servers - JBoss, Weblogic, Websphere, Glassfish, Tcat Server, Apache
Geronimo, JRun
Mail servers
FTP servers
CMS(COntent Management System)
windows servers - 2008, 2012, 2016 . .

The below website can be used to download a lot of different servers.


https://www.turnkeylinux.org/

Kali Linux - Apache server (Web Server), Python Server(File sharing)

7. STEPS IN ETHICAL HACKING


Target - mobile, website, server, firewall
Social engineering
1. Information gathering/reconnaisance/enumeration
2. Scanning
3. Vulnerability assessment
4. Exploitation
5. Privilege escalation
6. Maintaining access
7. Covering tracks

Choosing your target


Small website or Medium Website

1.INFORMATION GATHERING
Subdomain Enumeration
target domain - www.abc.com
subdomains - www.it.abc.com
www.sales.abc.com
www.marketing.abc.com

Methods
- Google Dorks
- Copyright information
- www.viewdns.info
- www.virustotal.com
- OS Based tool, sublister

The more number of subdomains your target has - it means ur target infrastructure is big

Technology Profiling
www.sitereport.netcraft.com
www.builtwith.com

Browser add on / extension - wappalyzer

SCANNING
Nmap | Zenmap
LBD
WAFW00F

VULNERABILITY ANALYSIS
CVE|CWE|CVSS

NMAP - Network MAPper

Commands
-sT TCP Connect Scan
-sS Stealth Scan
-sV Version Scan
-sU
-A Aggresive Scan (-sV + Script Scan + OS Scan + Tracert)

Options
-O OS Scan
-v Verbose scan (WE can see whats happening n the background)
-Pn
-f
-p to mention port number

#nmap -sT abc.com

0 - 1021 system reserved ports

#nmap -sV -p 80,443 abc.com


#nmap -sV -p 1-2000 abc.com
#nmap -sV -p- abc.com

Common Commands
#nmap -sV -v -A -O -v -p- abc.com

ZENMAP
GUI of nmap

LBD - Load Balance Detector


WAFW00F

VULNERABILITY ANALYSIS
CVE|CWE|CVSS

Web Based Tools


https://www.immuniweb.com/
https://sitecheck.sucuri.net/
https://quttera.com/

OS based Tools
DIRB - Directory Buster
#dirb https://target.com

DIRSEARCH
#python3 dirsearch.py -u target.com -e* -t 80 -x 400,403,404,500 -w /root/Desktop/wordlist.txt

-e php

RAPIDSCAN
#./rapidscan.py https://target.com

EXPLOITATION
url

EXPLOITATION
- Installation of Metasploit
- Technology profiling of Metasploitable server
- Vulnerability analysis of Metasploitable server
- Scanning Metasploitable server
- Exploitation of Metasploitable server - FTP
- Windows 7 Brute forcing using Metasploit Framework

msfadmin msfadmin
ifconfig

TERMINILOGIES
EXPLOIT
PAYLOAD
AUXILLIARY
METERPRETER
MSFVENOM

COMMANDS
USE - Used to choose an exploit
#use exploit/windows/.././/./

SET - Used to set payloads and parameters


#set payload windows/meterpreter/..
#set LHOST 192.168.1.10

SHOW OPTIONS - To diplay all available options

SEARCH
LHOST - Local host (kali ip)
LPORT - Local port
RHOST - Remote Host (victim ip)
RPORT - Remote port

ASSIGNMENT 5
Exploit Metasploitable server using MSF.
SUbmit: Screenshot of the output in msf

ASSINGMENT 4
Choose ur target again
Generate a vulnerability report for your target

ASSIGNMENT 3 - DAY THREE


Choose your own target - any target
1. Check which ports are open
2. Find which version of services are they using
3. Find the OS used by your target
4. Check if your target performs Load Balancing
5. Check if your target uses Web Application Firewall

ASSIGNMENT 2 - DAY TWO


Target - https://tuc.ac.ke/
Enumerate the following
1.What is the IP address of the server responding to you
2.When was the domain name registered?
3.Enumerate the Content Mangement System (CMS) used by the target
4.What is the Database used by the target
5.What is the webserver used by the target
6.Who is the web hosting provider of the target
7.If my target is to attack the "mail server" of your target, which will the right ip of the target to
attack
8.Total how many subdomains are present for the target
ASSIGNMENT 1 - DAY ONE
Create a login page in Kali Linux apache server
Verify: Give the ip of kali Linux in windows browser and it will display login page

Screenshot: Login page in windows browser

You might also like