School of Computer Science Engineering &

Information Science

Activity based Learning(Tool Usage)

Report

Course Title: Cyber Security

Course Code: CSE3094
Date of Submission:

Submitted By:

Sl.No Roll Number Name Signature

1 20201CSD0030 Hari charan Reddy
2 20201CSD0038 Harsha vardhan M
3 20201CSD0027 Veeresh M
Index
1. List of Cyber Security tools identified
2. About the Tools
a. Introduction
b. Used For
c. Advantage
3. Implementation
4. Results with screenshots
5. Conclusion
 List of Cyber Security tools identified

1. NMAP

2. Phish Report

3. Kali linux

ABOUT THE TOOLS

1.NMAP

Introduction :

Nmap, short for Network Mapper, is a versatile and powerful open-source network
scanning tool used by security professionals, system administrators, and network
engineers worldwide. Developed by Gordon Lyon, also known as Fyodor Vaskovich,
Nmap is designed to discover hosts and services on a computer network, thus creating a
"map" of the network's structure. Its extensive range of features makes it an indispensable
tool for network reconnaissance, vulnerability assessment, and security auditing.

Used for:

Network Discovery: Nmap helps in discovering hosts, devices, and services on a

network, even those hidden behind firewalls or on different subnets.

Vulnerability Assessment: It identifies potential vulnerabilities in networked systems by

analyzing open ports, services, and their versions.

Security Auditing: Nmap aids in assessing the security posture of a network by detecting
misconfigurations, weak passwords, and other security flaws.
 Penetration Testing: Security professionals use Nmap to simulate cyber attacks and test
the resilience of network defenses.

Network Inventory: It assists in creating an inventory of network assets, including

hardware devices, software services, and their configurations.

Firewall Testing: Nmap can be used to test the effectiveness of firewall rules and policies
by scanning for open and filtered ports.

Advantages :

Versatility: Nmap supports a wide range of scanning techniques, protocols, and operating
systems, making it suitable for diverse network environments.

Efficiency: It is fast and efficient, capable of scanning large networks quickly consuming
minimal network bandwidth and system resources.

Accuracy: Nmap provides detailed information about discovered hosts, services, and their
configurations, aiding in precise network analysis.

Open Source: Being open-source software, Nmap is freely available, regularly updated,
and supported by a vibrant community of developers and users.

Scripting Engine: Nmap's scripting engine (NSE) allows users to extend its functionality
through custom scripts for specialized tasks and automation.

Cross-Platform: Nmap is available for various operating systems, including Linux

Windows, and macOS, ensuring compatibility across different platforms.
Title : Phish Report

Introduction to Phish Report Tool :

The Phish Report Tool is a valuable asset in the cybersecurity landscape, specifically designed to
combat phishing attacks. Phishing remains one of the most prevalent threats faced by
organizations and individuals alike, making tools like Phish Report crucial for early detection
and mitigation.

Used for :

1. Phishing Incident Management: The primary function of the Phish Report Tool is to
facilitate the reporting and management of phishing incidents. It empowers users to easily report
suspicious emails or links, providing security teams with vital information to investigate and
respond to potential threats.

2. Incident Response: Phish Report Tools streamline the incident response process by
centralizing reported phishing attempts. Security teams can quickly assess the reported incidents,
analyze the phishing attempts, and take appropriate actions to mitigate the threat, such as
blocking malicious domains or educating users about phishing awareness.

3. Threat Intelligence: By aggregating data on reported phishing attempts, Phish Report Tools
contribute to the generation of threat intelligence. Analysis of reported incidents can reveal
patterns, trends, and tactics used by attackers, allowing organizations to better understand
evolving threats and enhance their cybersecurity defenses.
4. User Awareness and Training: Phish Report Tools serve as educational tools for promoting
user awareness and training. Users who encounter phishing emails can report them via the tool,
which not only helps in incident response but also reinforces the importance of vigilance and
skepticism when interacting with emails.

Advantages of Phish Report Tool :

1. Early Detection: Phish Report Tools enable early detection of phishing attempts by
empowering users to report suspicious emails promptly. This early warning system allows
security teams to take swift action to prevent potential breaches.

2. Centralized Management: These tools provide a centralized platform for managing reported
phishing incidents, streamlining the incident response process and ensuring that all reported
incidents are appropriately addressed.

3. Data Analysis: Phish Report Tools offer capabilities for analyzing reported incidents,
allowing security teams to extract valuable insights and identify trends in phishing attacks. This
data-driven approach enhances the organization's ability to proactively defend against future
threats.

4. User Engagement: By involving users in the reporting process, Phish Report Tools promote
user engagement in cybersecurity efforts. Users become active participants in the defense against
phishing attacks, contributing to a culture of security within the organization.

5.Integration: Phish Report Tools can be seamlessly integrated with existing security
infrastructure, such as email gateways and security information and event management (SIEM)
systems, enhancing the overall effectiveness of the organization's cybersecurity ecosystem.
Introduction to Kali Linux:

Kali Linux is a widely used open-source penetration testing platform that provides a
comprehensive suite of tools for various cybersecurity tasks. Originally developed from the
Debian Linux distribution, Kali Linux has evolved into a robust operating system specifically
tailored for ethical hacking, penetration testing, and digital forensics.

Used for:

1. Penetration Testing: Kali Linux is primarily used for conducting penetration tests, which
involve simulating real-world cyber attacks to identify vulnerabilities in computer systems,
networks, and applications. The extensive collection of tools included in Kali Linux enables
security professionals to assess the security posture of target systems effectively.

2. Ethical Hacking: Security professionals and ethical hackers leverage Kali Linux to identify
and exploit security weaknesses in systems and networks ethically. By employing various tools
and techniques available in Kali Linux, they can identify potential security flaws before
malicious actors exploit them.

3. Digital Forensics: Kali Linux is equipped with tools for digital forensics and incident
response. Forensic analysts use Kali Linux to gather, analyze, and interpret digital evidence from
computers, storage devices, and network traffic to investigate cyber crimes and security
incidents.
4. Security Research and Education: Kali Linux serves as a valuable platform for security
researchers and students to learn about cybersecurity concepts, techniques, and methodologies.
The availability of diverse tools and resources in Kali Linux enables hands-on experimentation
and learning in a controlled environment.

Advantages of Kali Linux:

1. Comprehensive Toolset: Kali Linux provides a vast array of pre-installed tools for
penetration testing, ethical hacking, and digital forensics, eliminating the need for security
professionals to manually install and configure individual tools.

2. Regular Updates: The Kali Linux development team regularly updates the distribution with
new features, tools, and security patches to ensure that security professionals have access to the
latest tools and techniques for cybersecurity tasks.

3. Customization: Kali Linux offers extensive customization options, allowing users to tailor the
operating system to their specific requirements and preferences. Users can install additional
tools, customize the user interface, and configure system settings according to their needs.

4. Community Support: Kali Linux benefits from a large and active community of security
professionals, developers, and enthusiasts who contribute to its development, provide support,
and share knowledge and resources through forums, mailing lists, and online communities.

5. Legal and Ethical Framework: Kali Linux is developed and maintained with a strong
emphasis on legal and ethical use. It is intended for use by security professionals, ethical hackers,
and researchers who adhere to ethical guidelines and legal requirements when conducting
security assessments and tests.
Implementation of NMAP Tool :

Objective:

The implementation of Nmap aims to perform comprehensive network reconnaissance to

identify hosts, open ports, and services on the target network.

Setup and Installation:

Nmap was installed on a designated system running Linux (Ubuntu 20.04) to serve as the
scanning platform.

Installation was conducted following the official documentation provided by the Nmap project.

Command-Line Usage:

Command-line syntax and options were explored to understand how to configure and execute
Nmap scans effectively.

Initial scans were conducted using basic scan types to discover live hosts and open TCP ports
within the specified network range.

Exploration of Scan Techniques:

Different scan techniques were tested to evaluate their effectiveness and efficiency in gathering
network intelligence.

Notable scan types included TCP Connect Scan (-sT), SYN Stealth Scan (-sS), and Service
Version Detection (-sV).

Output Analysis:

Output from Nmap scans was analyzed to extract relevant information about discovered hosts,
open ports, and detected services.
Attention was given to identifying potential vulnerabilities, misconfigurations, and security risks
based on the scan results.

Customization and Optimization:

Scans were customized using various options to control scan timing, verbosity, and output
format according to specific requirements.

Timing templates (-T) were adjusted to balance scan speed and stealthiness while minimizing the
impact on network resources.

Security Considerations:

Nmap scans were conducted responsibly and in compliance with legal and ethical guidelines
governing network scanning activities.

Authorization was obtained prior to scanning networks to ensure alignment with organizational
policies and regulations.

Documentation and Reporting:

Detailed documentation was maintained throughout the implementation process, including scan
configurations, results, and any notable observations.

A comprehensive report summarizing the findings from Nmap scans was generated, highlighting
key insights and recommendations for improving network security posture.
 RESULTS WITH SCREENSHOTS

NMAP

Here , first we need to give a port number then we need to select scan option. After the scanning

if we get the alert Nmap done means everything is fine and all good otherwise there vulnerability
in that port
Enter the target IP address or hostname in the "Target" field at the top of the Zenmap window.

You can also specify a range of IP addresses or subnets.

In the "Profile" section, you can choose predefined scan profiles or customize your scan by

clicking on the "Profile" drop-down menu and selecting "Custom."

Once you've selected "Custom," you can specify the ports you want to scan in the "Port range

" field. You can enter single ports, ranges, or lists of ports separated by commas.
In Nmap's graphical interface, Zenmap, the "Topology" tab provides a graphical

representation of network topology based on scan results. Hosts are depicted as nodes, with

connections between them showing relationships like network connectivity and

communication patterns. This visual map helps users understand network structure, identify

devices, and analyze network relationships. Users can interact with the diagram, zooming,

panning, and selecting nodes for detailed information like IP addresses, MAC addresses, open

ports, and services. This feature aids in network reconnaissance, vulnerability assessment,

and security analysis by providing a clear, intuitive view of the network layout and

interconnections.
Above picture is regular scanned
 CONCLUSION

In conclusion, Nmap stands out as a versatile and indispensable tool for network

reconnaissance, vulnerability assessment, and security auditing. Its command-line interface

offers extensive flexibility and customization options, allowing users to tailor scans to their

specific needs. Additionally, the graphical interface provided by Zenmap enhances usability,

By leveraging Nmap's capabilities, security professionals can gain valuable insights into

network infrastructure, identify potential security risks, and make informed decisions to

enhance overall security posture. From basic port scanning to advanced service detection and

network mapping, Nmap provides a comprehensive toolkit for understanding and securing

However, it's crucial to use Nmap responsibly and ethically, ensuring compliance with legal

and regulatory requirements governing network scanning activities. By following best

practices and obtaining proper authorization before conducting scans, users can harness the

power of Nmap effectively while minimizing potential risks and liabilities.

Overall, Nmap remains an essential asset in the cybersecurity toolkit, empowering

organizations and individuals to proactively identify and mitigate security threats in today's
GEO TAGGED PHOTOS