CYBER SECURITY

A TECHNICAL REPORT

Submitted in partial fulfillment of the requirements to

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

KAKINADA

For the award of the degree

BACHELOR OF TECHNOLOGY

In

COMPUTER SCIENCE & ENGINEERING

2024-2025

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

SWARNANDHRA INSTITUTE OF ENGINEERING AND

TECHNOLOGY

(Approved by AICTE & Affiliated to JNTUK)

Seetharampuram, Narasapur-534280
 DEPARTMENT OF COMPUTER SCIENCE AND ENGINERING
SWARNANDHRA INSTITUTE OF ENGINERING AND TECHNOLOGY
Approved by AICTE, Accredited by NACC & Affiliated to JNTUK- Kakinada Seetharampuram,
Narsapur-534275, West Godavari (Dist.), AP.

CERTIFICATE
This is to certify that the project report entitled “IIDT – APSCHE | BLACKBUCKS
SHORT INTERNSHIP REPORT” is a bonafied work done by Name Roll Number submitted
in partial fulfillment of the requirement for the award of the degree of Bachelor of Technology
in Department of COMPUTER SCIENCE AND ENGINEERING, during the academic year
2024-2025.

Internship Guide Head of the Department

Mrs. , Mrs. ,
Assistant Professor Associate Professor

External Examiner
 DECLARATION
I CERTIFY THAT

a. The internship contained in the report is original and has been done by me under the
guidance of my supervisor.
b. The work has not been submitted to any other University for the award of any degree
or diploma.
c. The guidelines of the college are followed in writing the internship report.

Date: Name:
 INDEX
S.no. CONTENTS PAGENo.

1 1
Introduction to Cyber Security

2
Networking Fundamentals 2

3 Operating Systems Fundamentals 3

4 Footprinting & Reconnaissance 4

5 Enumeration & Scanning 5

6 Introduction to Web Application Security 6

7 Ethical Hacking Tools & Techniques 7

8 Course Wrap-up & Next Steps 8

Week 1:

Topic Description:
Introduction to Cyber Security

Covered:
Exploring Information Security: Concepts, Case Studies, and Core Principles

In week 1,
This comprehensive module provides a foundational understanding of cybersecurity and its critical
role in protecting information assets. Students begin with an introduction to Information Security,
covering its importance, core concepts, and the impact of security breaches on organizations and
individuals
.
The course covers the CIA Triad, a fundamental model in information security that focuses on three
key principles: Confidentiality, Integrity, and Availability. Emphasis is placed on understanding how
these principles guide security measures and policies within organizations.

Additionally, the module explores various threats to organizations, including Botnets and other
malicious activities that compromise security. Students learn about the anatomy of botnets, how they
operate, and their potential impact on network security.
The module also introduces operating system security, providing insights into how operating systems
can be secured against unauthorized access and vulnerabilities.

Case studies are presented to illustrate real-world applications and challenges in cybersecurity,
highlighting the significance of effective security measures and the consequences of security failures.
These case studies provide practical examples of how theoretical concepts are applied in various
scenarios, reinforcing the importance of comprehensive security strategies.

By the end of this module, students are equipped with a deep understanding of fundamental
cybersecurity concepts, the core principles of the CIA Triad, and practical knowledge of operating
system security and botnet threats. This comprehensive knowledge prepares them for advanced study
and application in the field of cybersecurity.
.

Reference Video URL: http://www.youtube.com/live/-UyioJA2mko?si=DPxC02qjLM5kl909

Exams: https://taptap.blackbucks.me/hackathon/2173/?testType=13

1
 Week 2:

Topic Description:
Networking Fundamentals
Covered:
5 Phases of Hacking, Ports and Protocols, TCP/UDP Protocols, OSI Model, Introduction to Kali Linux

In Week 2,
A comprehensive examination of the OSI Model (Open Systems Interconnection Model) follows,
breaking down its seven layers and their functions in network communication and security.
Students are introduced to Kali Linux, a widely-used Linux distribution for penetration testing and
security research. Hands-on experience with basic tools and commands in Kali Linux sets the stage for
more advanced security practices.

The module also covers Network Topology, discussing different Types of Topologies such as bus, star,
ring, and mesh, along with their advantages and disadvantages. IP Addresses and Subnetting are
explored to understand network addressing and the division of networks into sub-networks.
An Introduction to Firewalls is provided, explaining their role in protecting networks from unauthorized
access and threats. Different types of firewalls and their configurations are discussed.

Further, the course introduces Intrusion Detection Systems (IDS) and Intrusion Prevention Systems
(IPS), explaining how these systems monitor and respond to network threats. The differences between
IDS and IPS, along with their deployment, are thoroughly covered.
Proxies are also discussed, detailing their function as intermediaries between end-users and the internet,
providing security and anonymity. The module revisits Firewalls, diving into more advanced
configurations, rules, and policies.

By the end of this module, students will have a robust understanding of the phases of hacking, network
protocols, OSI model, Kali Linux, network topology, IP addressing, subnetting, firewalls, IDS, IPS, and
proxies. This comprehensive knowledge is crucial for securing and managing networks and for
conducting effective penetration testing.

Reference Video URL: h t t p s : / / w w w . y o u t u b e . c o m / l i v e / K v z H 1 J x P z a k ? s i = X A 1 J e s D -

fG0uErVJ
https://www.youtube.com/live/ePgNjn0eyJQ?si=-YxMMLgIagglnWzs
https://www.youtube.com/live/iLw-FlnpdK0?si=jmD3vaM3UmLWCYav

Exams: https://taptap.blackbucks.me/hackathon/2189/?testType=13
https://taptap.blackbucks.me/hackathon/2254/?testType=13
https://taptap.blackbucks.me/hackathon/2279/?testType=13

2
Week 3:

Topic Description:
Operating Systems Fundamentals

Covered:
Introduction to Topology, Types of Topologies, IP Addresses, Subnetting, Introduction to
Firewalls

In Week 3,
This module focuses on security systems and operating system fundamentals.
IDS and IPS: Learn about Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS),
including Network-Based (NIDS) and Host-Based IDS (HIDS).

Packet Filtering, Proxy, Stateful Firewall: Understand how packet filtering, proxies, and stateful
firewalls protect networks by managing traffic.

Windows OS: Explore Windows OS architecture, including key components and security features.
Operating System Security: Study user interfaces, file systems, and tools for managing Windows and
Linux systems. Review common vulnerabilities and security features.

Reconnaissance: Introduction to footprinting and reconnaissance, covering methods for gathering

information. Learn about active and passive info gathering, using search engines and tools like
WHOISLOOKUP and sublist3r to collect details on domains and IPs.

By the end of this week, students will grasp IDS/IPS functions, network security mechanisms, Windows
OS architecture, operating system vulnerabilities, and essential reconnaissance techniques.

Reference Video URL:

https://www.youtube.com/live/SwArFW1syPA?si=LCIVNXvJH659W9Ms

https://www.youtube.com/live/f93SzLzf1Yo?si=FSxK869ijZVvdvBp

Exams: https://taptap.blackbucks.me/hackathon/2294/?testType=13
https://taptap.blackbucks.me/hackathon/2298/?testType=13

3
 Week 4:

Topic Description:
Footprinting & Reconnaissance
Covered:
Virtualize Kali, learn VirtualBox, VMware, use enumeration tools like Photon, explore domain
registries, exploit Google Dorks and Shodan, find IoT devices, use Maltego

In week 4,

This module dives into advanced tools and techniques for vulnerability assessment and information
gathering. Students start with the Installation of Kali Linux through Virtualization, using platforms like
VirtualBox and VMware to create a controlled environment for penetration testing.

The course covers Enumeration Tools in Kali Linux, including hands-on practice with the 'Photon'
enumeration tool, which helps in collecting information about domain names and web applications.
Students learn how to use these tools to gather detailed information efficiently.

An important aspect of this week involves understanding Global Domain Name Registries and gathering
vulnerable information through Google Dorks, leveraging resources like Exploit DB. Students practice
finding vulnerable information on the internet and gathering locations, vulnerabilities, and IP addresses of
IoT devices using SHODAN, a search engine for internet-connected devices.

The module also introduces the Maltego Tool, a powerful information-gathering tool used to map out
relationships between individuals and organizations. Students learn how to use Maltego to gather and
visualize data effectively, enhancing their ability to perform comprehensive reconnaissance.

By the end of this week, students will be proficient in setting up and using Kali Linux and various tools for
advanced information gathering and vulnerability assessment. This knowledge equips them with practical
skills for identifying and exploiting security weaknesses in real-world scenarios.

Reference Video URL:

https://www.youtube.com/live/ZH171CVNhvI?si=Xv0CaGNj_p5r0MIq

Exams: https://taptap.blackbucks.me/hackathon/2421/?testType=13
https://taptap.blackbucks.me/hackathon/2376/?testType=13

4
Week 5:

Topic Description:
Enumeration & Scanning
Covered:
Network scanning, vulnerability assessment, Nmap, OSI layers, TCP/UDP, enumeration,
DNS, NetBIOS, vulnerability types, scanning tools (Nikto), false positives/negatives

In Week 5,

This module provides an in-depth look at network scanning, enumeration, and vulnerability assessment,
crucial for identifying and addressing network security issues.
Students start with Scanning Network OSI Layers, learning how to analyze each layer to detect
potential vulnerabilities. The module covers TCP/UDP Packets Explanation, detailing how these
protocols facilitate communication across networks and how they can be scrutinized for security
purposes.

A key focus is on Nmap, a powerful network scanning tool. Students gain practical experience in using
Nmap to discover hosts, services, and open ports, and to identify vulnerabilities in networked systems.
The course then explores Enumeration, including various Enumeration Protocols and DNS
Enumeration, to gather detailed information about network resources and services. Tools like nbtscan
are used for network enumeration to uncover additional details about networked devices and their
configurations.

Vulnerability Assessment is introduced, with a focus on its types, including network, web application,
and host assessments. Students learn to use Vulnerability Scanning Tools such as Nikto, which
identifies security vulnerabilities in web servers and applications.
By the end of this module, students will have a comprehensive understanding of network scanning
techniques, enumeration methods, and vulnerability assessment practices. This knowledge equips them
with the skills to conduct thorough security assessments and improve network defenses.

Reference Video URL: h t t p s : / / y o u t u . b e / R d 9 _ F w -

_mbk?si=9WNWzbv5CBME-UJL

Exams: https://taptap.blackbucks.me/hackathon/2394/?testType=13
https://taptap.blackbucks.me/hackathon/2423/?testType=13

5
Week 6:

Topic Description:
Introduction to Web Application Security
Covered:
Introduction to Web Applications, Web Application Attacks, Countermeasures for DDoS, OWASP
Top 10 Vulnerabilities, Introduction to Metasploit, SQL Injection, FTP and SMB Vulnerability

In Week 6,

This module focuses on securing web applications and managing vulnerabilities. Students begin with an
Introduction to Web Applications, learning about their structure and functionality. The course then
covers Web Application Attacks, highlighting common threats and vulnerabilities.

Countermeasures for DDoS (Distributed Denial of Service) attacks are explored, providing strategies
to mitigate and protect against such threats. The OWASP Top 10 Vulnerabilities are examined, detailing
the most critical web application security risks and best practices for prevention.

An Introduction to Metasploit follows, offering a comprehensive guide to this powerful penetration

testing framework. Students gain hands-on experience with Metasploit, learning to exploit vulnerabilities
and conduct security assessments.

The module delves into specific vulnerabilities including SQL Injection, FTP Vulnerability Access, and
SMB (Server Message Block) Vulnerability Access. Practical exercises demonstrate how attackers
exploit these weaknesses and how to secure them.

Cross-Site Scripting (XSS) attacks are also covered, with a focus on how these attacks can be used to
inject malicious scripts into web applications and the countermeasures to prevent them.

By the end of this week, students will have a thorough understanding of web application security,
common attacks, and practical tools like Metasploit. They will be equipped with the knowledge to address
vulnerabilities and implement effective security measures to protect web applications.

Reference Video URL:

https://www.youtube.com/live/eCL4rcCLXrg?si=KT9M9
oMHKY8eXXS9
https://youtu.be/spQl6WM6CYI?si=lAtmTykrhdAPxrpg

Exams: https://taptap.blackbucks.me/hackathon/2419/?testType=13
https://taptap.blackbucks.me/hackathon/2439/?testType=13

6
Week 7:

Topic Description:
Ethical Hacking Tools & Techniques

Content:
Information gathering, WHOIS, domain registration,OWASP top 10, web application
security, DoS/DDoS, Nikto, vulnerability assessment.

In Week 7, students delve into advanced information gathering and vulnerability assessment
techniques essential for cybersecurity professionals.
The module begins with Information Gathering, utilizing tools like WHOIS Lookup to gather
domain registration details and Google Dorking for advanced search queries to uncover sensitive
information. Exploit DB provides access to a repository of known vulnerabilities, aiding in the
identification of potential threats.

Shodan and Maltego are introduced for IoT hacking and comprehensive information gathering,
respectively. Nmap is covered for network scanning, revealing open ports and services. For DNS
enumeration, DNSRECON and DNSENUM are used to identify and analyze DNS records.

The course also explores SQL Injection Attacks, a critical web application vulnerability where
malicious SQL queries manipulate databases. OWASP’s Top 10 Vulnerabilities provide a
framework for understanding common security issues in web applications, including DOS (Denial
of Service) and DDOS (Distributed Denial of Service) attacks that overwhelm services.

Students learn to use Nikto, a vulnerability scanning tool that identifies web server vulnerabilities.
The module emphasizes Vulnerability Assessment and Analysis, teaching methods to evaluate
and prioritize security risks.

By the end of this module, students will have a comprehensive understanding of advanced
information gathering techniques, key tools for vulnerability assessment, and strategies for
securing web applications and networks.

Reference Video URL:

https://www.youtube.com/live/sw4cpu1jfqM?si=B_y2bSJ7O3llF4Bs

Exams:https://taptap.blackbucks.me/hackathon/2858/?testType=13
https://taptap.blackbucks.me/hackathon/2892/?testType=13
7
Week 8:

Topic Description:
Course Wrap-up & Next Steps

Covered:
Recap
In Week 8,

We wrap up the course with a comprehensive review of key cybersecurity concepts and practical skills.
The week begins with a recap of fundamental topics, including the OSI Model, Network Topologies,
and Internet Protocol. We revisit Firewalls and IDS/IPS, exploring DHCP Servers and their role in
network security. Students review different Types of Firewalls and Operating Systems, and identify
common Vulnerabilities.

Advanced topics covered include DOS and DDOS attacks, the OWASP Top 10 Vulnerabilities, and
practical exercises on SQL Injection using DVWA and Metasploitable environments. Students engage
in hands-on learning with XSS (Cross-Site Scripting), SMB Exploitation in Kali Linux, and FTP
Exploitation using Metasploit.

The course also revisits earlier topics such as Information Security, the CIA Triad, Threats for
Organizations, and the 5 Phases of Ethical Hacking. Key concepts like Ports and Protocols, TCP &
UDP Protocols, IP Addresses, and Footprinting and Reconnaissance are reviewed. We cover practical
skills such as Registering Domains, differentiating Public and Private Info, and techniques in
Scanning and Enumeration.

Finally, students receive Cybersecurity Job Guidance, preparing them for career opportunities in the
field.
This week consolidates knowledge from across the course, integrating theory with practical skills to
prepare students for real-world cybersecurity challenges.

Reference Video URL:

https://www.youtube.com/live/sw4cpu1jfqM?si=B_y2bSJ7O3llF4Bs

Exams: https://taptap.blackbucks.me/hackathon/2900/?testType=13
https://taptap.blackbucks.me/hackathon/2909/?testType=81

8
SDST-28699

1-Jul-2024