A

PROJECT REPORT
ON

CYBER TOOL FOR DIGITAL FORENSIC INVESTIGATION

DEVELOPED BY

Pratiksha Bombale 05
Preeti Bhoge 42
Shravani Adhav 44

UNDER THE GUIDANCE OF

MS. A.D. MATE

IN PARTIAL FULFILLMENT OF
DIPLOMA IN COMPUTER TECHNOLOGY
2024-2025

SINHGAD TECHNICAL EDUCATION SOCITY’S

SOU. VENUTAI CHAVAN POLYTECHNIC, PUNE-411041

MAHARASHTRA STATE BOARD OF TECHNICAL EDUCATION, MUMBAI
 Sinhgad Technical Education Society’s

SOU.VENUTAI CHAVAN POLYTECHNIC PUNE – 411041

CERTIFICATE

THIS IS TO CERTIFY THAT

Pratiksha Bombale 05
Preeti Bhoge 42
Shravani Adhav 44

OF THIRD YEAR DIPLOMA IN COMPUTER TECHNOLOGY HAVE SUCCESSFULLY

COMPLETED CAPSTONE PROJECT

CYBER TOOL FOR DIGITAL FORENSIC INVESTIGATION

IN PARTIAL FULFILLMENT OF
ACADEMIC REQUIREMENT FOR THE YEAR

2024-25
AS PRESCRIBED BY
MAHARASHTRA STATE BOARD OF TECHNICAL EDUCATION, MUMBAI

DATE: PLACE:
Pune

Ms. A. D. Mate Mrs. S. S. Kadam Mrs. A. V. Kurkute Dr. (Mrs.) M. S. Jadhav

(Project Guide) (Project Coordinator) (Head of Department) (Principal)

 ANNEXURE A

Certificate

This is to certify that Ms. Pratiksha Prakash Bombale from Sou. Venutai Chavan
Polytechnic having Enrollment No. 2200400277 has completed Project of Final Year having
Title “Cyber Tool for Digital Forensic Investigation” during Academic Year 2024-2025. The
project completed in a group consisting of four candidates under the guidance of the Faculty
Guide.

--------------------------------------------
Name and Signature of Guide

Ms. A. D. Mate
 ANNEXURE A

Certificate

This is to certify that Ms. Preeti Dattatraya Bhoge from Sou. Venutai Chavan Polytechnic
having Enrollment No. 2200400368 has completed Project of Final Year having Title

“Cyber Tool for Digital Forensic Investigation” during Academic Year 2024-2025. The
project completed in a group consisting of four candidates under the guidance of the Faculty
Guide.

--------------------------------------------
Name and Signature of Guide

Ms. A. D. Mate
 ANNEXURE A

Certificate

This is to certify that Ms. Shravani Hanumant Adhav from Sou. Venutai Chavan
Polytechnic having Enrollment No. 2200400373 has completed Project of Final Year having
Title “Cyber Tool for Digital Forensic Investigation” during Academic Year 2024-2025. The
project completed in a group consisting of four candidates under the guidance of the Faculty
Guide.

--------------------------------------------
Name and Signature of Guide

Ms. A. D. Mate
 ACKNOWLEDGEMENT

"I'm really grateful to the many people who helped me create the ‘Cyber Tool for Digital
Forensic Investigation’ project. Just like any project, it took some smarts, hard work, and
planning to get it done. But along the way, we learned even more than we expected. Not only did
it improve our thinking skills, but it also showed us how important it is to work together as a team.
A project this good wouldn't have been possible without everyone who pitched in, including the
people who shared their knowledge and helped guide us."

First and foremost, I would wish to record my gratitude and thanks to Ms. A. D. Mate, our mentor,
for her essential assistance, encouragement, and direction in successful completion of project. I
express my thanks to Dr. (Mrs.) M. S. Jadhav (Principal), Prof. A. V. Kurkute (Head of
Department, Computer Technology) and Mrs. S. S. Kadam (Project Coordinator) for their
valuable guidance. I am also thankful to other teachers and non-teaching staff of Computer
Technology Department and Library for their cooperation and help.

Lastly, I need to extend my thanks to all those, who helped us directly or indirectly in completing
this team project.

PRATIKSHA BOMBALE
PREETI BHOGE
SHRAVANI ADHAV
 ABSTRACT

The evolution of cyber tools for digital forensic investigations has

paralleled the increasing complexity of cybercrime. Originating in the 1970s and
1980s, early digital crimes such as hacking and financial fraud posed significant
challenges due to the absence of standardized methods for data retrieval and
analysis. The rise of the internet in the 1990s spurred the development of
foundational forensic tools like EnCase and Forensic Toolkit (FTK), enabling the
recovery and examination of digital evidence.
The 2000s introduced new complexities with the advent of mobile
devices, cloud computing, and data encryption, prompting advancements in
forensic tools to accommodate diverse digital sources. As legal frameworks
matured, they provided clearer guidelines for the admissibility of digital evidence
in court. In the present day, cyber forensic tools leverage artificial intelligence,
machine learning, and big data analytics to address emerging threats, including
Internet of Things (IOT) forensics and Blockchain analysis. These tools have
become indispensable in modern cybercrime investigations, offering enhanced
accuracy, speed, and adaptability.
 INDEX
SR.NO TITLE PAGE NO.
1 INTRODUCTION AND BACKGROUND
1.1 Introduction 1
1.2 Background 2
2 LITERATURE SURVEY & PROBLEM
2.1 Literature Survey 3
2.2 Problem Definition 5
3 SCOPE OF THE PROJECT & METHODOLOGY
3.1 Project Methodology 6
3.2 Project Workflow 8
3.3 Hardware and Software 10
3.4 Advantages of Project 10
4 DETAILS OF DESIGN, WORKING, AND PROCESS
4.1 Architecture of the Project 11
4.2 Data Flow Diagram 12
4.3 UML Diagrams 14
4.4 Activity Diagram 17
5 RESULT AND APPLICATION
5.1 Screenshots & Model Designs 18
5.2 Applications of the Project 19
5.3 Test Cases 21
6 CONCLUSION AND FUTURE SCOPE
6.1 Conclusion 23
6.2 Future Scope & Limitations 24
7 REFERENCES AND BIBLIOGRAPHY
7.1 IEEE Papers 25
7.2 Books 26
7.3 Website Links 26
8 CERTIFICATES & PUBLISHED PAPERS
8.1 Certificate 27
8.2 Published papers with certificates 31
 INDEX OF TABLE

SR.NO. TABLE NAME PAGE NO.

3.1 Project Methodology 6
3.2 Project Workflow 8
3.3 Hardware and Software 10
3.4 Advantages of project 10

INDEX OF FIGURE

SR.NO. NAME OF THE FIGURE PAGE NO.

4.1 Architecture of Project 11
4.2 Data Flow Diagram 12
4.3 UML Diagram 14
4.3.1 Class Diagram 14
4.3.2 Sequence Diagram 15
4.3.3 Use Case Diagram 16
4.4.1 Activity Diagram 17
 CHAPTER 1
INTRODUCTION AND BACKGROUND
 CHAPTER 2
LITERATURE SURVEY AND PROBLEM
 CHAPTER 3
SCOPE OF THE PROJECT AND METHODOLOGY
 CHAPTER 4
DETAILS OF DESIGN, WORKING, AND PROCESS
 CHAPTER 5
RESULT AND APPLICATIONS
 CHAPTER 6
CONCLUSION AND FUTURE SCOPE
 CHAPTER 7
REFERENCES AND BIBLIOGRAPHY
 CHAPTER 8
CERTIFICATES AND PUBLISHED PAPER
 Cyber Tool for Digital Forensic Investigation

1. Introduction and Background

1.1 Introduction

In today’s hyper-connected digital era, the risk of cyber threats such as spam files, phishing
websites, and insecure WiFi networks has significantly increased. With smartphones becoming
central to both personal and professional activities, the need for mobile cybersecurity solutions is
more crucial than ever. Cyber Shield is a smart Android application designed to tackle these
challenges by offering users real-time detection of potential cyber threats. The app empowers
individuals to proactively assess the safety of files, websites, and wireless networks directly from
their mobile devices. By integrating multiple layers of security checks into a user-friendly
interface, Cyber Shield provides a comprehensive approach to everyday digital protection.
This project leverages modern Android development practices and backend integration to deliver
efficient and reliable threat analysis. Whether it’s identifying spam files, checking the security
posture of a website, or analyzing WiFi safety, Cyber Shield acts as a digital shield—enhancing
user awareness and promoting secure online behavior. Cyber tools for digital forensic
investigation have developed in response to the growing complexity of cybercrime, starting with
the rise of computers in the 1970s and 1980s. Initially, crimes like financial fraud and hacking
were difficult to investigate due to the lack of standardized methods or tools to retrieve and analyze
digital data.
As the internet expanded in the 1990s, the need for specialized tools became urgent, leading to
the creation of early forensic software like EnCase and Forensic Toolkit (FTK). These tools
enabled investigators to recover deleted files, examine file systems, and present digital evidence
in court. The 2000s saw the increasing importance of mobile devices, cloud computing, and
encrypted data in investigations.
This prompted the development of more advanced cyber forensic tools capable of extracting data
from a wider range of sources, including smartphones, social media platforms, and cloud storage.
Alongside technological advances, the legal framework for handling and presenting digital
evidence became more structured, ensuring that evidence could meet judicial standards. Today,
with the integration of AI, machine learning, and big data analytics, cyber forensic tools are more
powerful and efficient. They can handle new challenges such as Internet of Things (IoT) forensics
and blockchain investigations, making them crucial in combating modern cybercrime.

Department of Computer Technology (2024-25) 1

 Cyber Tool for Digital Forensic Investigation

1.2 Background

As digital dependence grows, so does the surface area for cyberattacks. Every day, users
unknowingly download malicious files, visit phishing websites, or connect to unprotected WiFi
networks, exposing themselves to data breaches, identity theft, and financial loss. Traditional
cybersecurity tools, while powerful, are often complex and designed for desktop environments,
leaving mobile users vulnerable. With the widespread use of Android smartphones, there is a
pressing need for security solutions that are both accessible and effective on mobile platforms.
Many users lack the technical knowledge to evaluate digital threats manually, creating a demand
for automated, intelligent tools that can analyze risks in real-time without overwhelming the user.
CyberShield was conceptualized to fill this gap. It aims to simplify mobile cybersecurity by
providing quick and accurate assessments of files, websites, and wireless networks. By offering
these features in a single Android application, the project addresses the increasing need for on-the-
go digital protection in a convenient and intuitive format. As cyber threats continue to evolve in
complexity and frequency, the demand for advanced digital forensic tools has never been more
critical. Modern investigative efforts must encompass multiple vectors of attack, including web-
based vulnerabilities, wireless network exploits, and malicious file distribution. Traditional tools
often fall short in addressing these diverse areas in a unified manner. To bridge this gap, the
proposed cyber tool integrates three core capabilities essential to comprehensive digital forensic
investigation:
Website Security Analysis: Scans websites for vulnerabilities such as SQL injection, cross-site
scripting (XSS), and outdated software components, aiding in the identification of attack surfaces
exploited by threat actors.
WiFi Network Analysis: Monitors wireless network traffic to detect unauthorized access, packet
sniffing, and potential man-in-the-middle attacks, ensuring the integrity of digital evidence and
network security.
File Detection and Analysis: Detects and analyzes suspicious or malicious files, including
executables and document-based threats, using signature-based and heuristic techniques to
uncover hidden malware or data exfiltration attempts.

Department of Computer Technology (2024-25) 2

 Cyber Tool for Digital Forensic Investigation

2. Literature survey and Problem Definition

2.1 Literature survey

[1] Vihara Fernando [email protected] Department of Computer Systems Engineering,

Faculty of Graduate Studies and Research, Sri Lanka Institute of Information Technology,
New Kandy Road, Malabe. “Cyber Forensics Tools: A Review on Mechanism and Emerging
Challenges”
With the development of technology, “Data”, also interpreted as “Information” has become a
major role played in the field of Cyber Forensics. One of the most crucial incidents which needs
data to be important is, when it is taken as evidence in cyber-crimes. These crimes can be occurring
in the fields of digital media and network in many instances related to crime scenes. Crime and
forensic both investigators need the help of digital forensics

[2] Mary Geddes De Montfort University Leicester, UK Dr Pooneh Bagheri Zadeh De

Montfort University Leicester, UK “Forensic Analysis of Private Browsing”
Private browsing is popular for many users who wish to keep their internet usage hidden from
other users on the same computer. This research examines what artefacts are left on the users’
computer using digital forensic tools. The results from this research help inform recommendations
for forensic analysts on ways to analyse private browsing artefacts.

[3] Ifeoma U. Ohaeri1 Computer Science Department North-West University Mafikeng

North-West Province, South Africa Bukohwo M. Esiefarienhe2 Computer Science
Department North-West University Mafikeng North-West Province, South Africa Digital
“Forensic Process Model for Information System and Network Security Management”
The huge dependence on systems and networks for effective operation at all levels has heightened
the rate of systems and networks attacks. Attackers do lunch attacks without the fright of their
actions being traceable. This has made safety and security a global concern. There is need to
revolutionize security measures consistently in other to effectively combat cyber-attacks and
crimes by designing a Digital Forensic process model with the various relevant phases that can be
used to extract digital evidences by investigating digital information, produced, stored, or
transmitted by computers or electronic devices for legal proceedings. This measure will greatly
improve cyber security and combat cybercrimes.

Department of Computer Technology (2024-25) 3

 Cyber Tool for Digital Forensic Investigation

[4] Arjun Anand V,Buvanasri A K,Meenakshi R,Karthika S, Ashok Kumar Mohan,2020 4th
International Conference on Computer, Communication and Signal Processing (ICCCSP)
Year: 2020 “PeopleXploit: A hybrid tool to collect public data ”Year: 2020
This paper introduces the concept of Open Source Intelligence (OSINT) as an important
application in intelligent profiling of individuals. With a variety of tools available, significant data
shall be obtained on an individual as a consequence of analyzing his/her internet presence but all
of this comes at the cost of low relevance. To increase the relevance score in profiling,
PeopleXploit is being introduced. PeopleXploit is a hybrid tool which helps in collecting the
publicly available information that is reliable and relevant to the given input.

[5] S. Al Sharif1, M. Al Ali1, N. Al Reqabi1, F. Iqbal1, T. Baker2, A. Marrington1 1College of

Technological Innovation, Zayed University, UAE 2Department of Computer Science,
Liverpool John Moores University, UK “Magec: An Image Searching Tool for Detecting
Forged Images in Forensic Investigation”
Manipulation of digital images for the purpose of forgery is a rapidly growing phenomenon that
poses a challenge for cyber-crime investigators. Distinguishing original images from duplicates
and the number of original copies within the same media are some examples of challenges
presented by duplicate digital images. In this paper, we present a new image searching tool called,
Magec, to detect duplicate image(s) on digital media, using the original image modification
attributes as a signature. First, we describe the tool and the methods used to detect duplicate
images, then we evaluate the tool’s performance based on the number of folders it searches and
the number of files it searches for.

Department of Computer Technology (2024-25) 4

 Cyber Tool for Digital Forensic Investigation

2.2 Problem Definition

In the modern digital landscape, users are constantly exposed to a wide range of cyber threats—
whether through downloading files, browsing unverified websites, or connecting to unsecured
public WiFi networks. While desktop cybersecurity solutions exist, mobile users often lack the
tools and awareness to detect and respond to these threats effectively.
Several challenges contribute to this problem:
• Lack of awareness: Many users are unaware of the security risks associated with spam files,
unsafe websites, and open WiFi networks.
• Limited mobile tools: Existing security apps are often fragmented, focusing on a single type
of threat or requiring advanced technical knowledge.
• Complexity of manual analysis: Verifying a file’s safety, a website’s security posture, or a
network’s encryption settings manually is not practical for the average user.
• Increased mobility: With users frequently accessing sensitive data on the move, especially over
public WiFi, the risk of cyberattacks is higher.
These issues underline the need for a unified, mobile-friendly solution that can automatically
detect and report potential threats across files, websites, and networks. CyberShield addresses this
problem by providing an all-in-one Android application that offers real-time detection and security
analysis with minimal user effort.

Department of Computer Technology (2024-25) 5

 Cyber Tool for Digital Forensic Investigation

3. Scope of the Project and Methodology

3.1 Project Methodology

The development of CyberShield follows a modular and systematic approach, combining mobile
application development with backend server integration to deliver real-time threat detection
capabilities. The methodology can be broadly categorized into three key phases: requirement
analysis, design and development, and testing and deployment.

1. Requirement Analysis
This initial phase involved identifying the core functionalities needed to address the cybersecurity
challenges faced by mobile users. Based on user behavior and common threat vectors, the
application was designed to focus on three primary domains:

• File spam and malware detection

• Website security analysis
• WiFi network vulnerability assessment

Relevant technologies and tools were also selected at this stage, including Android Studio (Java)
for the frontend and Flask (Python) for backend services.

2. System Design and Development

The system architecture was divided into two components:

• Frontend (Mobile Application): Developed using Java in Android Studio, this component
handles user interactions and displays the analysis results in a user-friendly format. Key
functionalities include file upload, URL input, and WiFi network scanning.

• Backend (Server Processing): Implemented using Flask, the backend receives data from the
mobile application, performs necessary analyses, and returns threat evaluation results. It
supports:
• Text file spam detection using predefined heuristics or models
• Website analysis through HTTP header checks, SSL certificate validation, and simulated
blacklist detection
• WiFi assessment using network parameters like encryption type and IP configuration
• Communication between the mobile app and backend is handled via RESTful APIs using
OkHttp for reliable and secure data transfer.

Department of Computer Technology (2024-25) 6

 Cyber Tool for Digital Forensic Investigation

3. Testing and Validation

Each module was individually tested to ensure functionality and reliability. Unit testing was
performed on the backend API endpoints, while integration testing verified seamless interaction
between the frontend and backend. The system was evaluated using multiple test cases
representing real-world scenarios, such as:
• Uploading spam and non-spam text files
• Analyzing secure and insecure websites
• Connecting to open and encrypted WiFi networks

4. Deployment and User Feedback

The final application was deployed on an Android device for real-time usage. Feedback from initial
users was used to improve the interface and optimize threat detection algorithms. Future
enhancements were also outlined based on identified limitations and potential areas of growth.

Department of Computer Technology (2024-25) 7

 Cyber Tool for Digital Forensic Investigation

3.2 Project Workflow

The development of CyberShield follows a structured workflow to ensure systematic
implementation and seamless integration of its core functionalities. The workflow is divided into
multiple stages, each addressing a specific aspect of the system, from user input to threat analysis
and result display. Below is a detailed breakdown of the workflow:

1. User Interaction and Input

The application provides three primary features for user interaction:

• File Upload: Users select a .txt file for spam detection.

• Website URL Input: Users enter a website address for security analysis.
• WiFi Network Analysis: The app automatically retrieves information about the connected WiFi
network.

2. Data Collection and Preprocessing

• For file analysis, the selected file is read and sent to the backend server.
• For website analysis, HTTP requests are made to fetch headers, SSL certificate details, and
simulate blacklist and subdomain checks.
• For WiFi analysis, the app collects network parameters such as SSID, signal strength,
encryption type, IP address, DNS server, and gateway.

3. Backend Processing (Server-Side)

• A Flask server receives file or website data through RESTful API calls.
• File content is analyzed using predefined rules or machine learning heuristics to determine if
the file is spam or safe.
• Website data is processed to evaluate:
• SSL/TLS certification
• Security headers (e.g., HSTS)
• Presence on blacklists (simulated)
• Open ports and subdomain vulnerabilities
• WiFi security is assessed locally on the device based on encryption protocols and
network type (e.g., Open, WPA2).

Department of Computer Technology (2024-25) 8

 Cyber Tool for Digital Forensic Investigation

4. Result Generation and Display

After analysis, the backend returns a JSON response with the threat status.
The mobile application processes and displays the result in a clear and informative manner,
indicating whether the input is safe, potentially risky, or unsafe.

5. User Notification and Recommendations

Based on the results, users are alerted with appropriate warnings or confirmations.

The app may suggest actions such as disconnecting from insecure WiFi or avoiding access to
suspicious websites.

Fig 3.1. Project Workflow

Department of Computer Technology (2024-25) 9

 Cyber Tool for Digital Forensic Investigation

3.3 Hardware and Software

Software
• Android Development: Java (Android Studio).
• Networking & Security: HTTPURLConnection, HTTPS detection, API integration.
• Backend for File Spam Detection: Flask (Python) server, OkHttp (for API communication).

Hardware
• Hardware: 2gb RAM
• 2ghz Dual core processor
• 512 GB HDD Storage

3.4 Advantages

• Comprehensive Threat Detection: CyberShield offers three core functionalities—file

spam detection, website security assessment, and WiFi security analysis—providing a
holistic approach to identifying and mitigating cyber threats in real-time.
• Proactive Protection: By detecting malicious files, unsafe websites, and vulnerable
WiFi networks, the app helps users avoid phishing attacks, data breaches, and other
cyber risks before they cause harm.
• WiFi Protection: WiFi analysis helps users avoid unsecured networks, protecting
sensitive data on public or private connections.
• Extensible Features: The app’s modular design (file, website, WiFi analysis) allows
for future enhancements, such as support for additional file types, advanced blacklist
integration, or IoT device security checks.
• Secure Browsing: Website security checks (e.g., SSL, HTTP headers, blacklist
detection) empower users to make informed decisions about the sites they visit.
• File Safety: Users can verify the safety of text files, reducing the risk of downloading
or sharing malicious content.

Department of Computer Technology (2024-25) 10

 Cyber Tool for Digital Forensic Investigation

4. Details of design, working and process

4.1 Architecture of project

Fig 4.1 Architecture

This image illustrates the architecture of a cybersecurity-based Android application. The system is
divided into three main components: the client side, server side, and local device analysis. On the
client side, the Android app includes modules for file scanning, website analysis, and WiFi security
checks. These modules interact with a Flask-based backend on the server side, where the API layer
receives data, the processing layer analyzes it, and a JSON response is sent back to the client.
Additionally, the WiFi security module also performs local analysis directly on the device to ensure
better network protection.

Department of Computer Technology (2024-25) 11

 Cyber Tool for Digital Forensic Investigation

4.2 Data Flow Diagram

Fig 4.2.1 DFD Level 0

Fig 4.2.2 DFD Level 1

Department of Computer Technology (2024-25) 12

 Cyber Tool for Digital Forensic Investigation

User

Fig 4.2.3 DFD Level 2

Department of Computer Technology (2024-25) 13

 Cyber Tool for Digital Forensic Investigation

4.3 UML Diagram

4.3.1 Class Diagram

Website Checker

Fig 4.3.1 Class Diagram

Department of Computer Technology (2024-25) 14

 Cyber Tool for Digital Forensic Investigation

4.3.2 Sequence Diagram

Fig 4.3.2 Sequence Diagram

Department of Computer Technology (2024-25) 15

 Cyber Tool for Digital Forensic Investigation

4.3.3 Use Case Diagram

Fig 4.3.3 Use Case Diagram

Department of Computer Technology (2024-25) 16

 Cyber Tool for Digital Forensic Investigation

4.4 Activity Diagram

4.4.1 Activity Diagram

Fig 4.4.1 Activity Diagram

Department of Computer Technology (2024-25) 17

 Cyber Tool for Digital Forensic Investigation

5. Result and Application

5.1 Screenshots

Fig 5.1 Main Dashboard Fig 5.2 File detection

Department of Computer Technology (2024-25) 18

 Cyber Tool for Digital Forensic Investigation

Fig 5.3 Website and Wi-Fi security analysis

Department of Computer Technology (2024-25) 19

 Cyber Tool for Digital Forensic Investigation

5.2 Applications

1. File Spam Detection: Helps users identify and block spam or malicious files that could
contain viruses, ransomware, or spyware. Useful when downloading files from unknown
sources.

2. Website Security Assessment: Scans and evaluates websites for threats like phishing,
malware, or fake pages—ensuring safer online browsing, especially during online transactions
or logins.

3. Wi-Fi Security Analysis: Checks the security of connected Wi-Fi networks to detect
vulnerabilities like open ports or weak encryption, protecting users from data theft on public
or unsecured networks.

4. Real-Time Threat Alerts: Notifies users instantly when a potential threat is detected, allowing
quick action to prevent harm or data loss

Department of Computer Technology (2024-25) 20

 Cyber Tool for Digital Forensic Investigation

5.3 Test Cases

1. File Spam Detection Module

Test Case
Test Description Input Expected Output
ID

Text file with

TC_01 Upload non-spam text file “Safe File”
regular text

Text file with spam

TC_02 Upload spam text file “Spam File Detected”
keywords

“Invalid File” or
TC_03 Upload empty file Blank .txt file
appropriate warning

TC_04 Upload unsupported file type PDF/Word file “Unsupported File Type”

File with mixed content (safe Mixed-content text “Potentially Spam File” or
TC_05
+ spam phrases) file partial alert

2. Website Security Analysis Module

Test
Test Description Input Expected Output
Case ID

TC_01 Analyze safe HTTPS site https://example.com “Secure Site”

TC_02 Analyze HTTP site without

http://nonsecure.com “Insecure Site”
SSL

TC_03 “Phishing or
Analyze phishing/malicious
http://phishingsite.com Dangerous Site
site (blacklist sim)
Detected”

TC_04 Analyze site with missing Site with no HSTS, X- “Website Missing
security headers Frame-Opts Security Headers”

TC_05 Invalid or malformed URL “Invalid URL”

“htp:/wrong.com”
input warning

Department of Computer Technology (2024-25) 21

 Cyber Tool for Digital Forensic Investigation

3. Wi-Fi Security Analysis Module

Test Input (WiFi

Test Description Expected Output
Case ID Environment)

Analyze WPA2-secured
TC_01 Encrypted WiFi “Secure Network”
WiFi

TC_02 “Unsecure Network - Avoid

Analyze open public WiFi Unencrypted WiFi
Use”

TC_03 “Weak Encryption - At

Weak encryption (WEP) WiFi with WEP
Risk”

TC_04 Airplane Mode or

No WiFi connected “No Network Detected”
No signal

TC_05 Spoofed SSID (simulate Duplicate SSID in “Potential Rogue Network

same SSID multiple times) network list Detected” (future scope)

Department of Computer Technology (2024-25) 22

 Cyber Tool for Digital Forensic Investigation

6. Conclusion and Future Scope

6.1 Conclusion

CyberShield is a comprehensive cybersecurity tool designed to offer users robust, real-time

protection against a wide range of online threats. It integrates multiple layers of security, including
advanced file protection, real-time website safety verification, and in-depth WiFi network
analysis.

By proactively scanning for malware, phishing attempts, and unsafe networks, CyberShield
ensures that users can browse, download, and connect with confidence. Its user-friendly interface
and intelligent threat detection system make it an essential companion for anyone seeking a safer
and more secure digital experience across devices.

Department of Computer Technology (2024-25) 23

 Cyber Tool for Digital Forensic Investigation

6.2 Future scope & Limitations

• Future scope
The future scope of CyberShield lies in its potential to evolve alongside the rapidly changing
landscape of cybersecurity threats. As cyberattacks become more sophisticated, future versions of
the tool can incorporate artificial intelligence and machine learning to detect and respond to threats
in real time with greater accuracy. The integration of behavioral analysis will allow the app to
identify suspicious activity even before it is recognized as a known threat. Additionally, expanding
support for Internet of Things (IoT) devices will ensure users are protected across all connected
platforms. Future developments may also include parental controls, data privacy management
tools, and personalized security insights, making CyberShield a complete digital safety solution
for individuals and organizations.

• Limitations

1. Limited File Type Support

The system primarily focuses on .txt files for spam detection. It does not currently support
other file types like PDFs, Word documents, or executable files, which may also pose
security threats.
2. Basic Threat Detection Techniques
The application uses predefined rules and heuristic checks. While effective for common
threats, it may not detect more sophisticated or zero-day attacks that require advanced
machine learning or behavioral analysis.
3. Simulated Blacklist and SSL Checks
Website security analysis relies on simulated methods rather than real-time querying of
actual blacklists or certificate authorities. This limits the tool’s accuracy in identifying truly
dangerous websites.
4. Local WiFi Analysis Only
WiFi security assessment is performed locally on the device and might not detect more
advanced attacks like spoofed access points, ARP poisoning, or packet sniffing at a deeper
network level.

Department of Computer Technology (2024-25) 24

 Cyber Tool for Digital Forensic Investigation

7. References and bibliography

7.1 IEEE papers

[1] Vihara Fernando [email protected] Department of Computer Systems Engineering, Faculty

of Graduate Studies and Research, Sri Lanka Institute of Information Technology, New Kandy
Road, Malabe. “Cyber Forensics Tools: A Review on Mechanism and Emerging Challenges”

[2] Mary Geddes De Montfort University Leicester, UK Dr Pooneh Bagheri Zadeh De Montfort
University Leicester, UK “Forensic Analysis of Private Browsing”

[3] Ifeoma U. Ohaeri1 Computer Science Department North-West University Mafikeng North-
West Province, South Africa Bukohwo M. Esiefarienhe2 Computer Science Department North-
West University Mafikeng North-West Province, South Africa Digital “Forensic Process Model
for Information System and Network Security Management”

[4] Arjun Anand V,Buvanasri A K,Meenakshi R,Karthika S, Ashok Kumar Mohan,2020 4th
International Conference on Computer, Communication and Signal Processing (ICCCSP) Year:
2020 “PeopleXploit: A hybrid tool to collect public data ”Year: 2020

[5] S. Al Sharif1, M. Al Ali1, N. Al Reqabi1, F. Iqbal1, T. Baker2, A. Marrington1 1College of

Technological Innovation, Zayed University, UAE 2Department of Computer Science, Liverpool
John Moores University, UK “Magec: An Image Searching Tool for Detecting Forged Images in
Forensic Investigation”

[6] Arpita Singh,Nilu Singh,Sanjay K. Singh,Sandeep k. Nayak “Cyber-Crime and Digital

Forensics: Challenges Resolution IEEE Xplore”

[7] Mohammad Rasmi Al-Mousa,Qutaiba Al-Zaqebah,Ala'a Saeb Al-Sherideh,Mohammed Al-

Ghanim,Ghassan Samara,Sattam Al-Matarneh,Mahmoud Asassfeh
2022 International Arab Conference on Information Technology (ACIT) “Examining Digital
Forensic Evidence for Android Applications IEEE Xplore” Year: 2022

Department of Computer Technology (2024-25) 25

 Cyber Tool for Digital Forensic Investigation

7.2 Books

• Guide to Computer Forensics and Investigations"

Author: Bill Nelson, Amelia Phillips, Christopher SteuartDesign Of An Automobile Theft
Deterrent System by Ajay Dhakshana Murthy.
• "Digital Forensics and Incident Response: Incident response techniques and procedures to
respond to modern cyber threats"
Author: Gerard Johansen.
• "Computer Forensics: Cybercriminals, Laws, and Evidence"
Author: Marie-Helen Maras.

7.3 Website Links

• https://www.sleuthkit.org/
• https://toolcatalog.nist.gov/
• https://www.magnetforensics.com/
• https://www.sans.org/tools/sift-workstation/
• https://www.exterro.com/digital-forensics-software/forensic-toolkit

Department of Computer Technology (2024-25) 26

 Cyber Tool for Digital Forensic Investigation

8. Certificates and Published Papers

8.1 Certificates

Department of Computer Technology (2024-25) 27

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 28

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 29

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 30

 Cyber Tool for Digital Forensic Investigation

8.2 Published Paper & Certificates

Department of Computer Technology (2024-25) 31

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 32

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 33

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 34

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 35

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 36

 Cyber Tool for Digital Forensic Investigation

Department of Computer Technology (2024-25) 37