Ethical hacking demonstration and presentation by using one task for each categorie.
Please see the support files
Following are the two categories for ethical hacking. You can choose any one task from the following two categories. Category 1: List of Tasks of Ethical hacking : (Please find the resources that are purposefully meant for ethical hacking) · DDOS attack (Distributed Denial of Service Attack) · Man-in the middle attack · Arp Spoofing · Arp Poisoning (Using Ettercap tool) · DNS Spoofing · SSL Stripping · Session Hijacking Attack (session ID and Cookie stealing) · Attacks on Vulnerable Websites · Weak Passwords cracking Category 2: List of tasks to mitigate/prevent the system: · Detection of DOS attack (Pcap files link: https://www.unb.ca/cic/datasets/ddos-2019.html) · Detection of vulnerable websites · Detection of Deauth/Disassociation packets on Wi-Fi channel using Kismet · Detection of anomaly detection using Machine Learning (Explore Weka tool, you can get a dataset of DOS attack from this link: https://www.unb.ca/cic/datasets/ddos-2019.html · Firewall configuration using ACL rules · Detection of MIM attack You may choose one tool for each categorie to make the presentation Ethical hacking Guidelines: Demonstration of Tool DEMONSTRATION OF ETHICAL HACKING TOOL AND PRESENTATION Term-end Submission Note: During this course, we will be using several network security tools. These tools are legitimate tools used by network administrators and security professionals for network analysis or security assessment. It is highly important that you use the network tools that you download only for educational purposes. Never, intentionally, or otherwise, use any of these tools for malicious purposes or for gaining unauthorized access. Follow the guidelines and principles of ethical hacking. Submission Guidelines : The objective of this task is to explore, learn, and demonstrate one of the ethical hacking tools that security professionals and experts used for ethical purposes. You are expected to choose one of the tools from a given list, explore and learn it within the boundary of ethical hacking. Once you are getting acquainted with the tool, you will need to show step by step demonstration of that tool using a presentation slide and demonstration. You can do a live demonstration, or you can record your demonstration and submit it to your instructor to play in front of the class. You can choose the tool for the listed tasks, but the selection is not limited to the list. Before you will start exploring a tool, you will have to confirm your tool with your instructor. Reference Material: To set the expectation, the reference recording and PowerPoint slide of “ implications of weak passwords and how easily you can crack the weak password of the Wi-Fi access point using a tool (Airecrack-ng)” is given to you. Follow the same nomenclature while working on your demonstration and presentation slide. You can find a reference link on Moodle (Ethical Tool Demonstration/Presentation Section). 1. Recording of Demonstration : Consist of recording of demonstration of tool 2. Presentation slides 2: PPT slide on Attack on Wi-Fi access point and prevention Note : Students are encouraged to work on demonstration of tool from the first week of the course. Here are the steps: 1. Chose one of the tools from given list or of your choice (You can not demonstrate the usage of the following tools that we are exploring during labs/assignments.) a. Exclude following tools - Traceroute, Wireshark, Nslookup, Hping3, Snort, NMAP, Aircrack-ng suite, Airodump-ng 2. Confirm your selection with your instructor before start working on it. 3. To enhance your understanding, watch various videos, read reference material on google before start practical hands-on practice. 4. Once you have enough resources, install/configure the tool. Understand various options. Ethical hacking Guidelines: Demonstration of Tool 5. Prepare a demonstration and presentation slides by considering the following points. a. Overview of your demonstration: This includes one of the following. i. How Security professionals can use this tool for ethical hacking OR ii. How to gain unauthorized access OR iii. How to attack the system to learn the weaknesses in the system for mitigation OR iv. How to prevent the network from attacks. b. Quick overview of installation, system requirement to install and execute the tool c. Demonstration of your tool d. Security implications/ mitigations e. Conclusion Demonstration and Presentation : You are expected to present your topic in front of your class during the last week of this course by live demonstration or recording. You have given 5-7 minutes to present your topic. After that, there will be a quick Q&A round of 2 minutes. Submission: (What to submit) • Recording of the demonstration of your tool • PowerPoint slide Following are the two categories for ethical hacking. You can choose any one task from the following two categories. Category 1: List of Tasks of Ethical hacking : (You can be able to find the resources that are purposefully meant for ethical hacking) 1. DDOS attack (Distributed Denial of Service Attack) 2. Man-in the middle attack 3. Arp Spoofing 4. Arp Poisoning (Using Ettercap tool) 5. DNS Spoofing 6. SSL Stripping 7. Session Hijacking Attack (session ID and Cookie stealing) 8. Attacks on Vulnerable Websites 9. Weak Passwords cracking List of tasks to mitigate/prevent the system: 10. Detection of DOS attack (pcap files link: https://www.unb.ca/cic/datasets/ddos-2019.html) 11. Detection of vulnerable websites https://www.unb.ca/cic/datasets/ddos-2019.html Ethical hacking Guidelines: Demonstration of Tool 12. Detection of Deauth/Disassociation packets on Wi-Fi channel using Kismet 13. Detection of anomaly detection using Machine Learning (Explore Weka tool, you can get dataset of DOS attack from this link: https://www.unb.ca/cic/datasets/ddos-2019.html ) 14. Firewall configuration using ACL rules 15. Detection of MIM attack https://www.unb.ca/cic/datasets/ddos-2019.html