ABOUT THE

INSTRUCTOR
Team Lead Offensive Security (Confidential)

Cyber Security Trainer.

Certified Ethical Hacker.

Conducted many workshops at different

Organizations & Universities

0336-6677010

abdullah-m-yaqoob

[email protected]
BASE CONCEPTS
OF INFORMATION
TECHNOLOGY
BASE CONCEPTS
TYPES OF COMPUTER
OPERATING SYSTEM AND ITS TYPES
FILE SYSTEMS (NTFS, FAT32, EXT4)
PRIMARY STORAGE AND SECONDARY STORAGE
BACKUP AND RECOVERY
SYSTEM BACKUPS AND RESTORE POINTS
VIRTUALIZATION BASICS
BASICS OF VIRTUAL MACHINES AND EMULATORS
COMMAND LINE INTERFACE (CLI)
FILE PERMISSIONS AND ACCESS CONTROL
BASE CONCEPTS
PROTOCOLS
USER ACCOUNTS AND AUTHENTICATION
PROCESS MANAGEMENT
NETWORKING TOOLS IN OS (PING, NETSTAT, TRACERT)
SYSTEM LOGS AND EVENT MONITORING
OS SECURITY FEATURES (FIREWALLS, UPDATES)
GLI-BASED SOFTWARE VS CLI-BASED SOFTWARE
URL
TYPES OF COMPUTERS
Super Computers
Main Frames Computers
Desktop Computers
Laptops
Embedded Systems
SUPER COMPUTERS
High-performance computers designed
for complex computations and large-
scale simulations.
Uses:
Weather forecasting, nuclear
simulations, scientific research.
Examples:
IBM Summit, Fugaku.
MAIN FRAMES COMPUTERS
Large, powerful computers used
for bulk data processing and
transaction management.
Uses:
Banking, airline reservations,
census data.
Features:
High reliability, scalability, and
support for multiple users.
LAPTOPS
Portable personal computers
with an integrated display,
keyboard, and battery.
Features:
Lightweight, energy-efficient,
suitable for on-the-go use.
Uses:
Business, education,
entertainment.
DESKTOP COMPUTER
Personal computers designed for
regular use at a single location.

Features:
Modular components (CPU,
monitor, keyboard).
Uses:
Office work, gaming, basic
computing tasks.
EMBEDDED SYSTEMS
Specialized computer systems
embedded within larger devices to
perform specific tasks.
Examples:
Microwave ovens, automotive
control systems, smart TVs.
Features:
Low power consumption,
dedicated functionality.
 OPERATING SYSTEM
AND ITS TYPES
AN OPERATING SYSTEM (OS) IS
SOFTWARE THAT ACTS AS AN
INTERFACE BETWEEN THE USER AND
COMPUTER HARDWARE.
MANAGES HARDWARE RESOURCES AND
PROVIDES SERVICES FOR COMPUTER
PROGRAMS.
 TASKS OF OS
MANAGES PROCESSES AND MEMORY.
HANDLES FILES AND HARDWARE
DEVICES.
ENSURES SECURITY AND USER
ACCESS.
PROVIDES INTERFACE AND
NETWORKING SUPPORT.
 TYPES OF OS(OPERATING
SYSTEM)
SINGLE-USER, SINGLE-TASK OS (MS-
DOS)
SINGLE-USER, MULTI-TASKING OS (
WINDOWS, MACOS)
MULTI-USER OS (UNIX, LINUX)
REAL-TIME OS (USED IN EMBEDDED
SYSTEMS)
 FILE SYSTEMS
NTFS (NEW TECHNOLOGY FILE SYSTEM)

USED BY WINDOWS, SUPPORTS LARGE

FILES, FILE PERMISSIONS, AND ENCRYPTION.

EXT4 (FOURTH EXTENDED FILE SYSTEM)

COMMON IN LINUX SYSTEMS, SUPPORTS

LARGE VOLUMES AND FILE SIZES.
FILE SYSTEMS
FILE PERMISSIONS AND
ACCESS CONTROL
File Permissions
Control who can read, write, or
execute files ( rwx(777) in Linux).
Access Control
Mechanisms to restrict or grant
access based on roles ( ROLE
BASED ACCESS CONTROL).
Types of Permissions
Read (r), Write (w), Execute (x).
FILE PERMISSIONS AND ACCESS CONTROL
FILE PERMISSIONS AND ACCESS CONTROL
DOMAIN CONTROLLER AND ENDPOINT
DOMAIN CONTROLLER
A Domain Controller (DC) is a
server that manages network
security and access.
Handles user authentication
and permissions.
Centralizes control of user
logins and policies.
Typically uses Active Directory
(AD) in Windows networks.
PRIMARY STORAGE AND SECONDARY
STORAGE
Primary Storage (RAM)
Temporary storage for active
processes, fast but volatile.
Secondary Storage (HDD, SSD)
Permanent storage, slower
than RAM but used for long-
term data storage.
PRIMARY STORAGE AND SECONDARY
STORAGE
Primary Storage (RAM)
Temporary storage for active
processes, fast but volatile.
Secondary Storage (HDD, SSD)
Permanent storage, slower
than RAM but used for long-
term data storage.
SYSTEM BACKUPS AND
RESTORE POINTS
System Backups
Full system copies that
ensure data can be
restored in case of
failure.
Restore Points
Snapshots of system
configurations to
revert to if needed.
DISASTER RECOVERY
PRIMARY SITE

SECONDART SITE
BACKUP TACTICS
VIRTUALIZATION BASICS
The creation of virtual instances
of computing resources (servers,
storage,).
Optimized resource usage,
isolation of environments, cost
savings.
BASICS OF VIRTUAL MACHINES AND
EMULATORS
Virtual Machines (VMs)
Software-based emulation of
physical computers, run multiple
OS on one host machine.
Emulators
Software that mimics hardware or
operating systems, running mobile
apps on a computer.
BASICS OF VIRTUAL MACHINES AND
EMULATORS
 COMMAND LINE INTERFACE
(CLI)/TERMINAL
A text-based interface where
users type commands to
perform tasks.
Advantages
Faster for advanced users,
less resource-intensive.
Common Commands
cd, ls, mkdir, rm for file
navigation and manipulation.
CONCEPTS
PROTOCOLS
USER ACCOUNTS AND AUTHENTICATION
PROCESS MANAGEMENT
NETWORKING TOOLS IN OS (PING, NETSTAT, TRACERT)
SYSTEM LOGS AND EVENT MONITORING
OS SECURITY FEATURES (FIREWALLS, UPDATES)
GLI-BASED SOFTWARE VS CLI-BASED SOFTWARE
URL
PROTOCOLS
Set of rules for data transmission
between devices in a network.
Common Protocols:
HTTP/HTTPS: Web communication.
TCP/IP: Core protocol suite for
internet communication.
FTP: File transfer between devices.
DNS: Resolves domain names to IP
addresses.
USER ACCOUNTS AND AUTHENTICATION
USER ACCOUNTS AND AUTHENTICATION

THE PROCESS OF VERIFYING A USER'S IDENTITY

BEFORE GRANTING SYSTEM ACCESS.
USUALLY INVOLVES USERNAME AND
PASSWORD, BUT CAN ALSO INCLUDE
BIOMETRICS, SECURITY TOKENS, OR ONE-TIME
PASSCODES.
ENSURES ONLY AUTHORIZED USERS ACCESS
SENSITIVE DATA AND SYSTEMS.
KEY FOR SECURING DIGITAL ENVIRONMENTS
AND PREVENTING UNAUTHORIZED ACCESS.
USER ACCOUNTS AND AUTHENTICATION
Verifying the identity of a user or
system before granting access.
Ensures that only authorized individuals
can access sensitive information or
systems.
USER ACCOUNTS AND AUTHENTICATION
Single-Factor Authentication (SFA)
Something I know (like a password).
Two-Factor Authentication (2FA)
Something I know (password) + Something I have (OTP or security
token).
Multi-Factor Authentication (MFA)
Something I know (password) + Something I have (security token) +
Something I am (fingerprint or facial recognition).
TYPES OF AUTHENTICATION(2FA)
Password-Based Authentication: Requires a user to enter a password
to verify identity.
Two-Factor Authentication (2FA): Combines two distinct factors
(something you know + something you have).
Multi-Factor Authentication (MFA): Involves two or more factors from
different categories (e.g., something you know, something you have,
something you are).
Biometric Authentication: Uses physical characteristics like
fingerprints or facial recognition to verify identity.
TYPES OF AUTHENTICATION(2FA)
Password-Based Authentication: Requires a user to enter a password
to verify identity.
Two-Factor Authentication (2FA): Combines two distinct factors
(something you know + something you have).
Multi-Factor Authentication (MFA): Involves two or more factors from
different categories (e.g., something you know, something you have,
something you are).
Biometric Authentication: Uses physical characteristics like
fingerprints or facial recognition to verify identity.
TYPES OF AUTHENTICATION(2FA)
Token-Based Authentication: Relies on a physical or
digital token (e.g., security key) for access.
Certificate-Based Authentication: Uses digital certificates
for verifying a user's identity.
TYPES OF AUTHENTICATION(MFA)
A security method that uses two or more factors from
different categories to verify identity.
Combines:
Something you know (such as a password).
Something you have (such as a smart card or one-time
code).
Something you are (such as a fingerprint or facial
recognition).
Enhances security by requiring multiple verification steps.
TYPES OF AUTHENTICATION
Authentication Methods:
Multi-Factor Authentication (MFA): Combines multiple authentication
methods (password + biometric + security token) for enhanced
security.
SCEANARIO
In a corporate setting, an employee is required to log into the company’s VPN remotely
to access sensitive internal resources. To ensure secure access, the company employs
Multi-Factor Authentication (MFA). First, the employee enters their username and
password (something they know), which grants access to the initial login screen. Next, the
system sends a one-time password (OTP) to their registered mobile phone (something
they have), which the employee must input to continue. For an additional layer of
security, the employee is also prompted to scan their fingerprint (something they are)
through the company’s authentication app to finalize the login process. This multi-
layered approach prevents unauthorized access, even if one of the factors is
compromised, ensuring the highest level of protection for the company’s network and
data security.
SCEANARIO
Step 1: The employee enters their username and password (something they know) to
access the VPN.
Step 2: A one-time password (OTP) is sent to their registered mobile phone
(something they have), which the employee must enter.
Step 3: The employee is prompted to scan their fingerprint (something they are) via
the company’s authentication app to finalize the login.
Outcome: The multi-layered authentication process ensures secure access,
preventing unauthorized entry even if one factor is compromised.
NETWORKING TOOLS IN OS (PING,
NETSTAT, TRACERT)
PING
Tests network connectivity to a host, sends ICMP packets and
checks for response.
NETSTAT
Displays network connections, routing tables, and protocol
statistics.
TRACERT
Traces the route packets take to a destination, useful for
diagnosing network issues.
NETWORKING TOOLS IN OS (PING,
NETSTAT, TRACERT)
NETWORKING TOOLS IN OS (PING,
NETSTAT, TRACERT)
NETWORKING TOOLS IN OS (PING,
NETSTAT, TRACERT)
SYSTEM LOGS AND EVENT MONITORING
URL
A Uniform Resource Locator is the address used to access resources
on the internet.
Components:
Protocol: http://, https://
Domain Name: www.example.com
Path: /page1
Query String: ?id=123
GLI-BASED SOFTWARE VS CLI-BASED
SOFTWARE
Command Line Interface (CLI)
Software that requires text-based input and output
(Terminal, Command Prompt).
GUI-BASED SOFTWARE VS CLI-BASED
SOFTWARE
Graphical User Interface
(GLI)
Software that uses
graphical elements
(windows, icons) for
interaction NMAP).
PROCESS MANAGEMENT
Processes
Programs in execution; every process has its own memory space
and resources.
Process Lifecycle:
Creation: Process is initialized.
Execution: Process runs.
Termination: Process ends.
Tools for Management:
Task Manager (Windows), Top/PS Command (Linux).
OS SECURITY FEATURES (FIREWALLS )
Firewalls
Filters incoming and outgoing traffic based on security rules.
OS Updates
Essential for patching vulnerabilities and improving system
security.
Types of Firewalls:
Software Firewalls: Runs on the host OS.
Hardware Firewalls: Dedicated device for network traffic
filtering.
SYSTEM LOGS AND EVENT MONITORING
System Logs
Records of system activity, errors, and events for
troubleshooting and security.
Event Monitoring
Real-time tracking of system events for performance and
security analysis.
Common Logs:
Event Viewer (Windows), Syslog (Linux).
NETWORKING
REFRESHING
CONCEPTS
INTRODUCTION TO CYBERSECURITY

Network Security Basics (Firewalls, IDS/IPS, VPNs)

Servers and Server Types (Web Server, Mail Server, DNS Server,
etc.)
Network Architecture (Client-Server, Peer-to-Peer, Hybrid Models)
Demilitarized Zone (DMZ) and its Role in Network Security
Honey Pots and Honey Nets for Intrusion Detection
Intrusion Detection System (IDS) vs. Intrusion Prevention System
(IPS)
Antivirus and Anti-malware Solutions
IP ADDRESSES

UNIQUE IDENTIFIER FOR DEVICES ON A NETWORK.

IPV4: 32-BIT, EXPRESSED IN DOTTED DECIMAL
FORMAT.
IPV6: 128-BIT, PROVIDES A LARGER ADDRESS SPACE.
SECURITY: IP SPOOFING RISKS AND MONITORING IPS
FOR THREAT DETECTION
IP CLASSES

CLASS D: MULTICAST ADDRESSES

(224.0.0.0 TO 239.255.255.255)
CLASS E: RESERVED FOR FUTURE
USE (240.0.0.0 TO 255.255.255.255
PROTOCOLS
HTTP/HTTPS (Hypertext Transfer
Protocol/Secure)-->443 ,80,8080
TCP/IP (Transmission Control
Protocol/Internet Protocol):
DNS (Domain Name System)-->53
FTP (File Transfer Protocol):--> 20,21
SMTP (Simple Mail Transfer Protocol)-->25
SMB (Server Message Block)-->139,445
PROTOCOLS
Telnet -->23
SSH -->22
DHCP -->67,68
TYPES OF PORTS
WELL-KNOWN PORTS (0–1023)

ASSIGNED TO WIDELY USED SERVICES AND PROTOCOLS.

HTTP (PORT 80)

REGISTERED PORTS (1024–49151)

USED BY USER APPLICATIONS; REGISTERED WITH IANA.

MYSQL (PORT 3306)

RDP (PORT 3389)

TYPES OF PORTS
DYNAMIC/PRIVATE PORTS (49152–65535)

TEMPORARILY ASSIGNED FOR CLIENT-SIDE

CONNECTIONS.

USED BY APPLICATIONS FOR SHORT-TERM

COMMUNICATION.
SWITCHES

TYPES OF FIREWALLS

(HARDWARE,

SOFTWARE, NEXT-GEN).

HOW FIREWALLS

PROTECT NETWORKS.
TYPES OF SWITCHES
TYPES OF SWITCHES
UNMANAGED SWITCH

SIMPLE PLUG-AND-PLAY DEVICES WITH NO CONFIGURATION OPTIONS.

IDEAL FOR SMALL NETWORKS OR BASIC CONNECTIVITY.

MANAGED SWITCH

ALLOWS NETWORK CONFIGURATION, MONITORING, AND MANAGEMENT (VLANS).

USED IN ENTERPRISE AND LARGE-SCALE NETWORKS.

LAYER 3 SWITCH

COMBINES SWITCHING AND ROUTING CAPABILITIES.

ENABLES ADVANCED NETWORK SEGMENTATION AND IP ROUTING.

PORT SECURITY
RESTRICT UNAUTHORIZED DEVICES

FROM CONNECTING

LIMIT MAC ADDRESSES ON A PORT

LOCK PORTS WHEN AN

UNAUTHORIZED DEVICE CONNECTS

PORT SECURITY
PROTECT: SILENTLY DROPS UNAUTHORIZED

TRAFFIC (NO NOTIFICATION).

RESTRICT: DROPS UNAUTHORIZED TRAFFIC +

SENDS NOTIFICATION (SNMP TRAP/LOG).

SHUTDOWN: DISABLES PORT + SENDS

NOTIFICATION (SNMP TRAP/LOG).

MAC ADDRESSES
UNIQUE HARDWARE ADDRESS FOR DEVICES

CONTROL NETWORK ACCESS THROUGH MAC FILTERING

MAC SPOOFING: ATTACKERS CAN CHANGE ADDRESSES TO BYPASS SECURITY

NETWORK INFRASTRUCTURE
NETWORK ARCHITECTURE
Network architecture refers to the design and structure of a
network, including its components, physical layout, and
operational principles. It defines how devices, connections, and
protocols interact to enable data communication and resource
sharing.
KEY TECHNOLOGIES
IN NETWORK
SECURITY
Firewalls: Control network traffic.
VPNs: Secure remote access.
IDS/IPS: Detects and prevents threats.
Encryption Protocols: SSL/TLS, IPSec.
DMZ
EDR
SIEM
FIREWALL
A firewall is a security system that monitors
and controls incoming and outgoing
network traffic based on predefined
security rules. It acts as a barrier between
trusted internal networks and untrusted
external networks, such as the internet, to
prevent unauthorized access and cyber
threats.
WHERE TO PLACE A FIREWALL

EXTERNAL FIREWALL(EDGE)

INTERNAL FIREWALL(PERIMETER)
TYPES OF FIREWALL
Firewall Layer of Software-
Scope Hardware-Based
Type Operation Based

Network Individual ✓ (ACL

Packet Filtering ✗
Layer (Layer 3) packets IPTables)

Transport Sessions
Stateful Inspection ✓ (Cisco ASA) ✓ (pfSense)
Layer (Layer 4) and connections

Cloud-native
Various ✓ (Prisma
Cloud-Based Firewall and hybrid ✗
Layers Access)
environments

Next-Generation Multiple Comprehensive ✓ (FortiGate

✓ (Palo Alto PA-Series)
Firewall Layers network-wide security VM)

Web Application Application HTTP/HTTPS ✓ (Cloudflare

✓ (F5 Advanced WAF)
Firewall Layer (Layer 7) traffic only WAF)
TYPES OF FIREWALL
EDGE FIREWALL
POSITIONED AT THE NETWORK'S OUTER BOUNDARY (INTERNET-

FACING), IT PROTECTS THE ENTIRE NETWORK FROM EXTERNAL

THREATS WITH BROAD TRAFFIC FILTERING.

PERIMETER FIREWALL
POSITIONED WITHIN THE NETWORK, IT ISOLATES AND SECURES

SPECIFIC ZONES ( DMZ) WITH MORE ACCESS CONTROLS.

VPN (VIRTUAL PRIVATE NETWORK)

TECHNOLOGY THAT ESTABLISHES A SECURE AND ENCRYPTED CONNECTION OVER A

PUBLIC NETWORK, SUCH AS THE INTERNET, TO PROVIDE PRIVACY, DATA SECURITY IT

MASKS THE USER'S IP ADDRESS, PROTECTS DATA FROM INTERCEPTION, AND ENABLES

REMOTE ACCESS TO PRIVATE NETWORKS. VPNS ARE COMMONLY USED FOR SECURE

COMMUNICATION, BYPASSING GEO-RESTRICTIONS, AND PROTECTING SENSITIVE

INFORMATION, ESPECIALLY ON PUBLIC WI-FI.

VPN (VIRTUAL PRIVATE NETWORK)
PROXY
A PROXY SERVER IS AN INTERMEDIARY SYSTEM THAT ACTS AS A GATEWAY BETWEEN A USER'S DEVICE AND THE

INTERNET.

IT PROCESSES CLIENT REQUESTS, FORWARDS THEM TO THE TARGET SERVER, AND RELAYS THE SERVER'S

RESPONSE BACK TO THE USER.

PROXIES PROVIDE FUNCTIONALITY LIKE IP ADDRESS MASKING, CONTENT FILTERING, TRAFFIC CONTROL, AND

ENHANCED SECURITY.
TYPES OF PROXY
FORWARD PROXY

REVERSE PROXY
 FORWARD PROXY
A FORWARD PROXY IS A SERVER
THAT ACTS ON BEHALF OF THE
CLIENT, FORWARDING THE CLIENT'S
REQUESTS TO EXTERNAL SERVERS
AND RELAYING THE RESPONSES
BACK. IT IS COMMONLY USED FOR
CLIENT-SIDE TASKS LIKE BYPASSING
GEO-RESTRICTIONS, ENHANCING
PRIVACY BY HIDING THE CLIENT’S IP
ADDRESS, AND CONTROLLING OR
MONITORING INTERNET ACCESS.
TO HIDE THE USER
FORWARD PROXY AND REVERSE PROXY
 REVERSE PROXY
A REVERSE PROXY IS A SERVER THAT ACTS ON
BEHALF OF THE BACKEND SERVER, HANDLING
INCOMING CLIENT REQUESTS AND
FORWARDING THEM TO THE APPROPRIATE
BACKEND SERVER. IT IS PRIMARILY USED FOR
SERVER-SIDE TASKS LIKE LOAD BALANCING,
IMPROVING SECURITY BY HIDING SERVER
DETAILS, AND CACHING CONTENT TO
OPTIMIZE PERFORMANCE.

TO HIDE THE SERVER.

DIFFERENCE BETWEEN PROXY AND VPN
DMZ(DEMILITARIZED ZONE)
ISOLATES INTERNAL

NETWORKS FROM EXTERNAL

THREATS

HOSTS PUBLIC-FACING

SERVICES (WEB SERVERS)

REDUCES RISK TO INTERNAL

SYSTEM
MZ(MILITARIZED ZONE)
IT IS A SECURED NETWORK SEGMENT THAT LIES BETWEEN THE INTERNAL NETWORK AND

EXTERNAL SYSTEMS, OFTEN USED FOR SENSITIVE OPERATIONS.

IT ENSURES CONTROLLED ACCESS TO CRITICAL ASSETS AND PREVENTS UNAUTHORIZED

TRAFFIC FROM REACHING THE CORE NETWORK.

THE MZ PROVIDES AN ADDITIONAL LAYER OF SECURITY BY ISOLATING HIGH-PRIORITY

RESOURCES FROM LESS SECURE ENVIRONMENTS.

IT SUPPORTS ADVANCED SECURITY MEASURES, SUCH AS MONITORING, FILTERING, AND

SAFEGUARDING VITAL OPERATIONS.

MZ(MILITARIZED ZONE)
IT IS A SECURED NETWORK SEGMENT THAT LIES BETWEEN THE INTERNAL NETWORK AND

EXTERNAL SYSTEMS, OFTEN USED FOR SENSITIVE OPERATIONS.

IT ENSURES CONTROLLED ACCESS TO CRITICAL ASSETS AND PREVENTS UNAUTHORIZED

TRAFFIC FROM REACHING THE CORE NETWORK.

THE MZ PROVIDES AN ADDITIONAL LAYER OF SECURITY BY ISOLATING HIGH-PRIORITY

RESOURCES FROM LESS SECURE ENVIRONMENTS.

IT SUPPORTS ADVANCED SECURITY MEASURES, SUCH AS MONITORING, FILTERING, AND

SAFEGUARDING VITAL OPERATIONS.

MZ(MILITARIZED ZONE)
HONEY POT
A HONEYPOT IS A FAKE SYSTEM THAT

LOOKS REAL TO ATTRACT ATTACKERS. IT

HELPS FIND AND STUDY HARMFUL

ACTIVITIES WITHOUT RISKING REAL DATA.

HONEYPOTS CAN BE SIMPLE OR DETAILED

AND ARE USEFUL FOR LEARNING ABOUT

THREATS AND IMPROVING SAFETY.

 HONEY POT SCENARIO
A COMPANY SETS UP A FAKE SERVER DESIGNED TO LOOK LIKE A DATABASE HOLDING

CUSTOMER INFORMATION. THE SERVER IS PLACED IN A CONTROLLED NETWORK ENVIRONMENT

AND MONITORED CLOSELY.

WHEN A HACKER TRIES TO ACCESS THIS SERVER, THE HONEYPOT LOGS ALL THEIR ACTIONS,

SUCH AS THE TOOLS THEY USE AND THE TECHNIQUES THEY TRY. THIS HELPS THE COMPANY'S

SECURITY TEAM LEARN ABOUT THE HACKER'S METHODS, IMPROVE THEIR DEFENSES, AND

PREVENT ATTACKS ON THE REAL SYSTEMS.

 HONEY POT SCENARIO

AT THE SAME TIME, THE HONEYPOT DIVERTS THE HACKER'S ATTENTION, KEEPING THEM AWAY

FROM THE COMPANY’S ACTUAL SENSITIVE DATA.

TCP THREE WAY
HANDSHAKE

SYN: CLIENT SENDS A SYN (SYNCHRONIZE) PACKET TO INITIATE

A CONNECTION.
SYN-ACK: SERVER RESPONDS WITH A SYN-ACK (SYNCHRONIZE
ACKNOWLEDGMENT).
ACK: CLIENT SENDS AN ACK (ACKNOWLEDGMENT), AND THE
CONNECTION IS ESTABLISHED.
TCP THREE WAY
HANDSHAKE
NETWORK ADDRESS TRANSLATION
(NAT)

WHAT IS NAT?

HOW NAT WORKS.

NAT'S IMPORTANCE IN SECURITY (HIDING INTERNAL IP ADDRESSES).

 DHCP (DYNAMIC HOST CONFIGURATION
PROTOCOL)
WHAT IS DHCP?

HOW DHCP DYNAMICALLY ASSIGNS IP ADDRESSES TO DEVICES.

SECURITY ISSUES RELATED TO DHCP (E.G., DHCP SPOOFING, ROGUE DHCP

SERVERS).
INTERNAL NETWORK
EXTERNAL NETWORK
Internal Network: Private, secure network for employees

External Network: Public, untrusted (e.g., the internet)

Protect internal resources with firewalls and monitoring

NETWORK TOPOLOGIES (STAR, RING,
BUS, MESH)
Endpoint Detection and Response (EDR) Systems
OSI and TCP/IP Models
Networking Devices (Router, Switch, Hub, Bridge)
IP Addressing and Subnetting
Network Topologies (Star, Ring, Bus, Mesh)
DNS, DHCP, and HTTP Protocols
Types of Networks (LAN, WAN, MAN, VPN)
NETWORK TOPOLOGIES (STAR)
WIDELY USED IN HOME AND OFFICE
NETWORKS WHERE ALL DEVICES
CONNECT TO A CENTRAL ROUTER OR
SWITCH.
WI-FI NETWORKS IN HOMES, WHERE
LAPTOPS, PHONES, AND SMART
DEVICES CONNECT TO A CENTRAL
ROUTER.
NETWORK TOPOLOGIES ( RING )
Used in office or industrial control
systems where data needs to flow in a
specific, circular manner for efficiency.
Token Ring networks in older setups
for LANs.
NETWORK TOPOLOGIES (BUS)
Common in small
networks or for
temporary setups due to
its simplicity and low cost.
Home automation
systems where multiple
devices connect to a
central cable.
NETWORK TOPOLOGIES (MESH)
Common in smart homes or large
organizations where reliability is
critical, as every device connects
to others for redundancy.
Smart home systems like mesh Wi-
Fi, ensuring stable internet
connectivity throughout a building
TYPES OF NETWORKS (LAN)
Covers a small geographic area,
such as a home, office, or campus.
It is typically privately owned and
offers high-speed connections.
Example: A network connecting
all the computers in an office
building.
TYPES OF NETWORKS (WLAN)
WLAN (Wireless Local Area
Network) is a wireless version of
LAN, enabling devices to connect
over Wi-Fi within a limited area
like a home, office, or campus.
Example: A home Wi-Fi network
connecting smartphones, laptops,
and smart devices.
TYPES OF NETWORKS ( WAN)
Covers large geographical areas, often
extending between countries or
continents. WANs are typically owned
by large organizations or telecom
companies, providing connectivity
between remote locations.
Example: The internet or a company's
global network connecting offices
worldwide.
TYPES OF NETWORKS (MAN)
Spans a city or a large campus. It is usually owned by service
providers or municipalities and offers high-speed connections
over a broader area than a LAN.
Example: A network connecting multiple buildings within a city, such
as a university campus.
SUBNETTING
Subnetting is the process of dividing a large network into smaller,
more manageable subnetworks called subnets. It helps optimize IP
address usage, improve network performance, and enhance
security by isolating different sections of the network..
Efficient allocation of IP addresses.
Reducing network congestion.
Simplifying network management.
Enhancing security by isolating traffic.
SUBNETTING
Example: A network with IP range 192.168.1.0/24 can be divided into
two subnets:
Subnet 1: 192.168.1.0/25 (126 usable IPs).
Subnet 2: 192.168.1.128/25 (126 usable IPs).
SERVERS
Access Control Models (DAC, MAC, RBAC)
Security Threat Modeling and Risk Assessment
Social Engineering Attacks and Defense Mechanisms
Security Operations and Incident Response
Cybersecurity Frameworks (NIST, ISO/IEC 27001)
SERVER TYPES
Web Server: Serves websites.
Mail Server: Manages email.
FTP Server: Transfers files.
NTP Server: Synchronizes time.
DNS Server: Resolves domain names to IPs.
SFTP Server: Securely transfers files.
WEB SERVER(443,8080,80)
Purpose: Hosts websites and serves web pages to users via
HTTP/HTTPS protocols.
Example: Apache, Nginx, Microsoft IIS.
Use Case: Delivering content for websites like e-commerce or
blogs.
MAIL SERVER(25,587)
Purpose: Handles the sending, receiving,
and storing of emails using protocols like
SMTP, IMAP, or POP3.
Example: Microsoft Exchange Server,
Postfix.
Use Case: Corporate email systems.
DNS SERVER(53)
Purpose: Resolves domain names into IP addresses, enabling users
to access websites using easy-to-remember names.
Example: BIND, Microsoft DNS Server.
Use Case: Accessing websites by their domain names, such as
"www.example.com."
FTP SERVER(20,21)
Purpose: Facilitates the
transfer of files between
devices over a network.
Example: FileZilla Server,
vsftpd.
Use Case: Uploading or
downloading files for
collaboration
SFTP SERVER (22)
Purpose: Transfers files
securely using SSH for
encryption.
Example: OpenSSH, SolarWinds
SFTP.
Use Case: Securely transferring
sensitive data, such as financial
records.
NTP SERVER(123)
Purpose: Synchronizes time
across devices in a network.
Example: Chrony, Meinberg
NTP.
Use Case: Ensuring accurate
timestamps in financial
systems or log files.
OTHER KNOWN SERVERS
UMS server
Middleware
API Gateway
security solution hosting servers
OSI (OPEN
SYSTEM
INTERCONNE
CTION)MODEL
OSI MODEL
OSI MODEL AND THEIR ATTACKS
PHYSICAL LAYER
TRANSMITS RAW BINARY DATA (BITS) OVER
PHYSICAL MEDIA LIKE CABLES OR WIRELESS
SIGNALS.
INCLUDES HARDWARE COMPONENTS LIKE
HUBS, SWITCHES, CABLES, AND NETWORK
INTERFACE CARDS (NICS).
DEFINES VOLTAGE LEVELS, DATA RATES,
AND PHYSICAL CONNECTORS.
FOCUSES ON BIT-LEVEL
SYNCHRONIZATION AND MODULATION.
DATA LINK LAYER
PROVIDES ERROR DETECTION AND CORRECTION (CRC) FOR RELIABLE DATA
TRANSFER.
DIVIDED INTO TWO SUBLAYERS:
LOGICAL LINK CONTROL (LLC): MANAGES ERROR CHECKING AND FLOW CONTROL.
MEDIA ACCESS CONTROL (MAC): MANAGES DEVICE ACCESS TO THE NETWORK
MEDIUM.
USES HARDWARE (MAC) ADDRESSES FOR LOCAL COMMUNICATION.
HANDLES DATA FRAMING AND ACKNOWLEDGES FRAME DELIVERY.
NETWORK LAYER
PROVIDES ERROR DETECTION AND CORRECTION (CRC) FOR RELIABLE DATA
TRANSFER.
DIVIDED INTO TWO SUBLAYERS:
LOGICAL LINK CONTROL (LLC): MANAGES ERROR CHECKING AND FLOW
CONTROL.
MEDIA ACCESS CONTROL (MAC): MANAGES DEVICE ACCESS TO THE
NETWORK MEDIUM.
USES HARDWARE (MAC) ADDRESSES FOR LOCAL COMMUNICATION.
HANDLES DATA FRAMING AND ACKNOWLEDGES FRAME DELIVERY.
TRANSPORT LAYER
ENSURES RELIABLE DATA DELIVERY BETWEEN END-TO-END SYSTEMS.
MANAGES SEGMENTATION OF DATA INTO SMALLER CHUNKS AND REASSEMBLY AT THE
DESTINATION.
PROVIDES FLOW CONTROL TO AVOID DATA OVERLOAD.
PROTOCOLS:
TCP: RELIABLE, CONNECTION-ORIENTED.
UDP: FAST, CONNECTIONLESS BUT LESS RELIABLE.
IMPLEMENTS ERROR RECOVERY MECHANISMS LIKE ACKNOWLEDGMENTS AND
RETRANSMISSIONS.
SESSION LAYER
ESTABLISHES, MAINTAINS, AND
TERMINATES COMMUNICATION
SESSIONS BETWEEN DEVICES.
COORDINATES DIALOGS (FULL-
DUPLEX, HALF-DUPLEX, OR
SIMPLEX COMMUNICATION).
HANDLES SESSION CHECKPOINTS
TO ENSURE CONTINUITY IN CASE
OF NETWORK FAILURE.
PROVIDES SYNCHRONIZATION FOR
DATA EXCHANGES.
PRESENTAION LAYER
ENSURES DATA COMPATIBILITY BETWEEN SYSTEMS BY
TRANSLATING FORMATS (EBCDIC TO ASCII).
MANAGES DATA ENCRYPTION AND DECRYPTION FOR SECURE
COMMUNICATION.
HANDLES DATA COMPRESSION TO REDUCE FILE SIZE FOR
TRANSMISSION.
EXAMPLES OF FUNCTIONS: DATA ENCODING, SSL/TLS
ENCRYPTION.
APPLICATION LAYER
PROVIDES END-USER NETWORK SERVICES SUCH AS WEB BROWSING, FILE
SHARING, AND EMAIL.
EXAMPLES OF PROTOCOLS:
HTTP/HTTPS: WEB BROWSING.
FTP/SFTP: FILE TRANSFER.
SMTP/IMAP/POP3: EMAIL SERVICES.
INTERFACES DIRECTLY WITH THE USER AND APPLICATIONS TO
SEND/RECEIVE DATA.
MANAGES NETWORK ACCESS AND OVERALL USER EXPERIENCE.
TCP/IP MODEL
 FOUNDATION
CONCEPTS OF
CYBER SECURITY
CYBERSECURITY PRINCIPLES
(CONFIDENTIALITY, INTEGRITY,
AVAILABILITY - CIA TRIAD)
Endpoint Detection and Response (EDR) Systems
OSI and TCP/IP Models
Networking Devices (Router, Switch, Hub, Bridge)
IP Addressing and Subnetting
Network Topologies (Star, Ring, Bus, Mesh)
DNS, DHCP, and HTTP Protocols
Types of Networks (LAN, WAN, MAN, VPN)
INTRODUCTION TO CYBERSECURITY

Network Security Basics (Firewalls, IDS/IPS, VPNs)

Servers and Server Types (Web Server, Mail Server, DNS Server,
etc.)
Network Architecture (Client-Server, Peer-to-Peer, Hybrid Models)
Demilitarized Zone (DMZ) and its Role in Network Security
Honey Pots and Honey Nets for Intrusion Detection
Intrusion Detection System (IDS) vs. Intrusion Prevention System
(IPS)
Antivirus and Anti-malware Solutions
IDS
Definition: A monitoring system that detects and alerts about potential
security threats or policy violations in a network or system.
Key Features:
Operates in a passive mode; does not block traffic.
Provides real-time alerts or logs for suspicious activity.
Detects known threats using signatures (Signature-based IDS) or identifies
unusual activity patterns (Anomaly-based IDS).
Types:
Host-based IDS (HIDS): Monitors a specific device or host.
Network-based IDS (NIDS): Monitors traffic across an entire network.
Limitations: Cannot prevent an attack, only detect it.
IPS
Definition: A proactive system that not only detects threats but also takes
automated actions to block or prevent them.
Key Features:
Operates in-line with network traffic to actively block malicious activity.
Combines detection and prevention capabilities.
Mitigates threats like DDoS attacks, malware, and unauthorized access in
real-time.
Types:
Host-based IPS (HIPS): Protects a specific host or endpoint.
Network-based IPS (NIPS): Monitors and protects the entire network.
Advantages: Prevents attacks before they impact the system.
FEATURES TABLE:
EDR
Endpoint Detection and Response (EDR) Systems
OSI and TCP/IP Models
Networking Devices (Router, Switch, Hub, Bridge)
IP Addressing and Subnetting
Network Topologies (Star, Ring, Bus, Mesh)
DNS, DHCP, and HTTP Protocols
Types of Networks (LAN, WAN, MAN, VPN)
EDR
Real-time Endpoint Monitoring – Continuously monitors endpoint activities to
detect suspicious behavior.
Threat Detection & Analytics – Uses behavioral analysis, threat intelligence, and AI
to identify potential threats.
Incident Investigation – Provides detailed logs and forensic data to analyze
security incidents.
Automated & Manual Response – Can isolate compromised endpoints, block
malicious processes, and trigger alerts for manual investigation.
Threat Hunting – Allows security analysts to proactively search for hidden threats
using historical endpoint data.
XDR
A TOOL WHICH CARRY MUTIPLE FEATURES ON A SINGLE SCREEN
INCLUDING NETWORKING SECURITY,EMAIL SECUTIY,ENDPOINT
SECUIRTY.
Cross-layer Visibility: Provides visibility across endpoints,
networks, and other components to detect and respond to threats
more effectively.
Automated Threat Response: XDR can automatically initiate
responses to detected threats, reducing response time.
Centralized Management: A unified platform helps manage alerts,
incidents, and data from various security tools, simplifying
XDR
Threat Intelligence Integration: Integrates with external threat
intelligence feeds for better detection and understanding of
emerging threats.
Improved Investigation and Correlation: Uses AI and machine
learning to correlate disparate data points, offering deeper
insights into incidents.
THREAT ,VULNERBILITY,EXPLOITS AND
RISK
Threat – Think of it as a possible danger. It’s anything that could
cause harm to a system, like a hacker, malware, or even an insider
leaking data.
Example: A cybercriminal trying to steal customer data from
an online store.
Vulnerability – This is the weak spot in a system that a threat can
take advantage of. It could be outdated software, weak
passwords, or misconfigured security settings.
Example: A company using an old version of Windows that
hasn’t been updated, making it easy for hackers to break in.
THREAT ,VULNERBILITY,EXPLOITS AND
RISK
Exploit – This is the actual method used to take advantage of a
vulnerability. It could be a piece of malware, a phishing attack, or
a script that bypasses security controls.
Example: A hacker using a known bug in a web app to gain
unauthorized access.
Risk – This is the potential damage that could happen if a threat
successfully exploits a vulnerability. It’s a combination of how
likely an attack is and how bad the impact would be.
Example: If a hospital’s database has weak security
(vulnerability) and ransomware is spreading (threat)
TYPES OF CYBER THREATS
Malware – Malicious software designed to harm, exploit, or disrupt
systems. Includes viruses, worms, Trojans, and spyware.
Phishing – A social engineering attack where attackers trick users
into revealing sensitive information (passwords, credit card
details) through fake emails or websites.
Ransomware – A type of malware that encrypts files or systems
and demands a ransom for decryption.
Denial of Service (DoS) & Distributed Denial of Service (DDoS)
Attacks – Overloading a system, network, or website with
excessive traffic, making it unavailable to users.
TYPES OF CYBER THREATS
Man-in-the-Middle (MitM) Attack – Intercepting and altering
communication between two parties to steal or manipulate data.
SQL Injection – An attack that exploits vulnerabilities in web
applications by injecting malicious SQL code to manipulate or steal
data from databases.
Zero-Day Exploit – Attacks that target unknown software
vulnerabilities before developers can patch them.
TYPES OF CYBER THREATS
Insider Threats – Security risks posed by employees or other
insiders who misuse their access to steal or damage data.
Credential Stuffing – Using stolen username-password pairs from
data breaches to gain unauthorized access to multiple accounts.
DNS Spoofing (DNS Cache Poisoning) – Redirecting users to
fraudulent websites by altering DNS records.
Cross-Site Scripting (XSS) – Injecting malicious scripts into websites
that execute in users’ browsers to steal data or perform
unauthorized actions.
TYPES OF CYBER THREATS
Supply Chain Attacks – Targeting third-party vendors or software
providers to compromise a larger organization.
Brute Force Attacks – Repeatedly trying different password
combinations to gain unauthorized access to accounts.
Advanced Persistent Threats (APT) – Prolonged, targeted attacks
by cybercriminals or nation-states to gain long-term access to a
system for espionage or data theft.
TYPES OF CYBER THREATS
IoT Attacks – Exploiting vulnerabilities in Internet of Things (IoT)
devices (like smart cameras or home automation systems) to gain
control or launch attacks.
Session Hijacking – Taking over a user’s active session by stealing
session tokens, allowing attackers to access accounts without
login credentials.
Cryptojacking – Unauthorized use of a system’s processing power
to mine cryptocurrency.
TYPES OF CYBER THREATS
Social Engineering – Psychological manipulation of people into
divulging confidential information, often through phone calls,
emails, or in-person deception.
Deepfake Attacks – Using AI-generated media (videos, audio) to
impersonate individuals for fraud, blackmail, or misinformation.
Firmware Attacks – Exploiting vulnerabilities in device firmware to
gain deep, persistent access to hardware components.
SECURITY POLICIES AND RISK
MANAGEMENT
Security policies are formal documents that define an
organization’s rules, procedures, and guidelines for protecting its
assets, data, and IT infrastructure. These policies help ensure
compliance, manage risks, and prevent security incidents.
Risk management is the process of identifying, assessing, and
mitigating security risks to protect an organization from potential
threats. It involves analyzing vulnerabilities, implementing security
controls, and continuously monitoring risks to minimize impact.
SECURITY POLICIES AND RISK
MANAGEMENT
ISO/IEC 27001 (International Standard for Information Security
Management Systems - ISMS)
A globally recognized standard for establishing, implementing,
maintaining, and improving an Information Security Management
System (ISMS).
Focuses on risk-based thinking, continuous improvement, and a
structured approach to securing sensitive data.
SECURITY POLICIES AND RISK
MANAGEMENT
NIST (National Institute of Standards and Technology)
Cybersecurity Framework
A widely used framework that provides guidelines for managing
cybersecurity risks.
Consists of five core functions: Identify, Protect, Detect, Respond,
and Recover.
Helps organizations align security practices with business needs.
SECURITY POLICIES AND RISK
MANAGEMENT
SOC 2 (Service Organization Control 2) Report
A compliance report focused on data security, availability,
processing integrity, confidentiality, and privacy for service
providers handling customer data.
Based on the AICPA’s Trust Services Criteria and commonly used in
cloud and SaaS environments.
 PENETERATION
TESTING

ETHICAL HACKING
CYBER KILL CHAIN
The Cyber Kill Chain was socialized by
Lockheed Martin
It was developed as a method for
describing an intrusion from an attacker’s
point of view
It is the process of identifying the target
Assembling the force to attack the target
Attacking the target after making a
decision
Defeating a target
HACKERS
Assess Security Posture: Identify weaknesses before malicious
actors do.
Compliance: Required by standards like PCI-DSS, HIPAA, etc.
Improve Defenses: Provides actionable insights to improve
security measures.
Prevent Data Breaches: Helps prevent exploitation of critical
systems and data.
TYPES OF HACKERS
Black Hat
White Hat
Grey Hat
BLACK HAT
Assess Security Posture: Identify weaknesses before malicious
actors do.
Compliance: Required by standards like PCI-DSS, HIPAA, etc.
Improve Defenses: Provides actionable insights to improve
security measures.
Prevent Data Breaches: Helps prevent exploitation of critical
systems and data.
WHITE HAT
Ethical hackers who work legally to find and fix security
vulnerabilities in organizations. They help improve cybersecurity
by conducting penetration testing and vulnerability assessments.
GREY HAT
A mix of both black and white hat hackers. They often exploit
security flaws without malicious intent but may act without
permission, sometimes exposing vulnerabilities to the public or
affected organizations.
OTHER TYPES OF HACKERS
Script Kiddies: Inexperienced hackers who use pre-made tools
without deep technical knowledge.
Hacktivists: Use hacking to promote social, political, or ideological
causes.
State-Sponsored Hackers: Government-backed hackers
conducting cyber espionage or warfare.
Insider Threats: Employees or associates who exploit internal
access for personal or competitive advantage.
TYPES OF TESTING
White Box Testing
Black Box Testing
Grey Box Testing
WHITE BOX TESTING
Tester’s Knowledge: Full access to source code, architecture, and
internal structure.
Approach: Code analysis, static/dynamic testing, and logic
verification.
Use Case: Used in secure code reviews, application security
assessments, and unit testing.
Example: Reviewing the source code for SQL injection
vulnerabilities
BLACK BOX TESTING
Tester’s Knowledge: No prior knowledge of the system’s internal
workings.
Approach: Simulates a real-world attack scenario, focusing on
external security defenses.
Use Case: Used in penetration testing, social engineering
assessments, and external network security testing.
Example: Attempting to breach a web application without knowing
its underlying code or infrastructure.
GREY BOX TESTING
Tester’s Knowledge: Partial access to internal system details, such
as login credentials or API documentation.
Approach: Simulates an attacker with limited insider knowledge,
combining white and black box methods.
Use Case: Used in web applications, APIs, and network security
assessments where some system details are available.
Example: Testing an application with user privileges to find
privilege escalation flaws.
MAJOR DOMAINS OF
PENTESTING
Web Pentesting
Mobile Pentesting
Network Pentesting
Active Directory Pentesting
Cloud Pentesting
Large Language Module (AI Attacks)
Red Teaming
API Penetration Testing
Hardware Pentesting
IOT & OT Security
TYPES OF PENETERATION
TESTING
Network Penetration Testing
Web Application Penetration Testing
Mobile Application Penetration Testing
Wireless Penetration Testing
Social Engineering Penetration Testing
Physical Penetration Testing
Cloud Penetration Testing
API Penetration Testing
IoT Penetration Testing
Red Team Engagements
BASIC LINUX
COMMAND
IMPORTANCE OF LINUX
COMMANDS
Widely used in servers, networks, and

security tools

Foundation for penetration testing,

forensic analysis, and system

hardening

Open-source nature allows for

flexibility and customization

BASIC OF LINUX

File System Navigation

Users And Privilieges
Network Commands
Install And Update
FILE SYSTEM NAVIGATION
#Pwd(Print Working Directory.It give me the result on which directory i
am working.)
#cd (change directory)
#cd ..(to go backward)
#cd /root(for forward u can use “# cd r” and use tab button to get
suggestion)
#ls(Command to see folders and files )
#ls /etc( u can go to any folder via ‘/’ )
FILE SYSTEM NAVIGATION
#cd /etc
#mkdir Abdullah(it helps to create a folder with name of ‘Abdullah’)
#ls -la(to see the hidden folders)
#rmdir Abdullah/(Command to delete directory)
#echo “Hi” > Abdullah.txt
#cp test.txt Downloads (to copy file into Downloads folder)
#rm Downloads/test.txt(It will delete command)
#locate txt (it will find all the files in linux which extension is ‘txt’)
#passwd(command to set new password on kali)
#man ls(to show all options of ls)
FILE SYSTEM NAVIGATION
#adduser saad(this command is used to create users )
#cat /etc/passwd(this file gives details about user)
#cat /etc/shadow(it gives passwords hashes of users)
USER AND PRIVILIEGES COMMAND
USER AND PRIVILIEGES COMMAND
USER AND PRIVILIEGES COMMAND
We have multiple users and their rights
ls -la(to see the executable files access)
drwx(d—>directory,r—>read,w—>write,x—> execute)
#chmod +drwx hello.txt(through this command u can give rights to user
#chmod 777 hello.txt(it gives rights to privilige you)
NETWORK COMMAND
#ifconfig(to see network ip and mac adresss)
#iwconfig(to see wireless communication)
#ping
#arp -a (use to find out mac address on the basis of their IPs.)
#netstat -a(this commands helps to see inbound out bound
communication)
#route (it show ur network traffic,and gateway)
SERVICES COMMANDS
Web server
SSH
SSH
SQL server
#service apache2 start(it run the apache server.to check u can enter ur
system ip in web browser)
#python3 -m http.server 8000(this command is used to host any page
of ur linux to webservice)
#systemctl enable ssh or postgresql(This command used to run or
enable service which automatically start when system boot up.)
OVER THE WIRE:
Lab 1
Lab 2
Lab 3
Lab 4
CYBER KILL CHAIN
The Cyber Kill Chain was socialized by
Lockheed Martin
It was developed as a method for
describing an intrusion from an
attacker’s point of view
It is the process of identifying the target
Assembling the force to attack the
target
Attacking the target after making a
decision
Defeating a target
 MOCK
SCENARIO
 CASE STUDIES

In January 2023, T-Mobile USA experienced a significant data breach due to a network vulnerability. Attackers
exploited a flaw in T-Mobile's network management system, allowing unauthorized access to sensitive customer data.
The vulnerability involved weaknesses in the network infrastructure’s security protocols, which enabled the attackers
to bypass authentication mechanisms. This breach exposed personal information of millions of customers, including
names, addresses, and phone numbers. The incident highlighted the need for robust network security measures and
regular vulnerability assessments.

https://techcrunch.com/2023/01/19/t-mobile-data-breach/
COMMON NETWORK
PENTESTING TOOLS
Nmap: Scans networks for open ports and
services.
Metasploit: Exploitation framework for
testing vulnerabilities.
Wireshark: Captures and analyzes network
traffic.
Aircrack-ng: Tests Wi-Fi network security.
Hydra: Brute-force login attacks on network
services.
 NETWORK
ENUMERATION
NETWORK
ENUMERATION

Network Discovery: Identifies devices,

IP addresses, and services within a
network.
Information Gathering: Collects data
on open ports, services, and network
shares for potential vulnerabilities.
Security Assessment: Helps in
vulnerability identification and
defense planning for networks.
COMMON TOOLS
FOR THAT

NMAP
NET DISCOVER
MSFCONSOLE
SMB CLIENT
SSH
NESSUS
SCANNING
SCANNING
Scanning involves using specialized

tools to probe a network for open

ports, running services, and

vulnerabilities. This step helps

identify potential attack vectors and

assess the overall security posture

of the network.
SCANNING
nmap

Net cat

banner grabbing

smb client

ssh

Net Discover
LAB
KIOPTRIX LEVEL 1

KIOPTRIX LEVEL 2
EXPLOITATION
 EXPLOITATION
Exploitation is the process of leveraging
identified vulnerabilities in a system to
gain unauthorized access, execute
commands, or extract sensitive
information. It is a critical step in
network pentesting to demonstrate the
potential impact of a security flaw.
LAB
KIOPTRIX LEVEL 1

KIOPTRIX LEVEL 2
MOST POPULAR
EXPLOITATION TOOLS
THESE TOOLS WE HAVE USE IN EXPLOIUTATION FTP SERVICE IN

KIOPTIX LEVEL 1

MSFCONSOLE

https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_2

34_backdoor/ #exploit/unix/ftp/vsftpd_234_backdoor

MSFVENOM
MOST POPULAR
EXPLOITATION TOOLS
GIT HUB

(https://github.com/ahervias77/vsftpd-2.3.4-exploit)

SEARCHSPLOIT

searchsploit exploit

searchsploit -m exploit (through that we can download exploit)

cat exploit(We read exploit)

└─# python3 49757.py 192.168.85.200