A Laboratory Manual for

Cyber Security
(3150714)

B.E. Semester 5
(Information Technology)

1
IT- SSEC , Bhavnagar Batch : B9
 Directorate of Technical Education, Gandhinagar,
Gujarat

2
IT- SSEC , Bhavnagar Batch : B9
 Government Engineering College, Dahod
Certificate
This is to certify that Mr./Ms. Omi Vimalkumar Chaudhari
Enrollment No. 240433116008 of B.E. Semester Information
Technology of this Institute (GTU Code : 043 ) has satisfactorily completed
the Practical / Tutorial work for the subject Cyber Security (3150714) for the
academic year 2025-26.

Place:
Date:

Name and Sign of Faculty member

Head of the Department

3
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714)

Preface

Cyber security is the technology and process that is designed to protect networks and devices
from attacks, damage, or unauthorized access. Cyber security is essential for a country’s military,
hospitals, large corporations, small businesses, and other organizations and individuals since data
is now the cornerstone of any organization.

The cyber security practical lab manual is a guide for students who want to learn and practice
various aspects of cyber security in a realistic and hands-on manner. The manual provides a set
of experiments, simulations, tests, and projects related to cyber security that cover various topics
such as cryptography, network security, web security, malware analysis, penetration testing, etc.

The manual consists of several chapters, each containing a brief introduction to the topic, a list of
objectives, a description of the required tools and software, a step-by-step procedure for
conducting the experiment or project, some questions for self-assessment or discussion, and some
references for further reading.

One of the objectives of this cyber security practical lab manual is to help students understand the
cyber laws that govern and protect cyberspace. Cyber laws are the legal framework that regulates
and protects cyberspace from cyber threats. Cyber laws aim to prevent, detect, and punish
cybercrimes and to promote cyber security awareness and best practices among users.

The manual is intended for the third-year students of the Information Technology branch in the
subject of cyber security. The manual assumes that the students have some basic knowledge of
computer networks, operating systems, programming languages. The manual also assumes that
the students have access to a cyber security laboratory that provides a realistic network
environment with various devices and software.

The manual aims to provide a stimulating and engaging learning experience for students who
want to pursue a career or further education in cyber security. The manual also hopes to inspire
students to contribute to the advancement of cyber security knowledge and practice in the society.

4
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714)

Practical – Course Outcome matrix

Course Outcomes:
1. Describe system and web vulnerability.
2. Evaluate network defense tools.
3. understand the cyber laws.
4. investigate cybercrime, prepare report, and apply laws for the case.

Sr. CO CO CO CO
Objective(s) of Experiment
No. 1 2 3 4
Install Kali Linux. Examine the utilities and tools
1. √ √
available in Kali Linux and Analyze 5 tools.
Evaluate network defense tools for following.
2. √ √
(i) IP spoofing (ii) DOS attack
Explore the Nmap tool and list how it can be used for
3. √
network defense.

4. Explore the NetCat tool. √ √

5. Use Wireshark tool and explore the packet format. √ √

Examine SQL injection attack. Perform SQLinjection

6. √ √
with SQLMap on vulnerable websites.
Examine software keyloggers and hardware
7. √ √
keyloggers
Perform online attacks and offline attacks of password
8. √ √
cracking
Consider a case study of cybercrime, where the
attacker has performed online credit card fraud.
9. √ √
Prepare a report and list the laws that will be
implemented on attacker

5
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714)

Industry Relevant Skills

The following industry relevant competency is expected to be developed in the student by

undertaking the practical work of this laboratory.
1. Knowledge: Students are expected to acquire knowledge of various concepts and
principles of cyber security, such as cryptography, network security, web security,
malware analysis, penetration testing, etc. Students are also expected to acquire the
knowledge of various cyber laws and regulations that govern and protect cyberspace.
2. Skills: Students are expected to develop the skills and techniques to identify, analyze,
and mitigate cyber risks and vulnerabilities. Students are also expected to develop the
skills and techniques to use various tools and software to perform cyber security tasks,
such as encryption, authentication, scanning, etc.
3. Attitude: Students are expected to develop a positive attitude towards cyber security
and its importance in the digital world. Students are also expected to develop a sense
of responsibility and ethics in cyberspace. Students are also expected to develop a habit
of continuous learning and updating their knowledge and skills in cyber security.

Guidelines for Faculty members

 Faculty members should ensure that they have adequate knowledge and skills in cyber
security and its related topics. Faculty members should also keep themselves updated
with the latest developments and trends in cyber security.
 Faculty members should prepare and plan the practical sessions in advance and ensure
that the required tools and software are available and working properly. Faculty
members should also ensure that the laboratory environment is safe and secure for the
students and the equipment.
 Faculty members should explain the objectives, outcomes, and procedures of each
experiment or project clearly and concisely to the students. Faculty members should
also demonstrate the steps and techniques involved in each experiment or project to the
students.
 Faculty members should supervise and monitor the students’ progress and performance
during the practical sessions. Faculty members should also provide guidance, feedback,
and support to the students as and when required. Faculty members should also
encourage the students to ask questions and clear up their doubts.
 Faculty members should evaluate the students’ work and results based on predefined
criteria and rubrics. Faculty members should also provide constructive feedback and
suggestions for improvement to the students. Faculty members should also appreciate
and acknowledge the students’ efforts and achievements.
 Faculty members should promote a culture of cyber security awareness and best
practices among the students. Faculty members should also instill a sense of
responsibility and ethics in cyberspace among the students. Faculty members should
also motivate and inspire the students to pursue a career or further education in cyber
security.

6
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714)

Instructions for Students

 Students should read and understand the objectives, outcomes, and procedures of each
experiment or project before starting the practical session. Students should also prepare and
review the required tools and software for each experiment or project.
 Students should follow the instructions and guidelines given by the faculty members during
the practical session. Students should also perform the steps and techniques involved in each
experiment or project carefully and accurately. Students should also record their
observations and results properly and systematically.
 Students should ask questions and clear their doubts with the faculty members or their peers
during the practical session. Students should also seek guidance, feedback, and support from
the faculty members or their peers as and when required. Students should also share their
knowledge and skills with their peers.
 Students should submit their work and results to the faculty members for evaluation within
the stipulated time. Students should also accept and implement the feedback and suggestions
given by the faculty members for improvement. Students should also learn from their
mistakes and achievements.
 Students should follow cyber security best practices and standards while performing cyber
security tasks. Students should also respect the rights and privacy of others in cyberspace.
Students should also avoid any unethical or illegal activities in cyberspace.
 Students should develop an interest and passion for cyber security and its related topics.
Students should also update their knowledge and skills in cyber security regularly. Students
should also explore career or further education opportunities in cyber security.

Common Safety Instructions

1. Students are expected to be too careful.
2. Students should wear appropriate clothing and footwear while working in the laboratory.
Students should also avoid wearing loose or dangling accessories that may get caught in the
equipment.
3. Students should handle the equipment and devices with care and caution. Students should
also avoid touching any wires or cables that may be alive or hot. Students should also switch
off and unplug the equipment and devices when not in use or when leaving the laboratory.
4. Students should keep the laboratory clean and tidy. Students should also dispose of any
waste materials properly and safely. Students should also report any spills, leaks, or damages
to the faculty members or the laboratory staff immediately.
5. Students should follow the emergency procedures in case of any fire, electric shock, injury,
or other accidents. Students should also know the location and use of the fire extinguishers,
first aid kits, and emergency exits in the laboratory.
6. Students should respect the laboratory rules and policies. Students should also cooperate and
communicate with the faculty members, the laboratory staff, and their peers in the
laboratory. Students should also avoid any disruptive or dangerous behavior in the
laboratory.

7
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714)

Index
(Progressive Assessment Sheet)

Sr. Objective(s) of Experiment Page Date of Date of Assessme Sign. of Remar

No. No. perform submiss nt Teacher ks
ance ion Marks with date
1 Install Kali Linux. Examine the utilities and
tools available in Kali Linux and Analyze 5
tools.
2 Evaluate network defense tools for following.
(i) IP spoofing (ii) DOS attack
3 Explore the Nmap tool and list how it can be
used for network defense.
4
Explore the NetCat tool.

5 Use Wireshark tool and explore the packet

format.
6 Examine SQL injection attack. Perform
SQLinjection with SQLMap on vulnerable
websites.
7 Examine software keyloggers and hardware
keyloggers
8 Perform online attacks and offline attacks of
password cracking
9 Consider a case study of cybercrime, where
the attacker has performed online credit card
fraud.
Prepare a report and list the laws that will be
implemented on attacker
Total

8
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Experiment No: 1
Install Kali Linux. Examine the utilities and tools available in Kali Linux and
Analyze 5 tools.
Date:

Competency and Practical Skills: Students will be able to install and use Kali Linux, a popular
operating system for cyber security professionals and ethical hackers. Students will also be able
to explore and study various utilities and tools available in Kali Linux for performing different
cyber security tasks.

Relevant CO:
1. Describe system and web vulnerability.
2. Evaluate network defense tools.

Objectives:

a. To introduce students to Kali Linux, a popular operating system for cyber security professionals
and ethical hackers.
b. To enable students to install and use Kali Linux on a virtual machine or a physical machine.
c. To familiarize students with the basic settings and preferences of Kali Linux.
d. To teach students how to update and upgrade the Kali Linux system and its packages.
e. To help students navigate and use the graphical user interface (GUI) and the command-line
interface (CLI) of Kali Linux.
f. To provide students with Kali Linux documentation and help resources.
g. To expose students to the utilities and tools available in Kali Linux for different cyber security
tasks.
h. To train students how to use five tools of their choice from different categories for performing
cyber security tasks.

Equipment/Instruments: Computer, Internet

Introduction

Kali Linux is a free and open-source Linux-based operating system that is designed for advanced
Penetration Testing and Security Auditing. It contains several hundred tools for various Information
Security tasks, such as Penetration Testing, Security Research, Computer Forensics, Reverse Engineering,
Vulnerability Management and Red Team Testing. It was developed by Mati Aharoni and Devon Kearns
of Offensive Security. Kali Linux is a multi-platform solution that can be used by information security
professionals and hobbyists.

Advantages:
 It has 600+ Penetration testing and network security tools pre-installed.
 It is completely free and open source. So, you can use it for free and even contribute for its
development.

1
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

 It supports many languages.

 Great for those who are intermediate in Linux and have their hands on Linux commands.
 Could be easily used with Raspberry Pi.

Disadvantages:

 It is not recommended for those who are new to Linux and want to learn Linux. (As it is
Penetration Oriented)
 It is a bit slower.
 Some software may malfunction.

Why Kali Linux?

If an individual is into penetration testing or cybersecurity in general, you'll appreciate that Kali Linux
already has the specialized tools you'll need installed and configured. Also, if you're curious about any
security-related problems in a program or website, Kali Linux is an excellent choice.

There is a common misconception that Kali may be used to break into user accounts or servers. One of
the most widespread misconceptions regarding Kali Linux is this. Kali Linux is essentially a specialized
version of Debian that includes a suite of security and network administration utilities. This is a weapon
for self-defense or self-training only. Kali Linux's primary target audience is IT specialists. Those
interested in Penetration Testing, Cyber Security, or Ethical Hacking will find this book useful. It is a
potent instrument, and its application could result in financial losses.

Installation Steps

There are various methods available for the installation of Kali Linux. The OS can be installed directly
onto the computer or through a Virtual Machine (VM). If you wish to install the it directly onto your
computer you will need USB stick, Kali Linux ISO and Rufus to make it bootable USB drive. For VM
installation you require VirtualBox software and Kali Linux ISO. Installation steps for methods will
remain the same.

1. System Requirements:
a. A Computer (Minimum Requirements: 20GB Hard Disk space, 2GB RAM, Intel Core i3
or AMD E1 equivalent)
2. Installation Prerequisite
a. USB stick (6 GB or More)
b. Kali Linux ISO file (https://www.kali.org/)
c. Rufus (To create Bootable Drive - https://rufus.ie/en/)
d. If Kali Linux will be installed in the Virtual Machine than make sure Virtual Box
software (https://www.virtualbox.org/) are installed.
3. Creating a New VM
Once you have downloaded the installation image, you can create a new VM. Open VirtualBox and
create a new VM (Machine > New or Ctrl+N) on which Kali Linux will be installed.

2
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Set the following VM parameters:

Name: Kali_x64
Machine Folder: C:\Virtual\VirtualBox (This path is used only for demo purpose. Try not to use a
system partition to store VMs).
Type: Linux
Version: Debian (64-bit)
Memory size: 4096 MB. The VM memory size must be large enough to run a guest OS, though you
should leave enough unallocated memory to run your host OS. In the current example, a host machine
with 16 GB of RAM is used, which provides enough memory left for a host OS.
Hard disk: Create a virtual hard disk now.
Hit Create to continue and configure a new virtual hard disk.

3
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Set the virtual disk file location, for example C:\Virtual\VirtualBox\Kali_x6Kali_x64.vdi

It is recommended that you store virtual disk files in the VM folder (such folder is selected by default).

Set the virtual disk file size. It should be at least 20 GB.

Hard disk file type: VDI. A native VirtualBox format is selected.

Storage on physical disk: Dynamically allocated.
Click Create to finish creating a new VM.

4
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

After creating a new VM, some additional settings must be configured. Select your recently created
virtual machine and open the VM settings.

5
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Display options
Go to Display > Screen and set Video Memory to 128 MB. It will prevent installer hanging.
Next, tick the checkbox Enable 3D acceleration (optional). It will be useful for applications that need
3D acceleration.

Network options
Next, go to the network settings and select the networking mode of the virtual network adapter of the
VM. Let’s select the Bridged mode to use the VM network adapter much as you would for a physical
network adapter of the host machine. In this case, the VM network adapter is connected to the same
physical network as the host machine. You can set additional options such as network adapter name,
type, MAC address etc.

6
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Boot options

You must insert your virtual ISO DVD image to a virtual DVD drive of the VM and then boot a virtual
machine from that ISO disk. In the VM settings, go to Storage, select an IDE controller of your virtual
optical drive (it is empty by default). Click the empty status, then click the disc icon near IDE Secondary
Master and in the opened menu, select Choose Virtual Optical Disk File. Browse the Kali Linux
installation ISO image that you have downloaded from the official site before (kali-linux-2019.2-
amd64.iso). Hit OK to save settings.

7
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

4. Start Installation

Now you can start your new VM (Kali_x64 in this case) and begin the Kali installation.

After booting from a virtual DVD, you will see a boot menu where you can select boot options for Kali
Linux such as Boot from Live DVD, Install, Graphical Install etc. Let’s select Graphical Install.
Press Enter to continue.

8
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

5. Select a language. Choose the language you wish to use for the installation process and the
installed system. English is selected for the current installation. Click the Continue button on
each screen to move forward.

9
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

6. Select your location. This option is used to set your time zone, time format, etc. United States
has been selected in the current example.

10
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

7. Configure the keyboard. Select your keyboard layout. American English is used for the current
installation.

11
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

8. Configure the network. Enter the hostname for your Linux system, for example, kali-
virtualbox.

12
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

9. Configure the domain name. If you don’t use a domain in your network, you may leave this
field empty.

10. Set up users and passwords. Read the useful tips on this screen and enter the password for root.

13
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

11. Configure the clock. Now you can select a precise time zone for your country.

14
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

12. Partition disks. You can use manual and guided partitioning of disks. For the first time, you can
select Guided – use entire disk. The entire disk will be used for creating one big partition.

Confirm that you want to erase the disk. There is no reason to worry, as in this case, the empty 20-GB
virtual disk is used for partitioning.

Select a preferred partitioning scheme for your virtual disk. Let’s select All files in one partition.

15
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Check the overview and select Finish partitioning and write changes to disk.

Select Yes and confirm that you would like to write changes to the disk.

13. Wait for the system to be installed. As Kali Linux is being installed, the files are being copied to
the virtual disk of the VM.

16
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

14. Configure the package manager. Click Yes if you would like to use a network mirror. Selecting
this option will allow you to install or update application packages from online software
repositories.

Enter the information about your proxy server if you use a proxy server for internet access from your
network. There is no proxy server in this example; so this field is left empty.

17
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

15. Install the GRUB boot loader on a hard disk. Since there is no other operating systems and
boot loaders on a virtual disk, it is necessary to install GRUB in this case. Select Yes to install
GRUB.

Select a disk to which GRUB must be installed. In this case, /dev/sda is the necessary disk and is the
only disk connected to a VM.

16. Finish the installation. When the installation of Kali Linux on VirtualBox is complete, you will
see a notification message. Now you can reboot the virtual machine to boot the Kali Linux
installed on the VirtualBox VM.

18
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

After the reboot, you will see a login screen of Kali Linux. Enter root as a username, then enter the
password set during installing Kali Linux on VirtualBox to sign in.

Now you should see the Gnome Desktop of Kali Linux installed on your VirtualBox virtual machine.

Once installation is completed then open the terminal and type “sudo apt-get update”. It will update the

19
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

repositories. Make sure that you are connected to the internet There after various drivers can be installed
on Kali Linux. Please refer how to install drivers in Kali Linux. https://www.nakivo.com/blog/how-to-
install-kali-linux-on-virtualbox/)

Popular Stress Testing Tools in Kali Linux:

1. Aircrack-ng
2. Burpsuite
3. Crackmapexec
4. Hydra
5. Johntheripper (jtr)
6. Metasploit
7. Nmap (Network Mapper)
8. Responder
9. Sqlmap
10. Wireshark

1. Aircrack-ng

Introduction to Aircrack-ng

Aircrack-ng is a tool that comes pre-installed in Kali Linux and is used for Wi-Fi network security and
hacking. Aircrack is an all-in-one packet sniffer, WEP and WPA/WPA2 cracker, analyzing tool and a
hash capturing tool. It is a tool used for Wi-Fi hacking. It helps in capturing the package and reading the
hashes out of them and even cracking those hashes by various attacks like dictionary attacks. It supports
almost all the latest wireless interfaces.
It mainly focuses on 4 areas:

Monitoring: Captures cap, packet, or hash files.

Attacking: Performs de-authentication or creates fake access points
Testing: Checking the Wi-Fi cards or driver capabilities
Cracking: Various security standards like WEP or WPA PSK.

Strength and Weakness

Strengths
 A famous hacker tool that you can use for nothing.
 Versions for Windows as well as Unix, Linux, and macOS
 Already installed in Kali Linux
 Can crack wireless network encryption.
Weakness
 Difficult to install.
 Difficult to use.
 No graphical user interface
 Excels at cracking WEP encryption, which is no longer used on wireless systems.
 The WPA-TKP utilities don’t work.

20
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Working with aircrack-ng

1. To list all network interfaces.

airmon-ng
This command will return all the network interfaces available or connected to the system.

2. Stopping the desired network interface.

airmon-ng stop wlan0mon
To stop a network interface enter the above command and replace “wlan0” with the desired network
interface.

3. Starting a network interface at a specific channel.

airmon-ng start wlan0 10
To start a network interface at a specific channel enter the above command and replace “ wlan0” with
the desired network interface and 10 with the desired channel name.

21
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

3. Collecting authentication handshake

airodump-ng -c 10 --bssid 00:15:5D:9C:44:00 -w psk wlan0

To collect the authentication handshake, enter the above command in terminal and replace “wlan0”
with the desired network interface and 10 with the desired channel name and bssid with the bssid of
the wifi.

5. Cracking the captured handshake file by means of a wordlist

aircrack-ng -w wordlist psk.cap

22
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

To run a brute force attack and to crack the password enter the above command in the terminal and replace
“wordlist” with the desired wordlist to be used and “wpa.cap” with the desired handshake filename.

6. To get the help section of the tool

aircrack-ng --help
The above command will display the help section of the aircrack-ng command.

23
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

7. To display the # of CPUs and SIMD support

aircrack-ng -u
The above command will display the details of the hash of CPUs and SIMD support.

24
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

WRITE ABOUT TOOLS, ATLEAST 5 TOOLS USED BY CYBER SECURITY EXPERTS.

PLEASE TAKE REFERENCE OF ABOVE AIRCRACK-NG TOOL

25
IT- SSEC , Bhavnagar Batch : B9
Cyber Security (3150714) 240433116008

Study Tool : 1

i. INTRODUCTION TO TOOL/SOFTWARE
ii. STRENGTH AND WEAKNESS
iii.WORKING WITH TOOL/SOFTWARE (INCLUDE COMMAND,
EXPLAINATION OF COMMAND AND OUTPUT/SCREENSHOT)

1) Introduction to hping3 tool :

 hping3 is a command-line oriented TCP/IP packet assembler/analyzer used in

network security auditing and testing. It allows the crafting of custom packets
(TCP, UDP, ICMP) and is primarily used for tasks like firewall testing, port
scanning, network performance measurement, and DoS attack simulation. It is
available by default in Kali Linux and is popular among ethical hackers and
penetration testers for low-level packet analysis.

2) Strength of Tool :

 Can create custom TCP/IP packets, useful for testing firewalls, IDS/IPS, and network
configurations.

 Excellent for firewall rules testing; can mimic legitimate traffic or use fragmentation
to bypass filters.

 Works with TCP, UDP, ICMP, and RAW-IP protocols, making it versatile for
different types of network scanning.

 Can perform RTT (Round Trip Time), traceroute, and bandwidth measurement, useful
for diagnostics

 Can be used in scripts for automated network scanning or attack simulation.

3)Weakness of Tool :

 No GUI, which may be difficult for beginners or users unfamiliar with terminal-based
tools.

 No active updates or community support for newer network protocols (e.g., IPv6
extensions).

26
IT- SSEC , Bhavnagar Batch : B9
Cyber Security (3150714) 240433116008

 Needs administrative access to run most functions, which can be a security concern.

 Output is not as user-friendly or detailed compared to tools like Nmap or Wireshark.

 If not used stealthily, it can be easily detected by intrusion detection systems.

4) Working With Tool / Software :

1) sudo hping3 -I eth0 -S 192.168.186.128 -p 80 :

Description :

 The command sudo hping3 -I eth0 -S 192.168.186.128 -p 80 sends a TCP

SYN packet to port 80 of the target IP 192.168.186.128 using the network
interface eth0. The -S flag sets the SYN bit, simulating the start of a TCP
connection, commonly used for stealth or half-open scans. If the target
port is open, it responds with a SYN-ACK; if closed, it responds with
RST; if filtered, there’s no response. This helps in testing firewall rules,
detecting open ports, and analyzing network behavior. Running the
command with sudo is necessary because it uses raw sockets.

27
IT- SSEC , Bhavnagar Batch : B9
Cyber Security (3150714) 240433116008

2) sudo hping3 –traceroute -V -1 1 142.250.183.206

Description :

 The command sudo hping3 -I eth0 -S 192.168.186.128 -p 80 sends a TCP SYN

packet to port 80 of the target IP 192.168.186.128 using the network interface
eth0. The -S flag sets the SYN bit, simulating the start of a TCP connection,
commonly used for stealth or half-open scans. If the target port is open, it
responds with a SYN-ACK; if closed, it responds with RST; if filtered, there’s no
response. This helps in testing firewall rules, detecting open ports, and analyzing
network behavior. Running the command with sudo is necessary because it
uses raw sockets.

28
IT- SSEC , Bhavnagar Batch : B9
Cyber Security (3150714) 240433116008

Study Tool : 2

i. INTRODUCTION TO TOOL/SOFTWARE
ii. STRENGTH AND WEAKNESS
iii. WORKING WITH TOOL/SOFTWARE (INCLUDE COMMAND, EXPLAINATION
OF COMMAND AND OUTPUT/SCREENSHOT)

1) Introduction to nikto Tool :

 Nikto is an open-source web server scanner available in Kali Linux, used
to detect vulnerabilities and misconfigurations in web servers and
applications. It performs comprehensive tests against web servers for over
6,700 potentially dangerous files and programs, checks for outdated server
versions, and looks for problems like default files, insecure HTTP
methods, and server configuration issues.
 It supports HTTP, HTTPS, and proxy servers, and is widely used in penetration
testing and security audits. While it's not stealthy and can be easily detected, it is
extremely effective for quickly identifying common web vulnerabilities and entry
points for attacks.

2) Strengths of Tool :

 Scans for 6,700+ known vulnerabilities, insecure files, and CGI scripts.
 Actively maintained and completely free to use in Kali and other platforms.
 Simple command-line interface; beginners can start scanning with just one line.
 Performs quick scans and detects a wide range of server misconfigurations.
 Flags outdated versions of web servers and known vulnerabilities.

29
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

3) Weaknesses of Tool :

 Easily detectable by IDS/IPS systems; can trigger alerts.

 Nikto is a scanner only; it does not exploit the vulnerabilities it finds.
 Lacks deep support for modern web technologies (like JavaScript-heavy SPAs
or APIs).
 Some findings may not always be actual vulnerabilities, requiring manual
verification.
 No GUI, which may be a barrier for users who prefer visual interfaces.

4) Working With Tool / Software :

1) nikto -list – plugins :

Description :
 The command nikto -list-plugins is used to display all the available
plugins that Nikto can use during a web server scan. Plugins extend
Nikto’s functionality by performing specific vulnerability checks like
CGI issues, SSL problems, HTTP methods, and server
misconfigurations. This helps users understand what types of tests will
be performed. It is useful for customizing or reviewing the scanning
scope before an assessment.

30
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

31
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

2) nikto -h google.com -Tuning x :

Description :
 The command nikto -h google.com -Tuning x is used to scan the web server at
google.com using Nikto, applying specific types of vulnerability checks
defined by the -Tuning option. The -Tuning x flag tells Nikto to perform all
available scan types, including file checks, injection flaws, outdated server
software, and more. This results in a comprehensive and extensive scan of the
target. It is useful for full assessments but may take longer and generate more
network traffic.

3) nikto -h https://www.google.com -Tuning 123 :

Description :
 This Nikto command scans the Google web server (https://www.google.com) with the
-Tuning 123 option, which limits the scan to specific types of vulnerabilities:

 1 → File Upload vulnerabilities

 2 → Interesting files / hidden paths
 3 → Misconfigurations

 Nikto connects to port 443 (HTTPS) and also shows SSL certificate details like cipher,
issuer, and subject. The output helps identify limited categories of issues without
performing a full scan.

32
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

4) nikto -h https://ssgec.ac.in :

Description :
 This Nikto command scans the HTTPS-enabled website ssgec.ac.in for web server
vulnerabilities. It connects to port 443 and identifies the server as nginx/1.25.5. The
SSL certificate details show it's issued by Let’s Encrypt with strong cipher usage.
The scan reports missing or misconfigured headers like X-Frame-Options, X-
Content-Type-Options, and presence of uncommon headers, which may expose the
site to clickjacking and content-type spoofing risks. This helps administrators
identify and fix common web security issues.

33
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Study Tool : 3

i. INTRODUCTION TO TOOL/SOFTWARE
ii. STRENGTH AND WEAKNESS
iii. WORKING WITH TOOL/SOFTWARE (INCLUDE COMMAND,
EXPLAINATION OF COMMAND AND OUTPUT/SCREENSHOT)

1) Introduction to tcpdump Tool :

 TCPDump is a powerful command-line packet analyzer available in Kali Linux,
used for capturing and analyzing network traffic. It allows users to monitor,
intercept, and log packets that are transmitted or received over a network interface.
TCPDump supports filtering based on IP addresses, protocols, ports, and more,
making it useful for network troubleshooting, intrusion detection, and forensic
analysis.
 It is lightweight, fast, and widely used by network administrators and security
professionals for real-time traffic inspection and debugging.

2) Strengths of Tool :

 Captures live network traffic with very low system resource usage.
 Supports powerful filtering using Berkeley Packet Filter (BPF) syntax.
 Can save captured data to files (.pcap) for offline analysis.
 Widely supported and compatible with tools like Wireshark.
 Ideal for real-time network debugging, diagnostics, and auditing.

3) Weaknesses of Tool :
 Command-line only; no graphical interface, which may challenge beginners.
 Cannot decode or reassemble complex application-level protocols on its own.
 Not ideal for visual analysis or long-term traffic investigation.
 Limited analysis features compared to GUI tools like Wireshark.
 Requires root privileges and deep protocol knowledge for effective use.

34
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

4) Working with Tool/Software :

1) sudo tcpdump :
Description :
 This command starts a live packet capture on the default network interface (usually eth0)
using tcpdump. It captures all visible traffic, including IPv4 and IPv6 mDNS packets,
which are typically used for local network service discovery (like printers, shared
devices). The summary shows that 12 packets were captured, none were dropped. Since
no filter was applied, all traffic on the interface was captured, making this useful for
general monitoring or initial network inspection.

35
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

2) sudo tcpdump -i eth0 :

Description :
 This command tells tcpdump to capture live network traffic specifically on the eth0
interface. It shows both IPv4 UDP packets (port 51030 to multicast IPs) and IPv6 mDNS
packets, including service discovery and router advertisements. The capture helps in
identifying devices, services, and traffic patterns on the local network. The output shows
16 packets captured, none dropped, indicating successful traffic monitoring without loss.
This is useful for network diagnostics and traffic analysis.

36
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Study Tool : 4

i. INTRODUCTION TO TOOL/SOFTWARE
ii. STRENGTH AND WEAKNESS
iii. WORKING WITH TOOL/SOFTWARE (INCLUDE COMMAND,
EXPLAINATION OF COMMAND AND OUTPUT/SCREENSHOT)

1) Introduction to Wireshark :
 Wireshark is a free and open-source network protocol analyzer that captures and visually
displays network packets in real-time. It supports deep inspection of hundreds of protocols
and works across multiple platforms like Linux, Windows, and macOS. It is widely used
for network troubleshooting, security analysis, protocol development, and education.
Wireshark allows users to apply filters, view detailed packet contents, and save captures
for later analysis.

2) Strengths of Tool :
 User-Friendly GUI: Easy to understand with a powerful graphical interface.
 Deep Packet Inspection: Offers full decoding of numerous protocols.
 Filtering & Search: Advanced filters help quickly isolate relevant data.
 Export Options: Capture files can be saved, analyzed, and exported in multiple
formats.
 Cross-Platform Support: Works on Linux, Windows, and macOS.
3) Weaknesses of Tool :
 Resource-Intensive: May slow down the system during heavy captures.
 Not Ideal for Encrypted Traffic: Struggles to decrypt HTTPS or other secure
communications without proper keys.
 Requires Privileges: Needs root/admin access to capture live traffic on many systems.

37
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

 Not for Beginners: Complex interface and terminology may overwhelm new users.
 Passive Tool: Can only monitor but not actively modify network traffic.

4) Working with Tool/Software :

1) tcp packet tracing :
Description :
 Based on the uploaded snapshot of Wireshark, you are capturing live traffic on
interface eth0 and filtering specifically for TCP packets. The display shows
communication between a public IP (like 142.251.220.4 — possibly Google) and a
local IP (192.168.127.128) over port 443 (HTTPS), using protocols like TCP and
TLSv1.3. The Info column reveals handshake steps like Server Hello, Change Cipher
Spec, and Application Data, indicating an encrypted HTTPS session. This snapshot
demonstrates Wireshark's ability to show detailed packet-level communication,
including timing, source/destination IPs, and protocol behavior — making it excellent
for analyzing secure web traffic.

38
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

2) udp packet tracing :

Description :
 Based on the uploaded Wireshark UDP snapshot, you're analyzing traffic filtered by
the udp keyword. The capture shows NTP (Network Time Protocol) and DNS
(Domain Name System) communication. The source IP 192.168.127.128 (local
machine) sends DNS queries and NTP requests, while responses come from other IPs
like 14.139.60.103. The DNS queries use different IDs (e.g., 0x2de5, 0x0ce4), and
responses indicate successful exchanges. This shows how Wireshark can help monitor
UDP-based services like DNS and NTP in real-time, useful for troubleshooting name
resolution or time sync issues.

39
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

3) tcp.stream eq 78 :

Description :
 The uploaded Wireshark snapshot shows an HTTP stream capture filtered by
tcp.stream eq 78. The left pane displays a TCP conversation between 192.168.127.128
and 172.217.167.238 (likely a Google server), indicating an HTTP GET request to
http://www.google.com. The right pane reveals the HTTP response: a 301 Moved
Permanently redirect, sending the client to https://www.google.com. This illustrates
how Wireshark allows deep inspection of web traffic, including full HTTP headers and
payloads, making it a powerful tool for web debugging, protocol analysis, and
redirection tracing.

40
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Study Tool : 5

i. INTRODUCTION TO TOOL/SOFTWARE
ii. STRENGTH AND WEAKNESS
iii. WORKING WITH TOOL/SOFTWARE (INCLUDE COMMAND,
EXPLAINATION OF COMMAND AND OUTPUT/SCREENSHOT)

1) Introduction to Zenmap :

 Zenmap is the official graphical user interface (GUI) for the powerful network scanning
tool Nmap. It is used for mapping networks, identifying live hosts, detecting open ports,
and discovering services running on systems. Zenmap simplifies the process by offering
predefined scanning profiles and visual results, making it suitable for both beginners and
advanced users.

2) Strengths of Tool :

 User-friendly interface for Nmap

 Offers network topology visualizations
 Supports saving and comparing scan results
 * Suitable for security audits and troubleshooting

3) Weaknesses of Tool :
 Requires admin/root privileges for full functionality
 Not updated as frequently as Nmap
 * GUI may lag with very large scans or networks

41
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

4) Working with Tool/Software :

1) nmap -T4 -A -v 192.168.1.1 :
Description :
 The uploaded image shows Zenmap running an Intense Scan on the IP address
192.168.1.1 using the command nmap -T4 -A -v 192.168.1.1. Zenmap performs
multiple stages including ping scan, DNS resolution, SYN stealth scan (for detecting
open ports), service detection, OS detection, and traceroute. The scan uses Nmap
Scripting Engine (NSE), loading 157 scripts to gather in-depth details about the
target system. This helps identify vulnerabilities and network configurations for
auditing and security purposes.

42
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Conclusion :

Quiz:
1. What is the name of the website where you can download the Kali Linux ISO
file?
a) kali.org
b) kali.com
c) kali.net
d) kali.io

2. What tool can you use to create a bootable USB drive with Kali Linux?
a) Rufus
b) Etcher
c) UNetbootin
d) Any of the above

3. What is the minimum amount of RAM recommended for installing

Kali Linux with the default Xfce4 desktop and the kali-linux-default
metapackage?
a) 128 MB
b) 512 MB
c) 2 GB
d) 8 GB

43
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

4. What setting do you need to disable in your UEFI settings before installing
Kali Linux?
a) Fast Boot
b) Secure Boot
c) Legacy Boot
d) Boot Order

5. What are the two options for starting the installation of Kali Linux from the
boot screen?
a) Graphical install or Install (Text-Mode)
b) Live install or Install (Command-Line)
c) Standard install or Install (Advanced)
d) Basic install or Install (Custom)

Suggested Reference:

1. https://www.kali.org/
2. https://www.nakivo.com/blog/how-to-install-kali-linux-on-virtualbox/
3. https://rufus.ie/en/
4. https://www.virtualbox.org/
5. https://www.kali.org/tools/aircrack-ng/

References used by the students:

 TechTarget
 Kali Linux
 GeeksforGeeks
 InfosecTrain
 CIRT.net

Rubric wise marks obtained:

44
IT- SSEC , Bhavnagar Batch : B9
 Cyber Security (3150714) 240433116008

Criteria 1 2 3 4 5 Total

Marks

Faculty Signature

45
IT- SSEC , Bhavnagar Batch : B9