Cyber Security(3150714) 240433116007

A Laboratory Manual for

Cyber Security
(3150714)

B.E. Semester 5
(Information Technology)

Directorate of Technical Education, Gandhinagar,

Gujarat

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Shantilal Shah Engineering College, Bhavnagar

Certificate

This is to certify that Mr./Ms.

Enrollment No. of B.E. Semester
Information Technology of this Institute (GTU Code: 28 ) has satisfactorily
completed the Practical / Tutorial work for the subject Cyber Security
(3150714) for the academic year 2025-26.

Place:
Date:

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Preface
Cyber security is the technology and process that is designed to protect networks and devices from
attacks, damage, or unauthorized access. Cyber security is essential for a country’s military,
hospitals, large corporations, small businesses, and other organizations and individuals since data is
now the cornerstone of any organization.

The cyber security practical lab manual is a guide for students who want to learn and practice
various aspects of cyber security in a realistic and hands-on manner. The manual provides a set of
experiments, simulations, tests, and projects related to cyber security that cover various topics such
as cryptography, network security, web security, malware analysis, penetration testing, etc.

The manual consists of several chapters, each containing a brief introduction to the topic, a list of
objectives, a description of the required tools and software, a step-by-step procedure for conducting
the experiment or project, some questions for self-assessment or discussion, and some references
for further reading.

One of the objectives of this cyber security practical lab manual is to help students understand the
cyber laws that govern and protect cyberspace. Cyber laws are the legal framework that regulates
and protects cyberspace from cyber threats. Cyber laws aim to prevent, detect, and punish
cybercrimes and to promote cyber security awareness and best practices among users.

The manual is intended for the third-year students of the Information Technology branch in the
subject of cyber security. The manual assumes that the students have some basic knowledge of
computer networks, operating systems, programming languages. The manual also assumes that the
students have access to a cyber security laboratory that provides a realistic network environment
with various devices and software.

The manual aims to provide a stimulating and engaging learning experience for students who want
to pursue a career or further education in cyber security. The manual also hopes to inspire students
to contribute to the advancement of cyber security knowledge and practice in the society.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Practical – Course Outcome matrix

Course Outcomes:
1. Describe system and web vulnerability.
2. Evaluate network defense tools.
3. understand the cyber laws.
4. investigate cybercrime, prepare report, and apply laws for the case.

Sr. Objective(s) of Experiment CO CO CO CO

No. 1 2 3 4
1. Install Kali Linux. Examine the utilities and tools √ √
available in Kali Linux and Analyze 5 tools.
2. Evaluate network defense tools for following. √ √
(i) IP spoofing (ii) DOS attack
3. Explore the Nmap tool and list how it can be used √
for network defense.
4. Explore the NetCat tool. √ √

5. Use Wireshark tool and explore the packet format. √ √

6. Examine SQL injection attack. Perform √ √

SQLinjection with SQLMap on vulnerable websites.
7. Examine software keyloggers and hardware √ √
keyloggers
8. Perform online attacks and offline attacks of √ √
password cracking
Consider a case study of cybercrime, where the
9. attacker has performed online credit card fraud. √ √
Prepare a report and list the laws that will be
implemented on attacker

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Industry Relevant Skills

The following industry relevant competency is expected to be developed in the student

by undertaking the practical work of this laboratory.
1. Knowledge: Students are expected to acquire knowledge of various concepts
and principles of cyber security, such as cryptography, network security, web
security, malware analysis, penetration testing, etc. Students are also expected to
acquire the knowledge of various cyber laws and regulations that govern and
protect cyberspace.
2. Skills: Students are expected to develop the skills and techniques to identify,
analyze, and mitigate cyber risks and vulnerabilities. Students are also expected
to develop the skills and techniques to use various tools and software to perform
cyber security tasks, such as encryption, authentication, scanning, etc.
3. Attitude: Students are expected to develop a positive attitude towards cyber
security and its importance in the digital world. Students are also expected to
develop a sense of responsibility and ethics in cyberspace. Students are also
expected to develop a habit of continuous learning and updating their knowledge
and skills in cyber security.

Guidelines for Faculty members

 Faculty members should ensure that they have adequate knowledge and skills in
cyber security and its related topics. Faculty members should also keep
themselves updated with the latest developments and trends in cyber security.
 Faculty members should prepare and plan the practical sessions in advance and
ensure that the required tools and software are available and working properly.
Faculty members should also ensure that the laboratory environment is safe and
secure for the students and the equipment.
 Faculty members should explain the objectives, outcomes, and procedures of each
experiment or project clearly and concisely to the students. Faculty members
should also demonstrate the steps and techniques involved in each experiment or
project to the students.
 Faculty members should supervise and monitor the students’ progress and
performance during the practical sessions. Faculty members should also provide
guidance, feedback, and support to the students as and when required. Faculty
members should also encourage the students to ask questions and clear up their
doubts.
 Faculty members should evaluate the students’ work and results based on
predefined criteria and rubrics. Faculty members should also provide
constructive feedback and suggestions for improvement to the students. Faculty
members should also appreciate and acknowledge the students’ efforts and
achievements.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

 Faculty members should promote a culture of cyber security awareness and best
practices among the students. Faculty members should also instill a sense of
responsibility and ethics in cyberspace among the students. Faculty members
should also motivate and inspire the students to pursue a career or further
education in cyber security.

Instructions for Students

 Students should read and understand the objectives, outcomes, and procedures of each
experiment or project before starting the practical session. Students should also
prepare and review the required tools and software for each experiment or project.
 Students should follow the instructions and guidelines given by the faculty members
during the practical session. Students should also perform the steps and techniques
involved in each experiment or project carefully and accurately. Students should also
record their observations and results properly and systematically.
 Students should ask questions and clear their doubts with the faculty members or their
peers during the practical session. Students should also seek guidance, feedback, and
support from the faculty members or their peers as and when required. Students
should also share their knowledge and skills with their peers.
 Students should submit their work and results to the faculty members for evaluation
within the stipulated time. Students should also accept and implement the feedback
and suggestions given by the faculty members for improvement. Students should also
learn from their mistakes and achievements.
 Students should follow cyber security best practices and standards while performing
cyber security tasks. Students should also respect the rights and privacy of others in
cyberspace. Students should also avoid any unethical or illegal activities in
cyberspace.
 Students should develop an interest and passion for cyber security and its related
topics. Students should also update their knowledge and skills in cyber security
regularly. Students should also explore career or further education opportunities in
cyber security.

Common Safety Instructions

1. Students are expected to be too careful.
2. Students should wear appropriate clothing and footwear while working in the
laboratory. Students should also avoid wearing loose or dangling accessories that may
get caught in the equipment.
3. Students should handle the equipment and devices with care and caution. Students
should also avoid touching any wires or cables that may be alive or hot. Students
should also switch off and unplug the equipment and devices when not in use or when
leaving the laboratory.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

4. Students should keep the laboratory clean and tidy. Students should also dispose of
any waste materials properly and safely. Students should also report any spills, leaks,
or damages to the faculty members or the laboratory staff immediately.
5. Students should follow the emergency procedures in case of any fire, electric shock,
injury, or other accidents. Students should also know the location and use of the fire
extinguishers, first aid kits, and emergency exits in the laboratory.
6. Students should respect the laboratory rules and policies. Students should also
cooperate and communicate with the faculty members, the laboratory staff, and their
peers in the laboratory. Students should also avoid any disruptive or dangerous
behavior in the laboratory.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Index
(Progressive Assessment Sheet)

Sr. Objective(s) of Experiment Pag Date Date Assess Sign. Re

No. e of of me nt of mar
No. perfo subm Marks Teac ks
rm iss her
ance ion with
date

1 Install Kali Linux. Examine the utilities

and tools available in Kali Linux and
Analyze 5 tools.

2 Evaluate network defense tools for

following.
3 Explore the Nmap tool and list how it can
be used for network defense.

4 Explore the NetCat tool.

5 Use Wireshark tool and explore the packet
format.
6 Examine SQL injection attack. Perform
SQLinjection with SQLMap on vulnerable
websites.
7 Examine software keyloggers and
hardware keyloggers

8 Perform online attacks and offline attacks

of password cracking

9 Consider a case study of cybercrime,

where the attacker has performed online
credit card fraud.
Prepare a report and list the laws that will
be implemented on attacker

Total

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Experiment No: 1

Aim : Install Kali Linux. Examine the utilities and tools available
in Kali Linux and Analyze 5 tools.

Date:

Competency and Practical Skills: Students will be able to install and use Kali
Linux, a popular operating system for cyber security professionals and ethical
hackers. Students will also be able to explore and study various utilities and tools
available in Kali Linux for performing different cyber security tasks.

Relevant CO:
1. Describe system and web vulnerability.
2. Evaluate network defense tools.

Objectives:

a. To introduce students to Kali Linux, a popular operating system for cyber

security professionals and ethical hackers.
b. To enable students to install and use Kali Linux on a virtual machine or a physical
machine.
c. To familiarize students with the basic settings and preferences of Kali Linux.
d. To teach students how to update and upgrade the Kali Linux system and its packages.
e. To help students navigate and use the graphical user interface (GUI)
and the command-line interface (CLI) of Kali Linux.
f. To provide students with Kali Linux documentation and help resources.
g. To expose students to the utilities and tools available in Kali Linux for
different cyber security tasks.
h. To train students how to use five tools of their choice from different
categories for performing cyber security tasks.

Equipment/Instruments: Computer, Internet

Introduction

Kali Linux is a free and open-source Linux-based operating system that is

designed for advanced Penetration Testing and Security Auditing. It contains
several hundred tools for various Information Security tasks, such as Penetration
Testing, Security Research, Computer Forensics, Reverse Engineering,
Vulnerability Management and Red Team Testing. It was developed by Mati
Aharoni and Devon Kearns of Offensive Security. Kali Linux is a multi-platform
solution that can be used by information security professionals and hobbyists.

Advantages:
 It has 600+ Penetration testing and network security tools pre-installed.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

 It is completely free and open source. So, you can use it for free and
even contribute for its development.
 It supports many languages.
 Great for those who are intermediate in Linux and have their hands on Linux
commands.
 Could be easily used with Raspberry Pi.

Disadvantages:

 It is not recommended for those who are new to Linux and want to
learn Linux. (As it is Penetration Oriented)
 It is a bit slower.
 Some software may malfunction.

Why Kali Linux?

If an individual is into penetration testing or cybersecurity in general, you'll

appreciate that Kali Linux already has the specialized tools you'll need installed
and configured. Also, if you're curious about any security-related problems in a
program or website, Kali Linux is an excellent choice.

There is a common misconception that Kali may be used to break into user
accounts or servers. One of the most widespread misconceptions regarding Kali
Linux is this. Kali Linux is essentially a specialized version of Debian that
includes a suite of security and network administration utilities. This is a weapon
for self-defense or self-training only. Kali Linux's primary target audience is IT
specialists. Those interested in Penetration Testing, Cyber Security, or Ethical
Hacking will find this book useful. It is a potent instrument, and its application
could result in financial losses.

Installation Steps

There are various methods available for the installation of Kali Linux. The OS
can be installed directly onto the computer or through a Virtual Machine (VM). If
you wish to install the it directly onto your computer you will need USB stick,
Kali Linux ISO and Rufus to make it bootable USB drive. For VM installation
you require VirtualBox software and Kali Linux ISO. Installation steps for
methods will remain the same.

1. System Requirements:
a. A Computer (Minimum Requirements: 20GB Hard Disk space,
2GB RAM, Intel Core i3 or AMD E1 equivalent)
2. Installation Prerequisite
a. USB stick (6 GB or More)
b. Kali Linux ISO file (https://www.kali.org/)
c. Rufus (To create Bootable Drive - https://rufus.ie/en/)
d. If Kali Linux will be installed in the Virtual Machine than

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007
make sure Virtual Box software (https://www.virtualbox.org/) are
installed.

3. Creating a New VM
Once you have downloaded the installation image, you can create a new VM.
Open VirtualBox and create a new VM (Machine > New or Ctrl+N) on which
Kali Linux will be installed.

4. Set the following VM parameters in the appropriate sections:

• Name and Operating System
◦ Name: Kali_x64
◦ Machine Folder: D:\Virtual\VirtualBox (Try not to use a system partition
C: to store VMs).

◦ Type: Linux

◦ Version: Debian (64-bit)

• Hardware
◦ Memory size: 4096 MB.The VM memory size must be large enough to
run a guest OS, though you should leave enough unallocated memory to
run your host OS. In our example, a host machine with 16 GB of RAM is
used, which leaves enough memory for a host OS.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007
◦ Processors: 1 CPU

5. After creating a new VM, you should configure some additional settings. Select your
recently created virtual machine and open the VM settings by clicking the
appropriate icon.

Network options
Next, go to the network settings and select the networking mode of the virtual
network adapter of the VM. Let’s select the Bridged mode to use the VM
network adapter much as you would for a physical network adapter of the host
machine. In this case, the VM network adapter is connected to the same physical
network as the host machine. You can set additional options such as network
adapter name, type, MAC address etc.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

4. Start Installation

Now you can start your new VM (Kali_x64 in this case) and begin the Kali installation.

After booting from a virtual DVD, you will see a boot menu where you can select boot
options for Kali Linux, such as Boot from Live DVD, Install, Graphical Install, etc.
Select Graphical Install. Press Enter to continue.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

5. Select a language. Choose the language you wish to use for the installation
process and the installed system. English is selected for the current
installation. Click the Continue button on each screen to move forward.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

6. Select your location. This option is used to set your time zone, time format,
etc. United States has been selected in the current example.

7. Configure the keyboard. Select your keyboard layout. American English is

used for the current installation.

8. Configure the network. Enter the hostname for your Linux system,
for example, kali- virtualbox.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

9. Configure the domain name. If you don’t use a domain in your network,
you may leave this field empty.

10. Set up users and passwords. Read the useful tips on this screen and enter the password
for root.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

11. Configure the clock. Now you can select a precise time zone for your country.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

12. Partition disks. You can use manual and guided partitioning of disks. For the
first time, you can select Guided – use entire disk. The entire disk will be used
for creating one big partition.

Confirm that you want to erase the disk. There is no reason to worry, as in this
case, the empty 20-GB virtual disk is used for partitioning.

Select a preferred partitioning scheme for your virtual disk. Let’s select All files in one
partition.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Check the overview and select Finish partitioning and write changes to disk.

Select Yes and confirm that you would like to write changes to the disk.

13. Wait for the system to be installed. As Kali Linux is being installed, the files
are being copied to the virtual disk of the VM.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

14. Configure the package manager. Click Yes if you would like to use a
network mirror. Selecting this option will allow you to install or update
application packages from online software repositories.

Enter the information about your proxy server if you use a proxy server for
internet access from your network. There is no proxy server in this example; so
this field is left empty.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

15. Install the GRUB boot loader on a hard disk. Since there is no other
operating systems and boot loaders on a virtual disk, it is necessary to
install GRUB in this case. Select Yes to install GRUB.

Select a disk to which GRUB must be installed. In this case, /dev/sda is the
necessary disk and is the only disk connected to a VM.

16. Finish the installation. When the installation of Kali Linux on VirtualBox is
complete, you will see a notification message. Now you can reboot the virtual
machine to boot the Kali Linux installed on the VirtualBox VM.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

After the reboot, you will see a login screen of Kali Linux. Enter root as a
username, then enter the password set during installing Kali Linux on
VirtualBox to sign in.

Now you should see the Gnome Desktop of Kali Linux installed on your VirtualBox virtual
machine.

Once installation is completed then open the terminal and type “sudo apt-get update”. It will
update the repositories. Make sure that you are connected to the internet There after various
drivers can be installed on Kali Linux. Please refer how to install drivers in Kali Linux.
https://www.nakivo.com/blog/how-to- install-kali-linux-on-virtualbox/)

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Popular Stress Testing Tools in Kali Linux:

1. Aircrack-ng
2. Burpsuite
3. Crackmapexec
4. Hydra
5. Johntheripper (jtr)
6. Metasploit
7. Nmap (Network Mapper)
8. Responder
9. Sqlmap
10. Wireshark

1. Aircrack-ng

Introduction to Aircrack-ng:

Aircrack-ng is a tool that comes pre-installed in Kali Linux and is used for Wi-Fi
network security and hacking. Aircrack is an all-in-one packet sniffer, WEP and
WPA/WPA2 cracker, analyzing tool and a hash capturing tool. It is a tool used for
Wi-Fi hacking. It helps in capturing the package and reading the hashes out of
them and even cracking those hashes by various attacks like dictionary attacks. It
supports almost all the latest wireless interfaces.
It mainly focuses on 4 areas:

Monitoring: Captures cap, packet, or hash files.

Attacking: Performs de-authentication or creates
fake access points Testing: Checking the Wi-Fi
cards or driver capabilities
Cracking: Various security standards like WEP or WPA PSK.

Strengths
 A famous hacker tool that you can use for nothing.
 Versions for Windows as well as Unix, Linux, and macOS
 Already installed in Kali Linux
 Can crack wireless network encryption.
Weakness
 Difficult to install.
 Difficult to use.
 No graphical user interface
 Excels at cracking WEP encryption, which is no longer used on wireless systems.
 The WPA-TKP utilities don’t work.

Working with aircrack-ng

1. To list all network interfaces.

Airmon-ng

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

This command will return all the network interfaces available or connected to the system.

2. Stopping the desired network interface.

Airmon-ng stop wlan0mon

To stop a network enter the above command and replace “wlan0” with the desired
network interface.

3. Starting a network interface at a specific channel.

Airmon-ng start wlan0 10

To start a network interface at a specific channel enter the above command and replace
“wlan0” with the desired network interface and 10 with the desired channel name.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

4. Collecting authentication handshake

Airodump-ng -c 10 —bssid 00:15:5D:9C:44:00 -w psk wlan0

To collect the authentication handshake, enter the above command in terminal and replace
“wlan0” with the desired network interface and 10 with the desired channel name and
bussed with bussed of the wifi.

5. Cracking the captured handshake file by means of a wordlist

Aircrack-ng -w wordlist psk*.cap

6. To get the help section of the tool

Aircrack-ng - - help

The above command will display the section of the aircrack -ng command.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

7. To display the # of CPUs and SIMD support

Aircrack-ng -u

The above command will display the details of the hash of CPUs and SIMD support.

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Study of Tool No.1: Hydra

1. Introduction of Hydra:

• Hydra, also known as THC-Hydra, is a fast and powerful password-cracking

tool used by ethical hackers and penetration testers to perform brute-force and
dictionary attacks on various network services.
• It is pre-installed in Kali Linux, making it easily accessible for security
assessments.
• The main goal of Hydra is to help in testing the strength of passwords used in
authentication mechanisms by attempting to log in using a list of usernames
and passwords. It is commonly used during:
• Penetration Testing
• Red Team Exercises
• Security Audits
• Key Features
• Supports over 50 protocols
• Multi-threaded for fast attacks
• Customizable wordlists
• Has both command-line and GUI (XHydra) interfaces
• Modular and extensible

2. Strengths:
• Hydra works with SSH, FTP, HTTP(S), RDP, SMB, Telnet, VNC, MySQL,
and more.
• Can test many login attempts per second using multiple threads, making
brute-force attacks fast.
• Easily extensible to support more protocols and services.
• Helps track attack progress and successful credentials quickly.
• Ready to use out-of-the-box in Kali; no extra setup needed.

Weekness:
• Hydra is not stealthy—brute-force traffic is noisy and easily picked up by
firewalls and intrusion detection systems (IDS).
• Cannot handle modern login defenses like CAPTCHA, 2FA, or rate-limiting
effectively.
• Repeated login attempts may trigger security features that block or lock
accounts.
• Only works if the remote service (SSH, FTP, etc.) is up and reachable.

3. Working with Hydra:

- This command start hydra tool. It serves as the entry point for executing brute-force
attacks.

Hydra

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

- The -h option is commonly used with many commands to display help information or to
format output is human-readable format depending on the command it is used with.

Hydra -h

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Study of Tool No.2: Nmap

1. Introduction of Nmap:

• Nmap (Network Mapper) is a versatile and powerful open-source tool used for
network scanning, discovery, and security auditing.
• It comes pre-installed in Kali Linux, a penetration testing and ethical hacking
distribution widely used by cybersecurity professionals.
• With Nmap on Kali, users can quickly gather intelligence about hosts, services,
ports, and potential vulnerabilities in a network.
• It supports various scanning techniques such as SYN scan, ping sweep, OS
detection, and scripted vulnerability detection using the Nmap Scripting Engine
(NSE).
• Nmap is often one of the first tools used during reconnaissance and
enumeration phases in penetration testing.

2. Strength:

• Can perform host discovery, port scanning, service detection, OS

fingerprinting, and version detection.
• Freely available for use and modification under the GNU General Public
License.
• Available for Linux, Windows, macOS, and other platforms.
• Well-documented with active community support and frequent updates.
• Can evade detection through stealthy techniques (e.g., SYN scan, idle scan).

Weekness:

• Despite stealth options, Nmap scans can still be detected and flagged by
modern Intrusion Detection/Prevention Systems.
• Scanning very large networks can be slow and resource-intensive, especially
with aggressive scan options.
• May produce inaccurate results in certain conditions (e.g., firewalled or load-
balanced environments).
• Effective use often requires understanding of networking and command-line
usage.

3. Working with Nmap:

- Scan the most common TCP port.

nmap <IP Adress>

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

- Identify services and versions running on open ports:

nmap -sV <IP Adrdess>

- Aggressive Scan (Includes OS, Services, and Traceroute)

nmap -A <IP Adrdess>

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Study of Tool No.3: Wireshark

1. Introduction of Wireshark:

• Wireshark is a widely-used open-source network protocol analyzer that allows

users to capture and interactively browse the traffic running on a computer
network.
• On Kali Linux, a penetration testing and security auditing platform, Wireshark
is pre-installed and plays a critical role in analyzing network activity for
vulnerabilities, troubleshooting, and forensic investigations.
• Wireshark provides detailed insights into network protocols, packet structures,
and data flows.
• It supports hundreds of protocols and works on a wide variety of network
interfaces.

2. Strength:

• Wireshark supports deep inspection of hundreds of network protocols, which is

ideal for security professionals.
• Users can capture packets in real time or analyze previously captured packet
files.
• Works well alongside other Kali Linux tools such as tcpdump, aircrack-ng, and
nmap for comprehensive assessments.
• Includes features for visualizing traffic, showing IO graphs, protocol hierarchy,
conversation lists, etc.

Weekness:

• Capturing packets requires elevated privileges, which could be a security risk if

misconfigured.
• Wireshark can consume significant CPU and memory, especially when
analyzing large pcap files or high-speed networks.
• Understanding network protocols and interpreting the captured data accurately
requires technical expertise.
• Wireshark cannot decrypt HTTPS or other encrypted protocols without keys,
limiting its use for deep inspection of modern encrypted communications.

3. Working with Wireshark:

- Interactively dump and analyze network traffic.

Wireshark -h

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

The -k flag tells Wireshark to: Start capturing packets immediately when the GUI launches.
-i eth0: selects interface eth0
-k: starts capture immediately

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Study of Tool No.4: Socat

1. Introduction of Socat:

• socat (short for SOcket CAT) is a powerful command-line utility that allows for
bidirectional data transfer between two data streams.
• It’s often described as "netcat on steroids" because it supports a much broader
range of protocols and connection types.
• On Kali Linux, socat is frequently used by security professionals for:
• Port forwarding
• Creating reverse/bind shells
• Tunneling traffic
• Proxying data between network interfaces
• Debugging and testing network services

2. Strengths:

• Supports a wide range of address types: TCP, UDP, UNIX sockets, SSL, PTY,
EXEC, and more.
• Create advanced port forwards (like redirecting traffic between UNIX sockets
and TCP ports).
• Can act as both server and client, no scripting required for many common use
cases.Supports SSL/TLS connections with OPENSSL or SSL: address types.

Weekness:

• Syntax is complex and not very intuitive compared to tools like netcat or ncat.
• Errors can be cryptic, and debugging configurations (especially SSL) can be
tricky.
• if used carelessly (e.g., exposing open bind shells), it can create serious
security risks.
• Less convenient for large file transfers compared to more specialized tools.

3. Working with Socat:

- Prints the version number and build info of socat, including compile-time options.

socat -V

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

- Use microsecond for logging timestamp

scocat -lu

- add host name to log message.

socat -lh

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Study of Tool No.5: Responder

1. Introduction of Responder:

• Responder is a network attack tool used by penetration testers and red teamers
to poison name resolution protocols on a local network and capture credentials.
• It targets Windows environments by tricking systems into sending credentials
to the attacker's machine, often via:
• LLMNR (Link-Local Multicast Name Resolution)
• NBT-NS (NetBIOS Name Service)
• MDNS (Multicast DNS)
• DNS (optional)
• To intercept and capture authentication hashes (e.g., NTLMv1/v2) by
responding to broadcast name resolution requests on a LAN.

2. Strengths:

• Easy to use with one command.

• Captures valuable hashes for offline cracking (e.g., via hashcat or john).
• Can be used for SMB/HTTP relaying with other tools.
• Effective in misconfigured or flat Windows networks.

Weekness:

• Only works on local (L2) networks.

• Defenses like LLMNR/NBT-NS disabling or SMB signing can stop it.
• Easily detected by modern EDRs and blue teams.
• Some features require additional configuration (like hash relaying or serving
payloads).

3. Working with Responder:

Shows a list of available command-line options.

Gives a brief explanation of what each option does.
Useful for quickly checking how to customize Responder’s behavior.

responder -h

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Conclusion

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007
Quiz:

1. What is the name of the website where you can download the Kali Linux ISO file?
a) kali.org
b) kali.com
c) kali.net
d) kali.io

What tool can you use to create a bootable USB drive with Kali Linux?
a) Rufus
b) Etcher
c) UNetbootin
d) Any of the above

What is the minimum amount of RAM recommended for installing Kali Linux with the
default Xfce4 desktop and the kali-linux-default metapackage?
a) 128 MB
b) 512 MB
c) 2 GB
d) 8 GB

What setting do you need to disable in your UEFI settings before installing Kali Linux?
a) Fast Boot
b) Secure Boot
c) Legacy Boot
d) Boot Order

What are the two options for starting the installation of Kali Linux from the boot screen?
a) Graphical install or Install (Text-Mode)
b) Live install or Install (Command-Line)
c) Standard install or Install (Advanced)
d) Basic install or Install (Custom)

Suggested Reference:

1. https://www.kali.org/
2. https://www.nakivo.com/blog/how-to-install-kali-linux-on-virtualbox/
3. https://rufus.ie/en/
4. https://www.virtualbox.org/
5. https://www.kali.org/tools/aircrack-ng/

Rubric wise marks obtained:

5th sem IT (SSEC, Bhavnagar)

Cyber Security(3150714) 240433116007

Criateria 1 2 3 4 5 Total
Marks

5th sem IT (SSEC, Bhavnagar)