CYBER SECURITY INTERNSHIP

TASK-1

Submitted to
Supraja technologies
vijayawada

Submitted by
BATCHNO-23AV
EMPLOYEE ID-ST#IS#4471
NAME-P. V. N. JANAKI DEVI
¾ B. Tech (cyber security)
Bapatla Engineering College
 ABSTRACT

Cyber security restricted to describing the criminal activity in

which the computer or network is a part of crime like fraud,
theft &black mail. cyber security includes protection from
theft, corruption or natural disaster while allowing the
information &property remain accessible.
 INDEX
Table of Contents
INTRODUCTION…………………………………………………………………………………………..1
CERTIFICATIONS ON CYBER SECURITY…………………………….2-3
TERMINOLOGIES…………………………………………………………4-5
TYPES OF HACKERS……………………………………………………...6-7
CIA TRADE…………………………………………………………………8-9
CONFEDENTIALITY
INTEGRITY
AVAILABILITY
PHASES OF ETHICAL HACKING .........................................................10-12
RECONNISSANCE
SCANNING
GAINING ACCESS
MAINTAINING ACCESS
CLEARING TRACKS
REPORTING
CYBER KILL CHAINING .........................................................................13-15
RECONNISSANCE
WEPONIZATION
DELIVERY
EXPLOITATION
INSTALLATION
COMMAND AND CONTROL
ACTIONS ON OBJECTIVE
 INTRODUCTION
Cybersecurity refers to the practice of protecting computer
systems, networks, and digital information from unauthorized
access, theft, damage, and other forms of malicious attacks.
With the rise of the internet and the increasing reliance on
digital technologies, cybersecurity has become an essential
component of modern-day business and society.
DIFFERENT CERTIFICATIONS IN CYBER SECURITY

➢ CEH-
Certified ethical hacker (CEH) is a qualification given by EC-
Council and obtained by demonstrating knowledge of assessing the
security of computer systems by looking for weaknesses and
vulnerabilities in target systems, using the same knowledge and tools as a
malicious hacker, but in a lawful and legitimate manner to assess the
security posture of a target system.
➢ OSCP-
Offensive security certified professional (OSCP)is an ethical
hacking certification offered by offensive security that teaches penetration
testing methodologies and the use of the tools included with the kali linux
distribution.
➢ CompTIA security+-
The computing technology industry association is the first
cybersecurity certification a candidate should earn.it establishes the core
knowledge required in the field and provides a springboard to intermediate-
level cybersecurity jobs.
➢ CISSP-
Certified information systems security professional (CISSP)is an
independent information security certification granted by the international
information system security certification consortium, also known as
(ISC)^2.
➢ CCFP-
Certified cyber forensics professional (CCFP) is high intensity
training uses the latest tools and techniques in a live, hands-on laboratory
environment to conduct a simulated cyber investigation.
➢ CCSP-
The Certified Cloud Security Professional (CCSP) is a certification
designed for those with some experience in information technology (IT)
and security looking to advance their careers in cloud-based cybersecurity.
➢ CISSO-
Certified information system security officer (CISSO)covers the
fundamental elements of the entire cybersecurity field from security and
 risk management to communication and network security to security
testing and operations.

➢ CISM-
Certified information security manager (CISM) is an advanced
certification that indicates that an individual possesses the knowledge and
experience required to develop and manage an enterprise information
security (infosec) program.
 TERMINOLOGIES
➢ Adware − Adware is software designed to force pre-chosen ads to display
on your system.
➢ Attack − An attack is an action that is done on a system to get its access
and extract sensitive data.
➢ Back door − A back door, or trap door, is a hidden entry to a computing
device or software that bypasses security measures, such as logins and
password protections.
➢ Bot − A bot is a program that automates an action so that it can be done
repeatedly at a much higher rate for a more sustained period than a human
operator could do it. For example, sending HTTP, FTP or Telnet at a higher
rate or calling script to create objects at a higher rate.
➢ Botnet − A botnet, also known as zombie army, is a group of computers
controlled without their owners’ knowledge. Botnets are used to send spam
or make denial of service attacks.
➢ Brute force attack − A brute force attack is an automated and the simplest
kind of method to gain access to a system or website. It tries different
combination of usernames and passwords, over and over again, until it gets
in.
➢ Buffer Overflow − Buffer Overflow is a flaw that occurs when more data
is written to a block of memory, or buffer, than the buffer is allocated to
hold.
➢ Clone phishing − Clone phishing is the modification of an existing,
legitimate email with a false link to trick the recipient into providing
personal information.
➢ Cracker − A cracker is one who modifies the software to access the
features which are considered undesirable by the person cracking the
software, especially copy protection features.
➢ Denial of service attack (DoS) − A denial of service (DoS) attack is a
malicious attempt to make a server or a network resource unavailable to
users, usually by temporarily interrupting or suspending the services of a
host connected to the Internet.
➢ Spoofing − Spoofing is a technique used to gain unauthorized access to
computers, whereby the intruder sends messages to a computer with an IP
address indicating that the message is coming from a trusted host.
➢ Spyware − Spyware is software that aims to gather information about a
person or organization without their knowledge and that may send such
information to another entity without the consumer's consent, or that
asserts control over a computer without the consumer's knowledge.
➢ SQL Injection − SQL injection is an SQL code injection technique, used
to attack data-driven applications, in which malicious SQL statements are
 inserted into an entry field for execution (e.g. to dump the database
contents to the attacker).
➢ Threat − A threat is a possible danger that can exploit an existing bug or
vulnerability to compromise the security of a computer or network system.
➢ Trojan − A Trojan, or Trojan Horse, is a malicious program disguised to
look like a valid program, making it difficult to distinguish from programs
that are supposed to be there designed with an intention to destroy files,
alter information, steal passwords or other information.
➢ Virus − A virus is a malicious program or a piece of code which is capable
of copying itself and typically has a detrimental effect, such as corrupting
the system or destroying data.
➢ Vulnerability − A vulnerability is a weakness which allows a hacker to
compromise the security of a computer or network system.
➢ Worms − A worm is a self-replicating virus that does not alter files but
resides in active memory and duplicates itself.
➢ Cross-site Scripting − Cross-site scripting (XSS) is a type of computer
security vulnerability typically found in web applications. XSS enables
attackers to inject client-side script into web pages viewed by other users.
➢ Zombie Drone − A Zombie Drone is defined as a hi-jacked computer that
is being used anonymously as a soldier or 'drone' for malicious activity, for
example, distributing unwanted spam e-mails.
 TYPES OF HACKERS

➢ White Hat Hackers- Also known as ethical hackers, they are hired by
companies to find vulnerabilities in their systems and improve their
security.
➢ Black Hat Hackers- These are malicious hackers who use their skills
for illegal activities such as stealing data, installing malware, and
disrupting networks.
➢ Gray Hat Hackers- They are a combination of white and black hat
hackers, they often break into systems to identify vulnerabilities and then
report them to the owner for a fee.
➢ Green Hat Hackers-Green hat hackers are types of hackers who learn
the ropes of hacking. They are slightly different from the Script Kiddies
due to their intention. The intent is to strive and learn to become full-
fledged hackers. They are looking for opportunities to learn from
experienced hackers.
➢ Blue Hat Hackers-Blue Hat Hackers are types of hackers who’re similar
to Script Kiddies. The intent to learn is missing. They use hacking as a
weapon to gain popularity among their fellow beings. They use hacking
to settle scores with their adversaries. Blue Hat Hackers are dangerous
due to the intent behind the hacking rather than their knowledge
➢ Script Kiddies-These are amateur hackers who use pre-made tools and
scripts to attack systems, without really understanding how they work.
➢ State-Sponsored Hackers- These hackers work for governments and
conduct cyber attacks on other countries' infrastructure for political or
economic gain.
➢ Hacktivists- These are hackers who target organizations for political or
social reasons, often with the aim of exposing wrongdoing or protesting
against injustice.
➢ Malware Authors- These hackers write and distribute malicious
software, such as viruses, worms, and Trojan horses, which can infect
computers and cause damage.
➢ Red Team Hackers- They are a specialized type of ethical hackers who
simulate real-world attacks on a company's systems to test its defenses.
➢ Blue Team Hackers-They work on the defensive side of cybersecurity
and are responsible for maintaining the security of a company's systems
and infrastructure.
➢ Social Engineering Hackers- They use psychological tactics to trick
people into divulging sensitive information or performing actions that can
compromise the security of a system.
➢ Advanced Persistent Threat (APT) Hackers-They are highly skilled
and well-funded hackers who use sophisticated techniques to breach
high-value targets such as governments and large corporations.
➢ Insider Threat Hackers-They are individuals who have authorized
access to a company's systems but misuse that access to steal data,
damage systems or commit other malicious activities.
➢ Cryptographers-These hackers focus on breaking encryption algorithms
to gain access to encrypted data.
➢ Bug Bounty Hunters-They are individuals who search for vulnerabilities
in software and report them to the vendor in exchange for a monetary
reward.
➢ Hardware Hackers-They exploit vulnerabilities in hardware devices,
such as routers and IoT devices, to gain unauthorized access to networks
or steal sensitive information.
 CIA TRADE

The three letters in “CIA trade” stands for

C- confidentiality

I-integrity

A-Availability

The CIA trade is a common model that forms the basics for the development of
security systems. They are used for finding vulnerabilities and methods for
creating solutions.

• Confidentiality makes sure that only authorized personnel are given

access or permission to modify data
• Integrity helps maintain the trustworthiness of data by having it in the
correct state and immune to any improper modifications
• Availability means that the authorized users should be able to access data
whenever required

The CIA Triad is so elementary to information security that anytime data

violation or any number of other security incidents occur, it is definitely
 due to one or more of these principles being compromised. So, the CIA
Triad is always on top of the priority list for any infosec professional.

Security experts assess threats and vulnerabilities thinking about the impact that
they might have on the CIA of an organization’s assets. Based on that
assessment, the security team enforces a specific set of security controls to
minimize the risks within that environment.

EXAMPLES-

consider an ATM that allows users to access bank balances and other
information. An ATM incorporates measures to cover the principles of the triad:

• The two-factor authentication (debit card with the PIN code) provides
confidentiality before authorizing access to sensitive data.
• The ATM and bank software ensure data integrity by maintaining all
transfer and withdrawal records made via the ATM in the user’s bank
accounting.
• The ATM provides availability as it is for public use and is accessible at
all times.

CONCLUSION-

When a company maps out a security program, the CIA Triad can serve as a
useful yardstick that justifies the need for the security controls that are
considered. All security actions are necessary lead back to one or more of the
three principles.
 PHASES OF ETHICAL HACKING

In ethical hacking we can have six phases they are

1.Reconnaissance-

In this phase we can gather the information about the target system or
network, such as ip addresses, domain names, and network topology. The
main goal is to understand the target’s architecture and identify potential
vulnerabilities.

The ethical hacker has two types of reconnaissance that he can do in this phase.
These are.
Active Reconnaissance
Passive Reconnaissance

Active reconnaissance- Active reconnaissance is looking for information about

the target network system, server, or application to increase the chances of the
hacker being detected in the system. It is a lot riskier than the second type of
reconnaissance, which is passive reconnaissance.
 Passive Reconnaissance-Passive reconnaissance is part of the
pre-attack phase for hackers. Attackers first “get to know” their
targets to ensure that they have all the relevant information to
make their attacks successful.
2.Scanning-

hacker does the actual hacking. He uses all the In this phase, the
ethical hacker uses various tools and techniques to scan the target system
or network for open ports, services, and potential vulnerabilities. The goal
is to identify weakness that could be exploited in later phases.

3. Gaining Access Phase:

This includes many of the following measures that an ethical hacker
takes to hide and remove his presence completely.This is where the
ethical information obtained and analyzed from the previous two phases to
launch a full-fledged attack on the system or network the ethical hacker is trying
to infiltrate.
He exploits all the exposed vulnerabilities and gains control of the system
he has hacked.
Now the hacker can steal all the data he has available on hand, corrupt the
systems, add viruses or other malicious entities, or manipulate it to his/her
benefit.
4.Maintaining Access Phase:
The ethical hacker has to maintain his access to the server until he fulfills
his goal. Ethical hackers usually employ Trojans and other backdoors or rootkits
to accomplish this phase.
They can also use this maintaining access phase to launch several other
attacks to inflict more damage to the organization.
5. Clearing Track Phase:
This is the final step to complete the entire ethical hacking process.
They need to cover their tracks throughout to avoid detection while entering and
leaving the network or server. The security systems in place should not be able
to identify the attacker.
• Corrupting logs
• Modifying certain values of logs or registries
• Deleting all the folders that have been created by the ethical
hacker
• Uninstalling all the applications
6.Reporting:

Reporting is the sixth and final phase of ethical hacking

and a major differentiator between ethical hackers and black
hat hackers. At this phase, penetration testers summarize all
the steps they have taken from foot printing to gaining access
to systems.
 CYBER KILL CHAINING

Cyber kill chain is a framework that describes the various

stages of a cyber attack from initial reconnaissance to
exfiltration of stolen data. The framework helps cybersecurity
professionals identify and respond to advanced persistent
threats. In cyber kill chaining we can have 7 stages they are
• Reconnaissance
• Weaponization
• Delivery
• Exploitation
• Installation
• Command& control
• Actions on objectives
 ➢ Reconnaissance- In this phase, the attacker gathers information about the
target, such as IP addresses, domain names, and network topology, to
identify potential targets.
➢ Weaponization-In this phase, the attacker creates or acquires a weapon,
such as a malware payload or exploit, that can be used to compromise the
target.
➢ Delivery- The attacker delivers the weapon to the target system or network,
typically through a phishing email or by exploiting a vulnerability.
➢ Exploitation- In this phase, the attacker takes advantage of the
vulnerability to gain access to the target system or network.
➢ Installation-Once the attacker has gained access, they install malware or
other malicious tools on the compromised system to maintain persistence
and enable further attacks.
➢ Command and Control- In this phase, the attacker establishes a
command-and-control channel to communicate with the compromised
system and issue commands.
➢ Actions on Objectives- Finally, the attacker executes their ultimate
objective, which may include data exfiltration, theft of sensitive
information, or disruption of system operations.

COCLUSION-

The kill chain model is designed to help security professionals understand the
various stages of an attack and develop effective strategies to prevent, detect,
and respond to threats at each stage. By breaking the attack down into discrete
stages, cybersecurity professionals can better understand the attacker's methods
and develop countermeasures to disrupt the attack at each stage.