C.S. Projects

Archive for February, 2020

Ethical Hacking — Week 2

Target Scoping & Information

Gathering

In today’s session I learned about target scoping and information gathering.I used web tools for footprinting, learned more about competitive intelligence and described DNS zone transfers.

There are several steps in target scoping, first is gathering client requirements then preparing the test plan then profiling test boundaries then defining business objectives then finally project management & scheduling.

I also learned about analysis a company’s website. One of the tools to do this is called Burp Suite. Burp Suite is a powerful tool.

I also learned about setting up Burp Suite Proxy. In order to redirect traffic to Burp Suite,

1. 1.Click proxy-> intercept is on
2. 2.Click options -> proxy listeners set as default
3. 3.Open browser
4. 4.Click options in browser
5. 5.Set proxy as Burp Suite setting
6. 6.Enable Proxy for all protocols in browser

I also learned about other Footprinting tools. For example, Whois, which is a commonly used tool and Host command and SamSpade and Greenwich.

Intelligent System – Week 2

Uniformed and Informed Search

This week I learned about Searching algorithms. I learned search methods such as DFS (Depth First Search) ,BFS (Breadth First Search) , Iterative deepening depth-first search and Uniform Cost Search. I also got exercises to do which required me to understand these search methods.

Ethical Hacking — Week 1

Course Introduction, Preparation

and Testing Procedures

In today’s session, I learned about definitions of terms used in ethical hacking as well as the laws of ethical hacking.

Ethical Hackers are employed by companies in order to perform penetration tests. Penetration tests are legal attempt to break into a company’s network in order to find their weakest link.

I also learned the difference between hackers, crackers and ethical hackers. Hackers access computer systems or network without proper authorisation. This is breaking the law. Crackers breaks into the system in order to steal or destroy data. Hackers and crackers are considered the same. Ethical hackers performs the same activities, however, they have the permission of the owner.

I also learned about the different penetration testing methodologies.One of them is White box model, which is where the tester is told everything about the network topology and technology and they are authorised to interview IT personnel and company employees. Another method is the Black box model, which is where the staff do not know about the test and the tester is not given the details about the network.Another method is the Gray box model which is a hybrid of the white and black box models.

I also learned about the common techniques of penetration testing which is Passive Research, Open Source Monitoring, Network mapping and OS fingerprinting, Spoofing, Network Sniffing, Trojan attacks, Brute force attack, Vulnerability scanning and Scenario analysis.

Intelligent System – Week 1

Introduction to AI and Agents

Today, I learned about the basic concepts of what AI is. There are lots of definitions for it by different people. I learned that there are different approaches for AI such as Acting Humaly, Thinking Humanly, Thinking Rationally and Acting Rationally. I learned the foundations of AI, which are philosophy, mathematics, psychology, control theory & cybernetics, linguistics, neuroscience and economics. I also learned about phases of AI history and application domains of AI. I also learned about Intelligent agents and how they are defined, their performance measure and task environment. I also learned about environmental factors