Scribd
Upload
31 views

task 2 ppt

cyber security intern presentation

Uploaded by

nuthanniki1356
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
31 views

task 2 ppt

cyber security intern presentation

Uploaded by

nuthanniki1356
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

NATIONAL INFORMATION AND CYBER SECURITY COUNCIL

RECONISSANCE AND
SCANNING
-BY NUTHAN A
RECONAISSANCE AND SCANNING

RECONAISSANCE: it is the initial phase of


a cyber attack, where an attacker gathers
information about a target to identify
vulnerabilities and plan an attack.
TYPES OF FOOT PRINTING
.
The foot printing is mainly classified into two types they are…

1.Passive foot printing

2.Active foot printing

1)Passive Foot printing: This method gathers information without directly interacting with the
target system. It involves searching for information online, such as on social media sites and
search engines.
Ex:Whois,netcraft

2)Active Foot printing: This method directly interacts with the target system to gather
information. It can be done manually or with automated, Active foot printing is more intrusive
than passive foot printing and can potentially harm the target system if not done carefully.
Ex: Nslookup,port scanning
Foot Printing
Methodologies

 Foot printing using search engine

 Foot printing using Google

 Network Foot printing

 Website foot printing

 Whois Foot printing


Foot printing using Google

1).Dork: filetype:pdf site:keralapsc.gov.in

Result: https://www.keralapsc.gov.in/sites/default/files/2019-12/57-2019-OL.pdf

2). Dork: inurl:keralapsc.gov.in|inurl:"admin" |inurl:"login“

Result: https://www.keralapsc.gov.in/user/login
Whois Foot printing
 WHOIS Foot printing refers to the process of gathering information about a domain name
or IP address by querying public WHOIS databases.it provides registration details about
domain names and IP addresses .
Website Footprinting
 We use a software application or set of tools that allows users to create,
manage, and modify digital content on a website without needing to know
complex programming languages.
The Drupal 8.6.x has following vulnerabilities

1. Cross-site Scripting

2. Access bypass

3. SQL injection vulnerability

4. Remote Code Execution via File Upload

5. Cross-Site Request Forgery (CSRF) Vulnerability in File Uploads


Footprinting using Idserve

 Id serve is a tool which helps to identify the


web server used for the domain.
Foot Printing using Netcraft

 it's often used for detailed reports about domain names, web server details, and
site owners.
Wayback machine
 The Wayback Machine (operated by the Internet Archive) is an archive of web pages
and allows users to view the historical versions of websites.
SUBDOMAINS
SCANNING

 Scanning in ethical hacking refers to the process of identifying potential


vulnerabilities in a target system or network by actively probing and analyzing it for
weaknesses Which can attacked .

After scanning with the Nessus we found the following vulnerabilities

1. SSL Medium Strength Cipher Suites Supported (SWEET32)

2. HSTS Missing From HTTPS Server (RFC 6797)


Scanning The Domain using Zenmap

 After Scanning the Site using Zenmap found some vulnerabilities

 The results shows that the web server suits several TLS ciphers

 Here it uses DES and 3DES Ciphers which is not secure and suitable for for 64 bits.

 To over come this we have to use AES(Advanced encryption standards ) which is more
secure
and supports higher value of size like 128,256 bits .

 By analysing the Report also found that port 443/tcp is open


Scanning using Acunetix
 Here also got some similar vulnerabilities which we found by using Zenmap

 Weak Key Length: Using keys shorter than 128 bits in HTTPS connections can
weaken the encryption strength, making it more susceptible to attacks.

 Modern security standards recommend a minimum of 128 bits for symmetric


encryption keys

Recommended Actions:

Update Cipher Suites: Configure the server to use cipher suites with stronger key
lengths (e.g., 128-bit AES or higher).

 Implementing these changes can enhance the server's resistance to various


cryptographic attacks, ensuring better security for HTTPS connections.
THANK YOU

You might also like