Capital University of Science and
Technology
Department of Computer Science
CS4893-241- Penetration Testing
Semester Project
Semester: Spring 2024 Max Marks: 10
Instructor: Snober Naseer Date Assigned: 10th June, 2024
Report Submission Deadline: 21st June 2023
Application of penetration testing projects:
Following are some penetration testing related projects.
1. DOS Detection
Source: hindawi
The DoS (Denial of Service) attack detection tool will be specifically designed for beginners. This
tool will provide an intuitive interface and simple configuration options to assist users in detecting
and mitigating DoS attacks. It will monitor network traffic patterns, analyze abnormal traffic
spikes, and identify potential signs of a DoS attack.
�The tool will generate real-time alerts and notifications, allowing users to take immediate action
to mitigate the attack. The project's objective is to empower beginner-level users with an
accessible and effective solution for detecting and responding to DoS attacks, enhancing their
systems' overall security and availability.
Source code
2. SQL Injection
SQL Injection is a sort of Cyberattack in which hackers manipulate the SQL based application
queries through input fields available on the front end to fetch data and get login access. This is
successful on the web application whose code is vulnerable to SQL injection because of the
unavailability of security headers and not securing input fields.
In your project you can create a script to check if the application is vulnerable to SQL in jection
attacks and with respect to the vulnerability script can suggest remediation to close the
vulnerability.
Source Code
3. Optimized Password Cracker
The optimized password cracker tool will utilize advanced techniques and algorithms to efficiently
crack passwords encrypted using various hashing algorithms such as MD5, SHA-1, and bcrypt. It
will leverage parallel processing and GPU acceleration to increase the speed and efficiency of the
cracking process significantly. The cracker will also offer customizable options for dictionary,
brute-force, and hybrid attacks to cater to different password-cracking scenarios. This project aims
to provide users with a high-performance and versatile password-cracking tool that can effectively
retrieve lost passwords or evaluate the strength of password implementations.
Source code
4. Keylogging (Spyware)
In computing, a keylogger is a piece of software that monitors all the keystrokes that take place
on a computer's keyboard. It monitors previously pressed and currently active keys to record user
activity. You can consider the following project on the concept of keylogging:
� • Create a script that can record keystrokes.
• Create and bind a keylogger with legitimate application/software to record user activity,
basically spyware.
• Create a script that can detect the presence of a keylogger on endpoint.
Source Code
• This project is ideal for those who are interested in offensive security. If you find yourself
interested in this, do check such projects offered in CEH certification training.
5. Lost Data Retrieval
Malware can corrupt, destroy, or distort data, making data recovery abilities crucial to cyber
incident response. Ransomware attacks encrypt a victim's data and demand money in exchange
for decryption. This can be a good addition to your career as it involves information security in
project management.A ransomware data recovery technique can be used to train data retrieval
skills. Concentrate on recovering impacted systems from backups. Next, develop a strategy for
extracting corrupted or destroyed data from storage devices using data recovery tools.
Source Code
6. Using Metasploit Framework to disable windows defender:
You can disable Windows Defender, Firewall, Smartscreen And Execute the payload using
Metasploit framework. Run the code with the help of the given link, and take screenshots:
Sample Code
Instructions:
Create FUD (Fully Undetectable) Payload for Windows 10 - Secnhack
You have to run the codes on the relevant tools and write the reports including:
• Introduction and Background
• Description of Problem
• Code output with screenshots
• Findings and recommendations
• Conclusion
• References
Note
• If you want to choose something else as your project, you need to discuss with
the instructor
• You need to submit the report of the major assignment and give a viva/Demo
