Basics of

CyberSecurity &
Kali Linux
Where others see walls, we see doorways

Presented By - ISDF Club

 Table of contents

01 02
Introduction to Introduction to CTF
Cybersecurity
 01
Introduction to
Cybersecurity
 What is CyberSecurity ?

Aim The goal

The aim of cybersecurity is to protect The goal of cybersecurity is to
information systems, networks, and create a secure and resilient digital
data from unauthorized access, attacks,
environment where information
damage, or theft. This encompasses
ensuring the confidentiality, integrity, and systems are consistently
and availability of information by protected from threats and
implementing robust security vulnerabilities.
measures.
Basic Cybersecurity & Ethical Hacking Terms

Phishing
Fake emails or messages that trick users into revealing
personal info like passwords or credit card numbers.

Brute Force Attack

Trying all possible password combinations until the
correct one is found.

Rootkit
A type of malware that gives attackers full control of
a system while hiding itself.
DDoS Attack (Distributed Denial of Service)
An attack where multiple systems overload a server,
making it crash or slow down

VPN (Virtual Private Network)

Encrypts your internet connection and hides your IP
address – used for privacy & bypassing geo-restrictions.
 Hackers
Hackers are individuals who use their technical knowledge and skills to gain
unauthorized access to systems, networks, or data.

Types of Hackers:-

● White Hat Hackers:

Also known as “Ethical Hackers”
They use their skills and knowledge to find and fix the vulnerabilities in
systems to prevent malicious attacks.

● Black Hat Hackers:

Basically the “Bad Guys” of the hacking world.
They exploit vulnerabilities for personal gain, often engaging in illegal
activities like stealing data, spreading malware or causing disruptions.

● Grey Hat Hackers:

They fall somewhere in between Black Hats and White Hats
They might exploit vulnerabilities without permission but do not have
malicious intent.
 What is Ethical Hacking ?

● Penetration Testing or White - Hat Hacking

● Authorized and legal efforts to penetrate and test the security of

computer systems

● They use the same techniques and tools as malicious hackers but
in a lawful and constructive manner
Is CyberSecurity = Ethical Hacking ?
CyberSecurity Ethical Hacking

● This involves ● Its aim is to identify

implementing defensive vulnerabilities and
measures to prevent weaknesses in an
unauthorized access, organization's
data breaches, and cyber security posture
attacks. before malicious
hackers can exploit
them.
 CTF (Capture The Flag)

Capture The Flag (CTF) is a cybersecurity competition where

participants solve challenges to find "flags" — pieces of hidden data
that simulate real-world hacking scenarios.

It helps in learning, practicing, and demonstrating skills in areas like:

*Cryptography
*Web Exploitation
*Reverse Engineering
*Forensics
*Binary Exploitation
 Categories of CTF

WEB Exploitation Steganography Open-Source

Intelligence (OSINT)
Is the practice of finding Is the technique of hiding
and using weaknesses in OSINT is the process of collecting
secret information within
websites or web apps, such and analyzing publicly
ordinary files like images,
as SQL injection or XSS, to available information from
audio, or text, so it’s not
gain unauthorized access or the internet, social media,
easily noticed. Unlike
data. It helps understand websites, and databases to
encryption, the goal is to
how attacks work and how gather intelligence for
conceal the very existence
to prevent them. investigations or security
of the message.
purposes.
Forensics Cryptography
Digital forensics involves Is the science of securing
recovering, analyzing, and data by converting it into a
preserving data from coded format using
digital devices to algorithms. It ensures
investigate cybercrimes confidentiality, integrity,
or security incidents. It and authentication of
information during
helps trace activities, communication or store.
recover deleted files, and
provide legal evidence.
LET’s PRACTICE
https://basicwebexpploitation.netlify.app/
https://cyberrps.netlify.app/
https://mazectf.netlify.app/
Day 1 done!
Follow us on Insta & join the WhatsApp community
 02
Operating Systems &
Kali Linux
Installation
 Introduction to Operating System

• The operating system is the foundation software that

allows hardware and applications to work together. It
manages resources like CPU, memory, and storage. In
cybersecurity, the OS plays a critical role by enforcing
access controls, managing security updates, and
preventing unauthorized use.
Key Functions of an OS

Process Management – Controls running programs, ensuring efficiency

and isolation.

Memory Management – Allocates and protects RAM, preventing malware

from accessing sensitive data.

File System Management – Organizes files, manages permissions, and

secures stored data.

Security & Access Control – Authenticates users and enforces system

policies to protect against unauthorized access.
Examples of Operating Systems

•Windows – e.g., Windows 10, Windows 11

•macOS – used in Apple computers (e.g., macOS Ventura)

•Linux – e.g., Ubuntu, Fedora, Kali Linux

•Android – used in smartphones and tablets

•iOS – used in iPhones and iPads

 Kali Linux
● Kali Linux is a specialized Linux distribution
designed for penetration testing, ethical
hacking, and digital forensics.

● Kali Linux includes hundreds of pre-installed

tools for various security tasks, such as network
scanning, vulnerability assessment, penetration
testing, digital forensics, and reverse
engineering.
KALI LINUX OPERATING SYSTEM

Kali Linux is a Debian-based

operating system designed for
ethical hacking, penetration
testing, and cybersecurity. It
comes with pre-installed tools
for tasks like network analysis,
forensics, and vulnerability
testing.
 Why use Kali Linux ?

● Pre-Installed Tools: Kali Linux comes with hundreds of pre-

installed tools that are specifically designed for various
security tasks.

● Regular Updates: The tools in Kali Linux are regularly

updated to include the latest versions and patches.

● Customizable: Kali Linux is highly customizable, allowing

users to tailor the operating system to their specific needs by
adding or removing tools and software packages.
 Kali Linux
Installation
Introduction to the Linux
Command Line
File and Directory Management
● Creating, renaming, moving, and deleting files and
directories (touch, mv, cp, rm, mkdir, rmdir)
● Viewing file contents (cat, less, more, head, tail)
● File permissions (chmod, chown)

● chmod u+x script.sh: Adds cat displays the entire file content.
execute permission for the owner less and more display the file content
of script.sh. page by page, with less offering more
● chmod go-r file.txt: features.
Removes read permission for head displays the beginning of a file.
group and others on file.txt. tail displays the end of a file.
Process Management
● Listing running processes (ps, top)
● Killing processes (kill, killall)
Package Management
● Installing, removing, and updating packages (apt)
● Searching for packages (apt-cache search)
● To Get information about a package (whatis , man ,
find , --help)

apt-cache search keyword

sudo apt upgrade: Upgrades installed Example: sudo apt install vim to install the
packages to their latest versions. Vim text editor.
sudo apt full-upgrade: Upgrades all
installed packages, including removing old sudo apt remove firefox to remove
packages if necessary. the Firefox web browser.
Day 2 done!
Follow us on Insta & join the WhatsApp community
 03
Kali Linux :

Features and Penetration

Testing Tools
NMAP :-
Introduction to Nmap
● What is Nmap?

Nmap, short for Network Mapper, is a powerful for network scanning

It's widely used by network engineers to gather information about
networks, identify hosts, and vulnerabilities.

● Basic syntax: nmap <target>

● Common use cases (network discovery, port scanning, service
detection ).
Port Scanning with Nmap-
port scanning is a fundamental aspect of network security
auditing. Nmap provides powerful tools for port scanning,
allowing users to identify open ports, services running on
those ports, and potential vulnerabilities.
Network ports are the physical interfaces that allow devices to connect and
communicate with each other over a network.

Examples:-
- FTP (21)
- SSH (22)
- DNS (53)
- HTTP (80)
- HTTPs (443)
Common Nmap Commands:-

nmap -sS 192.168.1.1 (SYN Scan)

nmap -sU 192.168.1.1 (UDP Scan)

nmap -sV 192.168.1.1 (Version Scan)

nmap -A 192.168.1.1 (Aggressive Scan)

nmap -p 80,443 192.168.1.1 (Scan specific ports)

SSH (Secure Shell)
● Purpose: Securely connect to remote systems.
● Basic command: ssh username@hostname
● Example: ssh user@192.168.1.100
● Key management: ssh-keygen for generating
SSH keys.
● File transfer: scp for secure file copying.
FTP (File Transfer Protocol)
● Purpose: Transfer files between computers.
● Basic command: ftp <hostname>
● Commands: ls, cd, get, put for navigating
and transferring files.
● Note: FTP is less secure than SSH. Use
SFTP or SCP for sensitive data.
FTP Port: The default port for the File Transfer Protocol (FTP) is port 21
 What is IP address ?
An IP (Internet Protocol) address is a unique numerical
label assigned to each device connected to a computer
network that uses the Internet Protocol for
communication.

The main purpose of IP is:-

● Identifying the host or network interface.

● Providing the location of the host in the network.

 What is the major role of IP address?
An IP serves several critical functions in Internet Communication:

● Identification - It uniquely identifies a device on a network much

like a portal address identifies a specific location in the physical
world.

● Location - It provides information about where a device is located

within a network, enabling data to be routed to and from that
device correctly.

● Routing - IP address are essential for directing data packets across

the internet from the source to the destination. IP is used to
determine the best path for data

● Access Control - IP address can be used to control access to

networks and resources, allowing or denying traffic based on the IP
address of the source.
 Generating Random IPs
Generating random IPs and switching IPs help in improving the security of our
network, enhancing the privacy of our network or system and reduce the chances
of being tracked

There are several methods and tools for this:

● Dynamic IP Addressing

● Virtual Private Networks (VPNs)

● Proxy Servers

● Tor Network

● * IP Spoofing *
 IP Spoofing
IP spoofing is a technique used by attackers to disguise their identity by altering the
source IP address in the header of an IP packet. This makes it appear as though the
packet is coming from a trusted or legitimate source, rather than the attacker's actual IP
address.

How IP Spoofing Works:

1. Crafting the Packet: The attacker creates a packet with a fake (spoofed) source IP
address, which could be the IP address of a trusted device or a random address.
2. Sending the Packet: The spoofed packet is sent to the target device or network. Because
the source IP address is faked, the recipient believes the packet comes from a legitimate
source.
3. Response Handling: If the target responds to the spoofed packet, the response is sent to
the forged IP address, not the attacker. This can complicate the attacker's ability to maintain
communication, but in many cases, the attacker doesn't need a response.
About GoBuster:-
ARE YOU READY TO CRACK THE HASHES ?
Introduction:
● Hashcat and John the Ripper are two of the
most popular password cracking tools used in
cybersecurity.
● These tools are primarily used for password
recovery, penetration testing, and security
audits.
● This presentation provides a brief comparison
and highlights the important commands for
each tool.
Hashcat Important Commands:

● Basic Command Structure:

● Hashcat is a powerful GPU-based password
cracking tool known for its speed and hashcat -m [hash-type] -a
efficiency. [attack-mode] [hashfile]
[wordlist]
● It supports a wide variety of hash types,
including MD5, SHA-256, NTLM, and more.
● Hashcat is ideal for cracking large datasets Example Commands:
due to its ability to leverage GPU power.
Dictionary Attack:

hashcat -m 0 -a 0 hashes.txt
-a [attack-mode]: Determines the method wordlist.txt
Hashcat will use to crack the hash. Common
modes include: Brute-force Attack:
0: Brute-force attack (tries every possible
combination) hashcat -m 0 -a 3 hashes.txt
1: Dictionary attack (uses a wordlist)
2: Mask attack (uses a mask to define the Hybrid Attack (Dictionary + Mask):
character set and length)
3: Hybrid attack (combines dictionary and hashcat -m 0 -a 6 hashes.txt
brute-force) wordlist.txt
John the Ripper Important Commands:
Basic Command Structure:
Description:

● John the Ripper is a versatile CPU-based john [options] [password-files]

password cracking tool, widely used for its
flexibility.
● It supports a large number of hash formats
and can crack passwords from various Example Commands:

sources, including Unix/Linux, Windows, Crack a Hash:

and macOS.
john --format=[hash-type] --
● John the Ripper includes advanced features
wordlist=[wordlist] [hashfile]
like word mangling rules and incremental
mode for more in-depth password analysis.
Show Cracked Passwords:

john --show [password-files]

Incremental Mode:

john --incremental [hashfile]

LET’s PRACTICE
Comparison

Criteria Hashcat John the Ripper

Speed Faster due to GPU utilization. Slower but more flexible with formats.
Ease of More complex command structure; harder More user-friendly; straightforward for basic tasks.
Use
for beginners.
Flexibility Multiple advanced attack modes; highly Detailed password analysis with custom rules and
customizable. incremental modes.
Behind every great
hacker, there's a burp

SO ,
Let’s Begin BURPSUITE
Introduction to Burp Suite

What is Burp Suite?

■ A comprehensive platform for web application security

testing.
■ It helps identify vulnerabilities like SQL injection.

Usage Context:

■ Commonly used by penetration testers, security

researchers, and web developers.

Editions:

■ Community Edition: Free, limited features.

■ Professional Edition: Paid, full features including
automated scanning.
Setting Up Burp Suite with
FoxyProxy
○ Step 1: Install Burp Suite
■ Download from the official website.
■ Install and launch the application.

○ Step 2: Configure FoxyProxy

■ Install FoxyProxy Extension: Available for Chrome and Firefox.
■ Set Up Burp Proxy:
■ Configure FoxyProxy to route traffic through Burp’s proxy
(default: 127.0.0.1:8080).
■ Install CA Certificate: Install Burp’s CA certificate in your browser
to intercept HTTPS traffic.

○ Step 3: Start Intercepting

■ Enable FoxyProxy and start intercepting traffic through Burp Suite.
Burp Suite Modules
Overview
○ Proxy:
■ Intercepts and analyzes HTTP/S requests and responses.

○ Repeater:
■ Manually modify and resend individual HTTP requests for testing.

○ Intruder:
■ Perform automated customized attacks such as brute force or
fuzzing.

○ Scanner:
■ Automated tool for identifying vulnerabilities in web applications.
Burp Suite Proxy
Module
○ Intercepting Traffic:
■ Captures and inspects HTTP/S requests between the browser
and web server.
■ Modify requests before sending them to the server for testing
input validation.
○ Analyzing Responses:
■ Inspect server responses for sensitive information or unusual
behavior.
○ Filtering and Searching:
■ Use filters to focus on specific types of traffic (e.g., certain URLs
or parameters).
○ Logging:
■ Logs all traffic for later analysis, crucial for documenting findings.
Burp Suite Repeater
Module

● Manual Testing:
○ Modify and resend individual HTTP requests to test different inputs
and parameters.
● Analysis:
○ Observe how the application responds to various modifications in
requests.
● Use Cases:
○ Test for vulnerabilities like SQL injection by modifying query
parameters.
○ Experiment with different headers, cookies, or body data to explore
server behavior.
● Efficiency:
○ Allows rapid testing without re-executing the entire browser workflow.
Burp Suite Intruder
Module

○ Automated Attacks:
■ Perform customized automated attacks, such as brute force, fuzzing, or parameter
tampering.
○ Payload Positions:
■ Define positions in the request where payloads will be inserted.
○ Attack Types:
■ Choose from different attack modes like Sniper, Battering Ram, Pitchfork, or
Cluster Bomb.
○ Payload Options:
■ Use predefined lists or custom payloads, including numbers, dates, or strings.
○ Results Analysis:
■ Review responses to identify successful attacks or potential vulnerabilities.
Day 3 done!
Follow us on Insta & join the WhatsApp community