INDEX

S.NO PRACTICAL REMARKS

1 Explain in brief Vulnerability

Assessment tool- Nessus, openVas

2 Discuss about wireless security

protocols (WPA, WPA2) and aircrack
tool

3 Explain about the network scanning

tools (Nmap, hping3)

4 Discuss about firewall services In

detail (application firewall)

5 Discuss about SMB and SMTP

enumeration

6 Illustrate about packet sniffing tools

such as wireshark

7 Explain about system hacking tools

such as metasploit

8 Discuss about how data encrypted in

web security services in https

9 Write practical steps in active and

passive footprinting

10 Illustrate about browser security tools

– shodan, netcraft

11 Write and practically demonstrate

about steganography technique

12 Discuss about audit policies using

auditpool
13 Discuss about Denial of service tools-
LOIC, HOIC

14 Write a code for creating a malware,

and how to test it in online mode for
educational purposes
 PRACTICAL - 1
Explain in brief Vulnerability Assessment tool- Nessus, openVas

Aim:

To understand the features, functionalities, and significance of Vulnerability Assessment tools,

Nessus and OpenVAS, in identifying system vulnerabilities.

Objective:
 To study the working principles of Nessus and OpenVAS.
 To explore their features, capabilities, and applications in network security.
 To analyze and compare the tools for effective vulnerability assessment.

Theory:

Vulnerability Assessment:
Vulnerability assessment is the process of identifying, classifying, and prioritizing vulnerabilities in
systems or networks. Tools like Nessus and OpenVAS play a vital role in automating this process to
ensure secure IT infrastructure.

1. Nessus:
 Nessus is a proprietary vulnerability assessment tool developed by Tenable, Inc.
 It is widely used for identifying vulnerabilities like misconfigurations, policy violations,
malware, and potential backdoors.
 Features:
o Performs in-depth scans on networks, applications, and devices.
o Offers extensive reporting and analysis tools.
o Provides continuous updates to vulnerability databases.
 Common Use Cases:
o Risk assessment in IT environments.
o Compliance audits for standards like PCI DSS, HIPAA, and ISO 27001.
o Proactive detection of potential exploits.
2. OpenVAS (Open Vulnerability Assessment System):
 OpenVAS is an open-source vulnerability scanner and assessment tool, maintained by
Greenbone Networks.
 It offers extensive vulnerability detection capabilities with a focus on free and community-
driven development.
 Features:
o Includes a vast library of Network Vulnerability Tests (NVTs).
o Supports full automation of scanning and reporting.
o Provides APIs for integration into broader security systems.
 Common Use Cases:
o Identifying and addressing security flaws in networks and hosts.
o Serving as a free alternative for vulnerability scanning in organizations with budget
constraints.
 PRACTICAL - 2
Discuss about wireless security protocols (WPA, WPA2) and aircrack tool

Aim:
To study wireless security protocols WPA and WPA2, and understand the functionality of
the Aircrack tool in testing wireless network security.
Objective:
 To explore the features and security mechanisms of WPA and WPA2.
 To understand the usage of the Aircrack tool for auditing wireless networks.
To analyze the importance of securing wireless communications.

Theory:
Wireless Security Protocols:
Wireless networks require robust security protocols to protect data from unauthorized
access. WPA (Wi-Fi Protected Access) and WPA2 are widely used standards for securing
Wi-Fi communications.
1. WPA (Wi-Fi Protected Access):
 Introduced as an improvement over the flawed WEP (Wired Equivalent Privacy)
protocol.
 Features:
o Utilizes TKIP (Temporal Key Integrity Protocol) to provide encryption.
o Supports dynamic key generation and message integrity checks.
o Backward compatible with older hardware.
 Limitations:
o Vulnerable to brute-force and dictionary attacks.
o Relatively weaker encryption compared to WPA2.
2. WPA2 (Wi-Fi Protected Access 2):
 Successor to WPA with enhanced security features.
 Features:
o Uses AES (Advanced Encryption Standard) for robust encryption.
o Implements CCMP (Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol) for integrity and confidentiality.
 o Provides stronger resistance to network attacks.
 Limitations:
o WPA2-PSK (Pre-Shared Key) is susceptible to weak password attacks.
oRequires hardware support for AES encryption.

Aircrack-ng Tool:
 Aircrack-ng is a popular open-source tool for testing
wireless network security.
 It specializes in capturing and analyzing wireless packets and cracking WEP and
WPA/WPA2 keys.
 Key Components:
o Airmon-ng: Enables monitor mode on wireless devices.
 PRACTICAL - 3
Explain about the network scanning tools (Nmap, hping3)

Aim:
To understand the functionality and applications of network scanning tools, Nmap and
hping3, in analyzing and securing network environments.
Objective:
 To explore the features and capabilities of Nmap and hping3.
 To understand their significance in network scanning and vulnerability
assessment.
To analyze how these tools help in enhancing network security.

Theory:
Network Scanning Tools:
Network scanning is a process of identifying active devices, open ports, and network
vulnerabilities. Tools like Nmap and hping3 are widely used for reconnaissance and
auditing purposes in cybersecurity.
1. Nmap (Network Mapper):
  Nmap is an open-source network scanning tool designed for security auditing and
network exploration.

 Features:
o Detects live hosts on a network.
o Scans for open ports, running services, and OS detection.
o Supports advanced techniques like stealth scans, version detection, and
script-based scanning using NSE (Nmap Scripting Engine).
 Common Commands:
o nmap -sS <target>: Performs a stealth scan.
o nmap -O <target>: Identifies the operating system.
o nmap -A <target>: Provides detailed scan results, including OS and service
versions.
 Applications:
o Network inventory and monitoring.
o Penetration testing and vulnerability assessment.

2. hping3:
 hping3 is an open-source packet crafting and scanning tool used to manipulate and
send custom TCP/IP packets.

 Features:
 PRACTICAL - 4
Discuss about firewall services In detail (application firewall)
Aim:
To study the working principles and functionalities of firewall services, focusing on
application firewalls, and their role in network security.
Objective:
 To understand the types and functionalities of firewalls.
 To explore the specific features and importance of application firewalls.
 To analyze the use cases and limitations of application firewalls in network
protection.
Theory:
Firewalls in Network Security:
A firewall is a security system designed to monitor and control incoming and outgoing
network traffic based on predefined security rules. It acts as a barrier between trusted
internal networks and untrusted external networks.

Types of Firewalls:
1. Packet-Filtering Firewalls: Operate at the network layer, filtering traffic based on
source/destination IP, port, and protocol.
2. Stateful Firewalls: Keep track of active sessions and make decisions based on the
state of connections.
 3. Application Firewalls: Provide advanced filtering by inspecting traffic at the
application layer.
Application Firewall:
An application firewall is a type of firewall that monitors, filters, and controls traffic to and
from applications or services. It works at the application layer (Layer 7 of the OSI model)
and is capable of analyzing and filtering traffic specific to web applications, APIs, or other
protocols.
Features of Application Firewalls:
 Content Inspection: Examines data payloads to detect malicious activities like SQL
injection, cross-site scripting (XSS), and buffer overflow attacks.
 Granular Control: Provides detailed rules for specific applications or services.
 User Authentication: Ensures only authorized users can access applications.
 Protocol Enforcement: Validates adherence to protocol standards (e.g., HTTP,
HTTPS).
Logging and Monitoring: Tracks application-level events for auditing and analysis.
Use Cases of Application Firewalls:
1. Protecting web servers from cyberattacks like DDoS, SQL injection, and XSS.
2. Securing enterprise applications by blocking unauthorized data transmission.
3.Enforcing compliance with security policies for sensitive data.
Advantages:
 Protects against advanced application-layer threats.
 Provides deep visibility into application traffic.
Enables secure access to web applications and APIs.

Limitations:
 Can be resource-intensive, requiring significant
processing power.
 Needs constant updates and fine-tuning to adapt to
evolving threats.
May introduce latency in high-traffic environments.

Popular Application Firewall Solutions:

 Web Application Firewalls (WAFs): Designed to protect web applications (e.g., AWS
WAF, Cloudflare WAF).
 Host-based Application Firewalls: Installed on individual servers or devices.
 PRACTICAL - 5
Discuss about SMB and SMTP enumeration

Aim:

To understand the process of enumerating SMB (Server Message Block) and SMTP (Simple Mail
Transfer Protocol) services to gather useful information for penetration testing and vulnerability
assessment.

Objective:
 To explore the techniques used for enumerating SMB and SMTP services.
 To understand the significance of these enumeration processes in cybersecurity.
 To analyze the tools and methods used for effective enumeration.

Theory:

Enumeration in Cybersecurity:
Enumeration is the process of extracting information about systems, networks, and services. It is a
critical phase in ethical hacking and penetration testing to identify potential vulnerabilities.
1. SMB (Server Message Block) Enumeration:
 SMB is a network protocol used for sharing files, printers, and communication between
devices on a network.
 SMB enumeration involves extracting information about shared resources, users, and
machines on the network.

 Information Gathered:
o Shared folders and files.
o Active users and groups.
o Network devices and services.
 Common Tools for SMB Enumeration:
o Nmap:
  Relevance in Security:
o Helps identify misconfigurations and sensitive data exposure.
o Assists in auditing user privileges and shared resource access.

2. SMTP (Simple Mail Transfer Protocol) Enumeration:

 SMTP is a protocol used for sending emails between servers.
 SMTP enumeration aims to gather information about valid email addresses, mail servers, and
supported commands.
 Information Gathered:
o Valid email accounts.
o Server configuration and supported extensions.
o Usernames for brute-force or social engineering attacks.
 Common Tools for SMTP Enumeration:
o Telnet:
 Manually connects to the SMTP server for enumeration.
 Commands:
 EHLO <hostname>: Identifies server capabilities.
 VRFY <username>: Verifies if a user exists.
 EXPN <listname>: Displays members of a mailing list (if allowed).
o Nmap:
 Command: nmap --script smtp-enum-users -p 25 <target>
o Metasploit Framework:
 Module: auxiliary/scanner/smtp/smtp_enum
 PRACTICAL - 6
Illustrate about packet sniffing tools such as wireshark

Aim:

To study packet sniffing and analyze network traffic using Wireshark, a powerful and widely used
packet capture tool.

Objective:
 To understand the concept and significance of packet sniffing in network security.
 To explore the features and capabilities of Wireshark.
 To analyze live and recorded network traffic for troubleshooting and vulnerability
assessment.

Theory:

Packet Sniffing:
Packet sniffing involves capturing, analyzing, and monitoring network packets to understand network
behavior, diagnose issues, or detect malicious activities. Sniffers can capture data transmitted over
wired or wireless networks and are essential for network administration and cybersecurity.

Wireshark:
Wireshark is an open-source network protocol analyzer used for capturing and inspecting packets in
real-time or from saved files. It supports a vast number of protocols and is highly versatile for
troubleshooting and security analysis.
Features of Wireshark:

1. Packet Capture:
 PRACTICAL – 7
Explain about system hacking tools such as metasploit

Aim:

To study and understand the functionality of system hacking tools, focusing on the Metasploit
Framework, its use in penetration testing, and its relevance to cybersecurity.

Objective:
 To explore the features and capabilities of the Metasploit Framework.
 To understand how Metasploit is used to identify and exploit vulnerabilities in systems.
 To analyze its significance in ethical hacking and security testing.

Theory:

System Hacking in Cybersecurity:

System hacking involves gaining unauthorized access to computer systems, applications, or
networks. Ethical hacking uses these techniques to assess vulnerabilities and improve security.

Metasploit Framework:
Metasploit is an open-source platform used for penetration testing, vulnerability assessment, and
exploitation. It provides a comprehensive environment for identifying and addressing security
weaknesses in networks and systems.
Features of Metasploit Framework:

1. Exploitation Modules:
o Pre-built scripts designed to exploit specific vulnerabilities in software or systems.

2. Payloads:
o Code executed on the target system after successful exploitation. Examples include
reverse shells, bind shells, or meterpreter sessions.

3. Auxiliary Modules:
o Used for tasks like scanning, sniffing, and service enumeration without exploitation.

4. Post-Exploitation Modules:
o Tools for activities after gaining access, such as privilege escalation, keylogging, or
data exfiltration.

5. Encoders and Evasion Tools:

o Modify payloads to bypass antivirus and intrusion detection systems.

6. Meterpreter:
o An advanced payload that provides an interactive shell and additional tools for post-
exploitation.

How Metasploit Works:

1. Reconnaissance:

o Use auxiliary modules or external tools like Nmap to identify

vulnerabilities.
 PRACTICAL – 8
Discuss about how data encrypted in web security services in https

Aim:

To understand the principles of data encryption in web security services using HTTPS, and the role of
encryption protocols in ensuring secure communication over the internet.

Objective:
 To explore how HTTPS encrypts data for secure transmission.
 To understand the key cryptographic techniques and protocols involved in HTTPS.
 To analyze the significance of HTTPS in web security.

Theory:

HTTPS Overview:
 HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP with encryption and
security features enabled through SSL/TLS protocols.
 It ensures the confidentiality, integrity, and authenticity of data exchanged between a client
(browser) and a server.

Key Components of HTTPS:

1. SSL/TLS Protocols:
o SSL (Secure Sockets Layer) and TLS (Transport Layer Security) establish a secure
connection by encrypting data.
o TLS is the more secure and modern version, widely adopted for web
encryption.

2. Public Key Infrastructure (PKI):

o HTTPS relies on PKI to manage encryption keys and digital

certificates.
 o Certificates are issued by trusted Certificate Authorities (CAs) to verify the identity of
websites.

3. Encryption Techniques:
o Symmetric Encryption: Used for the actual data transmission (e.g., AES).
o Asymmetric Encryption: Used during the handshake process to exchange symmetric
keys securely (e.g., RSA).

How HTTPS Encryption Works:

4. Handshake Phase:
o The client requests a secure connection to the server.
o The server sends its SSL/TLS certificate, including its public key, to the client.
o The client verifies the certificate using the CA’s public key.
o A secure session key (symmetric key) is generated and shared using asymmetric
encryption.

5. Data Encryption Phase:

o Once the handshake is complete, all data exchanged between the client and server is
encrypted using symmetric encryption.

3. Integrity Check:

o Each encrypted message includes a Message Authentication Code (MAC) to ensure

data integrity.

Benefits of HTTPS:
 Confidentiality: Prevents eavesdropping by encrypting the data in transit.
 Integrity: Ensures that data is not altered during transmission.
 Authentication: Confirms the identity of the website through certificates.
 PRACTICAL – 9
Write practical steps in active and passive footprinting

Aim:
To understand and perform active and passive footprinting techniques for gathering
information about a target network or system during a penetration test.
Objective:
 To explore the differences between active and passive footprinting.
 To identify the tools and techniques used in both types of footprinting.
To perform both active and passive footprinting to gather relevant data.
Theory:
Footprinting in Cybersecurity:
Footprinting is the first step in ethical hacking and penetration testing. It
involves
gathering as much information as possible about a target system or network. This helps
identify potential vulnerabilities and plan the attack in subsequent stages. Footprinting
can be categorized into two types:
1. Active Footprinting
2. Passive Footprinting
3. Passive Footprinting:
Passive footprinting is the process of gathering information about a target system or
network without directly interacting with it. The goal is to avoid detection by the target
while collecting useful data. This type of footprinting mainly involves publicly available
resources and data.
Techniques in Passive Footprinting:
 WHOIS Lookup:
o WHOIS queries provide information about domain names, IP address
blocks, and domain registrants.
o Tool: whois <domain>
 DNS Querying:
o DNS queries can reveal details like domain names, subdomains, and IP
addresses associated with the target.
o Tool: dig <domain> or nslookup <domain>
 PRACTICAL - 10
Illustrate about browser security tools – shodan, netcraft

Aim:
To understand the functionality and usage of browser security tools such as Shodan and
Netcraft, and their role in identifying vulnerabilities in web applications and networks.
Objective:
 To explore how Shodan and Netcraft work for identifying security risks in websites,
services, and networks.
 To understand the key features and capabilities of these tools.
To demonstrate how these tools can be used for online security assessments.

Theory:
Browser Security Tools Overview: Browser security tools are critical for identifying
vulnerabilities in websites, networks, and online services. They help security
professionals, researchers, and penetration testers monitor and assess the security
posture of online systems.
1. Shodan: Shodan is a search engine designed for discovering information about
internet-connected devices. Unlike traditional search engines, Shodan indexes services
and devices based on their IP addresses, open ports, and banner information. It is often
used for identifying vulnerable devices, services, and applications exposed to the
internet.
Key Features of Shodan:
 Search Engine for IoT Devices: Shodan helps locate internet-connected devices,
including cameras, routers, industrial equipment, servers, and more.
 Service and Port Discovery: Shodan indexes devices based on their open ports and
services, providing details on what protocols are running and what vulnerabilities
may exist.
 Vulnerability Detection: Shodan can highlight devices with known vulnerabilities or
outdated software versions, allowing cybersecurity professionals to spot
weaknesses in systems exposed to the public internet.
 Advanced Filtering: Shodan allows users to search with filters such as geographic
location, device type, organization, and service version to pinpoint specific targets.
How Shodan Works:
 Shodan continuously scans the internet, collecting data from devices and services
exposed to the public IP space. It then indexes this data, making it searchable by
users.
 The results can include device banners (information returned by services running
on specific ports), including device type, version information, and sometimes even
credentials.

Practical Use of Shodan:

1. Go to the Shodan website (https://www.shodan.io).
2. Use search queries such as apache or ssh to find devices running these services.
3. Apply filters to narrow down results by country, organization, or specific
vulnerability tags.
Example Search:
 apache country:"US" to find Apache servers in the United States.
 ssl to find SSL-enabled servers.
2. Netcraft: Netcraft is a cybersecurity company that provides tools for
identifying
security risks, including website fingerprinting, phishing detection, and web application
analysis. Netcraft is known for its services that help track malicious activity and gather
intelligence on the security of online services.
 PRACTICAL – 11
Write and practically demonstrate about steganography technique

Aim:

To understand the concept and practical application of steganography for hiding information within
digital media, such as images, and to demonstrate how data can be embedded and extracted using
steganography.

Objective:
 To learn the principles behind steganography.
 To explore different types of steganographic techniques and their use cases.
 To practically demonstrate hiding and extracting information from images using Python.

Theory:

What is Steganography? Steganography is the practice of hiding data within a medium such that the
existence of the hidden data is not apparent to the observer. Unlike encryption, where the goal is to
make data unreadable to unauthorized parties, steganography aims to conceal the presence of the
message itself.

Key Concepts in Steganography:

 Carrier File: The file in which the hidden message will be embedded, such as an image,
audio, or video file.
 Payload: The hidden information that is being concealed, which can be text, an image, or any
other form of data.
 Least Significant Bit (LSB) Substitution: One of the most common techniques in image
steganography, where the least significant bits of the pixel values are altered to embed data
without visibly changing the image.

Types of Steganography:

1. Image Steganography: Embedding secret information into images (most commonly used
method).

2. Audio Steganography: Hiding data within audio files.

3. Video Steganography: Embedding information in video files.

4. Text Steganography: Hiding information within the structure or characters of text files.

Common Techniques:
 Least Significant Bit (LSB) Encoding: This technique involves replacing the least significant
bits of the image’s pixel values with the secret data. This allows for hiding data without
noticeable changes to the image.
  Transform Domain Techniques: Involves modifying the frequency components of the image,
such as using Discrete Cosine Transform (DCT) or Discrete Wavelet Transform (DWT).

Applications of Steganography:
 Protecting sensitive data by embedding it in innocuous files.
 Digital watermarking for copyright protection.
 Concealing data for covert communication.

Practical Demonstration: Steganography in Python using the Pillow and stepic Libraries

Requirements:
 Python installed on your system.
 Pillow (for image processing) and stepic (for steganography) libraries installed. You can install
these via pip:

pip install pillow stepic

Steps to Hide a Message in an Image:

1. Import Required Libraries: First, you need to import the necessary libraries to work with
images and perform steganography.

from PIL import Image

import stepic

2. Choose an Image and a Message: You need an image file (e.g., image.png) to serve as the
carrier file and a message that you want to embed.

3. Embed the Message: Use the stepic library to encode the message within the image.

Python-
# Open the image

image = Image.open("image.png")

# The secret message

secret_message = "This is a secret message hidden in the image."

# Encode the message into the image

encoded_image = stepic.encode(image, secret_message.encode())

# Save the encoded image

 PRACTICAL – 12
Discuss about audit policies using auditpool

Aim:

To understand and demonstrate the configuration of audit policies in Windows using the Auditpol
tool, and to explore how these policies can help in tracking system activities for security monitoring
and compliance.

Objective:
 To learn about the purpose of audit policies in Windows security.
 To demonstrate how to configure and manage audit policies using the Auditpol command.
 To explore different audit policy categories and their practical implications in system
auditing.

Theory:

What is Auditpol? Auditpol is a command-line utility in Windows that allows administrators to

configure, view, and modify security auditing policies. Security auditing helps in tracking system
events such as user logins, file accesses, system changes, and other important actions on a system.
These logs are vital for security monitoring, incident investigation, and ensuring compliance with
security policies.

Key Concepts:
 Audit Policies: These policies define the types of actions or events that are logged for
auditing. They allow administrators to capture events related to user activities, security
changes, and system access.
 Event Logs: The data captured by audit policies is stored in event logs. These logs can be
viewed using tools like the Event Viewer.
 Audit Categories:
o Logon/Logoff: Tracks user logon/logoff events.
o Account Logon: Captures events related to account authentication.
o Object Access: Monitors access to objects such as files and folders.
o Privilege Use: Logs events where system privileges are used or modified.
o Policy Change: Tracks changes in security policies.
o System Events: Records system-level events like startup, shutdown, or resource
allocation.

Auditpol Command: Auditpol is a powerful command used to configure audit policies at both the
domain and local machine levels. The syntax for Auditpol is:
BASH -

auditpol /set /subcategory:<subcategory_name> /success:[enable|disable] /failure:[enable|disable]

Where:
 /subcategory: defines the specific audit policy.
 /success: enables or disables auditing of successful events.
 /failure: enables or disables auditing of failed events.

Examples of Auditpol Subcategories:

 Logon/Logoff
 Account Logon
 Object Access
 Directory Service Access
 Policy Change
 Logon/Logoff
 Account Management

Practical Demonstration: Using Auditpol to Configure Audit Policies

Requirements:
 A Windows machine with administrative privileges.

Step 1: Viewing Current Audit Policy Configuration To view the current audit policy settings on the
system, use the following command:

BASH -
auditpol /get /category:*

This command displays the current configuration of all audit categories and subcategories, showing
whether auditing for success or failure events is enabled or disabled.

Step 2: Enabling Specific Audit Policies To enable auditing for successful and failed logons, use the
following command:

BASH -

auditpol /set /subcategory:"Logon/Logoff" /success:enable /failure:enable

This command ensures that both successful and failed logon attempts are logged.
 PRACTICAL – 13
Discuss about Denial of service tools- LOIC, HOIC

Aim:

To understand the functioning and usage of Denial of Service (DoS) tools, specifically LOIC (Low Orbit
Ion Cannon) and HOIC (High Orbit Ion Cannon), and their implications in network security.

Objective:
 To explore the tools LOIC and HOIC, which are commonly used in DoS attacks.
 To demonstrate the basic working of these tools.
 To understand the ethical and legal implications of using such tools.

Theory:

What is Denial of Service (DoS)? Denial of Service (DoS) is a type of cyberattack that aims to make a
network service unavailable to its intended users by overwhelming it with traffic or by exploiting
vulnerabilities. This results in service disruptions or complete outages.

A Distributed Denial of Service (DDoS) attack involves multiple systems attacking a single target,
making it harder to defend against.

LOIC (Low Orbit Ion Cannon): LOIC is an open-source DoS tool that is widely known for being easy to
use. It was initially created for testing purposes but has been used in various cyberattacks. LOIC
works by sending a large amount of traffic to a target server to exhaust its resources, leading to the
server becoming unavailable to legitimate users.
 How LOIC Works:
o LOIC can send TCP, UDP, or HTTP flood requests to a server, overwhelming its
resources.
o It provides a simple graphical user interface (GUI) for users to input the target IP
address, port, and other settings.
o LOIC is often associated with Botnets in DDoS attacks, where it can be used in
conjunction with other compromised systems to attack a target.
 LOIC Features:
o Allows for multiple attack types (TCP, UDP, HTTP).
o Simple GUI that is user-friendly for attackers with minimal technical
knowledge.
o Supports both manual and automated attacks.
 LOIC Attack Process:
1. Set the Target IP Address and the Port to attack.

2. Choose the attack method (TCP, UDP, HTTP).

 o It is important to understand the risks and consequences associated with using such
tools, as they are illegal in most jurisdictions.

Practical Demonstration (for educational purposes only)

Requirements:
 LOIC and HOIC tools installed (both tools are available for download from open-source
repositories).
 A controlled environment for testing (e.g., your local network or a dedicated test
server).

Note: It is critical to understand that using LOIC or HOIC against systems or networks that you do not
own or have explicit permission to test is illegal and unethical.

Step 1: Using LOIC for a DoS Test

1. Download and run LOIC on a local machine or test server.

2. Set the Target IP to a server you control (e.g., your local web server) and specify the Port.

3. Select the Attack Method (e.g., TCP/UDP/HTTP).

4. Click on the Fire button to initiate the attack.

5. Monitor the server’s response to see if the traffic overloads the system and causes service
degradation.

Step 2: Using HOIC for a DoS Test

1. Download and run HOIC on a local machine.

2. Input the Target URL and Port.

3. Configure the number of Threads and attach one or more Boosters for increased traffic.

4. Click on the Attack button to start the attack.

IES COLLEGE OF TECHNOLOGY, BHOPAL
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

LAB FILE

Student Name : Shruti Shrivastava

Roll No : 0177CY221047

Subject : Network Security

Subject Code CY 503

: Branch COMPUTER SCIENCE & ENGINEERING

: 5TH
Semester
:

IES College of Technology, Bhopal

Department of Computer Science & Engineering

Rajiv Gandhi Proudyogiki Vishwavidyalaya, Bhopal