Scribd
Upload
16 views4 pages

Pits Lab Notes

Uploaded by

alin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views4 pages

Pits Lab Notes

Uploaded by

alin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

PRINCIPLE OF IT SECURITY

Lab#1: Social Engineering

​ VIDEO TUTORIAL: Phishing Analysis (Part 1)


​ URL
​ >> Tools:
1. VirusTotal Scanner:
- https://www.virustotal.com/gui/
2. Domain/IP Lookup:
- https://centralops.net/co/
- https://www.digwebinterface.com/
- https://www.whatismyip.com/ip-address-lookup/
3. https://www.onworks.net/programs/vm-online
​ >> Goals:
To analyze the malicious URLs and domains in order to get the following
information:
1. Geo-location (Country)
2. Domain Registration Information

VIDEO TUTORIAL: Website Cloning (Part 2)

URL
>> Tools:

1. HTTrack Web Copier: https://www.httrack.com/


2. Canary Token: https://canarytokens.org/generate
>> Goals:

To learn BOTH roles of Social Engineering attack: Attacker and Defender

1. Black Hat - Attacker (Offensive)


● Clone a website by using the HTTrack Web Copier
2. White Hat - Defender (Defensive)
● Detect and trace a cloned website by using the Canary Token
Lab#2: Encryption & Steganography

​ VIDEO TUTORIAL: Hashing


​ URL
​ To use HashCalc to do the following:
1. Calculate file hashes
2. Verify file integrity
3. Check file similarity

VIDEO TUTORIAL: Cipher

URL
1. https://rot13.com/
2. https://gchq.github.io/CyberChef/

VIDEO TUTORIAL: Steganography

URL

Part 1 Quick Stego and S-Tools :

Part 2 MP3steno/MP3stego steganography:

Part 3 spam mimic and morse code:


Lab#3: Malware Analysis

​ Video Tutorial: Static Analysis by Using Virus Total


​ URL
​ In this video, we learn three things about VirusTotal:
1. How to upload a file >> get any files in the artifact folder here
2. How to submit the URL to know if it is malicious >> get the URL from artifact
folder here. Filename: droiddreamUNIQ_anubis_anubis.txt
3. How to search for the File/URL by using the Hash Value >> get the hash value
from artifact folder here. Filename: hash value.txt

Note: Get the artifacts from the Tools and Artifacts folder here

Video Tutorial: Decoding Encrypted Malware URLs

In this video, we learned how to decode the encrypted URLs by using the Cipher ROT
technique and Base64 (with a customized index table).

1. List of URL: https://italeemc.iium.edu.my/mod/resource/view.php?id=50586


2. Python Code to Decode encrypted URL:
https://italeemc.iium.edu.my/mod/resource/view.php?id=50587
3. Python Online Editor: https://www.jdoodle.com/python-programming-online/

​ Dynamic Analysis by Using Hybrid Analysis


​ URL
​ 1. Follow the link to get the list of strings from the malware sample
​ 2. Decrypt the suspicious strings by using base64 (customized index table). Use the
same script.

​ List of URL extracted from Malware Sample


​ File

​ Python Code to Decode Encrypted Strings/URLs


​ File
Lab#4: Network Traffic Analysis

​ Video Tutorial: Network Analysis using Wireshark


​ URL

​ Video Tutorial: Decrypting Message from a PCAP


​ URL

​ Video Tutorial: Finding Malware from a PCAP


​ URL

​ Download Network PCAP here


​ File

​ Download 3 PCAP files for the following tasks:
● Extracting Username and Password from PCAP streams
● Decrypting Message from PCAP stream
● Finding Malware from a PCAP

​ REFERENCE: List of Service Name and Port NumberURL


​ Service names and port numbers are used to distinguish between different services
that run over transport protocols such as TCP, UDP, DCCP, and SCTP.

You might also like