1. 13 May 2023
1
Mentored by: Mr.
Dhairya Shah
Presented by: Kunj Joshi
Roll No.: 19BCP072
Major/Comprehensive Project Interim Presentation-1
on
Automated Security Tool with GUI for Websites
3. ABSTRACT
➢ Security is an important aspect in any website deployment in today’s age. An insecure website can lead to
various attacks and losses on behalf of company, such as financial losses, data losses etc. to name a few. It is
very important for a company to reinforce its website with latest methodologies and security measures to stop
such losses and attacks from happening. Many security measures can be checked upon using manual
methods, but several security measures can be automated. The tool being created, takes up eight such security
measures and automates them using Python. The tool is available in both: GUI and CLI format. The eight
modules covered include: SQL Injection detection, Network Analysis, Keyloggers, Malware Detection, Data
Loss Prevention, SSL Certificate Analysis, Data Protection and Website Phishing Detection. All these
security measures when strictly imposed, can either prevent an attack or lessen the damages caused by a
cyberattack. The tool uses different aspects of Computer Science such as OOPS concepts, Machine Learning,
Data Science, Networking, Logging and File Management to implement each and every aspect in the least
time complexity possible. The tool also introduces to two new algorithms, created by the user for Hashing
and Encryption of data and also analyses the strength of current security features implemented in a system.
13 May 2023
3
4. INDUSTRY INTRODUCTION
➢ Founded in 2012, VeriFast Technologies is the leader in ASIC Verification Training and Consulting. Our training
programs are designed for entry-level to seasoned engineers, and they are great for individuals and teams. Our
training programs and consulting expertise is in ASIC Verification with an intense focus on SystemVerilog and UVM.
Our clients range from semiconductor giants to startups.
➢ The internal division of the technical team is done into two parts: Hardware Team and Software Team. The Software
team is responsible for managing all web related, OS related and Network related queries. The Software Team is led
by Mr. Dhairya Shah, who completed his Bachelors in Technology in Computer Science in 2013. He has been
working with VeriFast Technologies since 2015. The other team members include Mr. Prayag Bhanderi who
completed his Bachelors in Technology in Computer Engineering and Communications in year 2020 and Mr. Yash
Pamnani who completed their Bachelors in Technology in Information Technology in year 2020.
➢ The creation of an automated Security Tool with GUI and CLI functionalities has been a relatively new idea and new
implementations are being considered everyday. More security aspects can also be implemented in the future. VeriFast
Technologies is also focused on Training young enthusiasts for the field of Cybersecurity and spreading Awareness
through Campaigns and Hosted Talks.
4
5. PROJECT OVERVIEW
➢ The Project is currently under development phase. It is focused on implementing 8 Modules of Security
Aspects and each Module development is considered as a Development Phase of the Project. The Modules
are as follows:
1) SQL Injection Detection
2) Network Analysis
3) Malware Detection using Machine Learning
4) Keylogger
5) Data Loss Prevention
6) Website Phishing Detection using Machine Learning
7) SSL Certification Analysis
8) Data Protection
13 May 2023
5
6. OBJECTIVES
➢ The objectives of the project are the combined objectives of each module. Currently, the project is focused on
producing these ten objectives, based on the modules being worked upon:
1) Detecting SQL Injection with conformity in a Login Page, having fields such as Username and Password.
2) Producing a data dump of a network connection between a device and another device/ hosted website.
3) Detecting whether a file or a program is malicious or not by using the file’s metadata, permissions, storage
capacities, hash etc. in Machine Learning Algorithms.
4) Deploying a Keylogger in a device to record and analyze keystrokes used by the device
5) Creating a safe and secure Backup of all the data at timely intervals to lessen the damage in case of a
Cyberattack
6) Detection of leaked data relating to the industry, such as mobile numbers, emails, passwords etc.
13 May 2023
6
7. OBJECTIVES(CONTD…)
7) Detecting a Malicious website based on its URL contents and Webpage contents using Machine
Learning techniques
8) Analyzing a website’s security standards by its SSL Information and creating alert technology to renew
the SSL Certificates before its expiry date
9) Creating a safe and secure data transmission method using Encryption and Decryption technology. It
also introduces a new Encryption algorithm, currently under development
10) Creating a safe and secure data storage using Hashing technology. It also introduces to a new Hashing
algorithm, currently under development.
7
8. PROJECT STAGES & CURRENT
STAGE
➢As discussed earlier, each module is being independently considered as one
development phase, hence creating eight different development phases.
There are submodules in many modules as well, which are considered as
subphases of development.
➢Currently, 2 phases of the development have been completed and the third
phase of development is currently under progress. The modules of SQL
Injection Detection and Network Analysis have been implemented.
➢Work on Malware Detection is under progress.
13 May 2023
8
9. METHODOLOGY
➢The methodology of the work is simple. Each module is implemented
independently and then all the modules are integrated as one huge project.
The programming language used is Python and Flask. Web Development
Languages such as HTML and CSS are also extensively used.
13 May 2023
9
11. METHODOLOGY
(CONTD…)
The first module implemented was SQL Injection Detection. It used a Bruteforce Approach
by brute forcing the Username and Password, with a Panel Bypass dataset (provided by
the company).
11
13. METHODOLOGY
(CONTD…)
The second module implemented was Network Analysis. It had two submodules: Network
Scan And Network Capture. Network Scan works on IP Addresses and finds open ports
and services in the address.
13
15. METHODOLOGY
(CONTD…)
The second submodule of Network Analysis is Network Capture which works on URLs. It
intercepts a URL Request and captures the Network Dump in a JSON format. The JSON is
then parsed to produce the output details.
15
17. WEBSITE PHISHING
DETECTION
• Website phishing refers to the act of creating fraudulent websites that mimic legitimate ones to
deceive users and obtain their sensitive information, such as login credentials, credit card details, or
personal data. Phishing websites are designed to appear authentic, often using similar logos, layouts,
and URLs to trick unsuspecting individuals into entering their confidential information.
• Phishing attacks typically involve sending deceptive emails or messages that prompt users to visit the
phishing website. These messages often mimic official communication from trusted sources, such as
banks, online services, or social media platforms. Once users land on the phishing website, they may
be prompted to provide their login credentials or other sensitive information, which is then captured
by the attackers.
• Website phishing can have severe consequences, including identity theft, financial loss, and
unauthorized access to personal accounts. To protect against phishing attacks, users should be
cautious when clicking on links in emails or messages, verify the authenticity of websites by checking
for secure connections (https://), and avoid providing sensitive information on suspicious or unfamiliar
websites.
• Additionally, organizations can implement security measures such as anti-phishing filters, user
education and awareness programs, and multi-factor authentication to mitigate the risks associated
with website phishing. Regular monitoring and prompt takedown of reported phishing websites are
also essential to minimize the impact on users.
17
19. KEYLOGGER
• A keylogger is a type of software or hardware device that records the keystrokes typed on a
computer or mobile device. It is designed to capture and log all keyboard inputs, including
passwords, usernames, messages, and other sensitive information. Keyloggers can be either legitimate
or malicious, depending on their intended use.
• Legitimate Use:
• In certain scenarios, keyloggers can serve legitimate purposes, such as:
• 1. Monitoring employee activity: Some organizations use keyloggers to monitor employee computer
usage for security, productivity, or compliance purposes. This may be done to ensure that employees
are not engaging in unauthorized activities or to detect potential security breaches.
• 2. Parental control: Keyloggers can be used by parents to monitor their children's online activities,
ensuring their safety and protecting them from potential threats or inappropriate content.
• 3. Law enforcement and investigations: Keyloggers may be utilized by law enforcement agencies or
in investigations to gather evidence or track suspicious activities.
19
21. DATA LEAK PREVENTION:
AUTOMATED BACKUP
• Automated backup refers to the process of automatically creating and storing copies of data or files
at regular intervals without requiring manual intervention. It is an essential practice to ensure data
protection, minimize the risk of data loss, and facilitate data recovery in the event of system failures,
accidental deletion, or other unforeseen incidents.
• Automated backup systems employ specialized software or tools that schedule and perform backups
according to predefined settings. These settings can include the frequency of backups, the specific
files or directories to be backed up, and the destination where the backup copies will be stored, such
as external hard drives, network drives, cloud storage, or remote servers.
• To implement automated backup, it is important to choose appropriate backup software or tools that
align with your specific requirements. Consider factors such as backup frequency, storage capacity,
security features, and ease of use. Regular monitoring of the backup process and periodic testing of
data restoration procedures are also recommended to ensure the integrity and effectiveness of the
backup system.
21
23. DATA LEAK DETECTION:
PASSWORD LEAK
• Detecting password leaks involves monitoring and identifying instances where user passwords have
been compromised or exposed. Here are some methods and best practices for detecting password
leaks:
• 1. Data breach notifications: Stay informed about data breaches and security incidents through
reputable sources. Organizations that experience breaches often provide notifications to affected
users. Keep an eye on these notifications and take appropriate action if your account information is
compromised.
• 2. Password breach databases: Check online databases or services that aggregate and index leaked
passwords from various data breaches. These databases allow you to search if your password has
been exposed. Examples include Have I Been Pwned (https://haveibeenpwned.com/) and similar
services.
• 3. Two-factor authentication (2FA): Enable 2FA for your online accounts whenever possible. This adds
an extra layer of security by requiring a second form of authentication, such as a unique code sent to
your mobile device, in addition to your password. If someone attempts to use your password without
the second factor, access will be denied.
23
25. SSL CERTIFICATION
ANALYSIS
• Analysis of SSL certification involves evaluating the security and trustworthiness of a website's SSL
(Secure Sockets Layer) certificate. Here are key aspects to consider during an SSL certificate analysis:
• 1. Certificate Authority (CA):
• 2. Certificate validity
• 3. Certificate type
• 4. Encryption strength
• 5. Certificate chain
• 6. Trust indicators
• 7. Certificate revocation
• 8. Mixed content
• 9. Vulnerability scanning
• By thoroughly analyzing these aspects of an SSL certificate, you can assess the security and reliability
of a website's encrypted connection and ensure a safer browsing experience for users.
25
27. CRYPTOGRAPHY AND
HASHING
• Cryptography and hashing are two important concepts in the field of computer security and data
protection. While they both involve the transformation of data, they serve different purposes and
have distinct applications.
• Cryptography:
• Cryptography is the practice of securing communication and data by converting it into a form that is
unreadable to unauthorized individuals. It involves the use of encryption algorithms and keys to
encode and decode information. The primary goals of cryptography are confidentiality, integrity,
authentication, and non-repudiation.
• Encryption: Encryption is the process of converting plain, readable data (plaintext) into an
unreadable form (ciphertext) using an encryption algorithm and a unique encryption key. The
ciphertext can only be decrypted back into plaintext by someone possessing the correct decryption
key. Encryption ensures that even if an unauthorized person gains access to the encrypted data, they
will not be able to understand its content.
• Hashing is a one-way process that converts data of any size into a fixed-size string of characters,
called a hash value or digest. Hash functions are designed to be fast and efficient, producing unique
hash values for different inputs. The primary purpose of hashing is to verify data integrity and securely
store passwords.
• In summary, cryptography is used to protect data during transmission or storage, ensuring
confidentiality and integrity, while hashing is used for data integrity verification and password storage.
Both cryptography and hashing play crucial roles in securing information and maintaining privacy in
various applications and systems.
27
29. CONCLUSION
➢Security is an important aspect in today’s world. To avoid losses, industries
must abide to Cybersecurity practices. Having an automated tool which can
produce efficient results in Cybersecurity aspects is a necessity. This tool
will be able to help the industry by avoiding data loss and securing data. The
tool will upgrade the cybersecurity features in a company’s repo to latest
cybersecurity practices. The tool can be used to detect and patch
vulnerabilities or analyze weak points in a website. Hence, this tool can
revolutionize the Cybersecurity Automation Sector as well.
13 May 2023
29