Unit 5
🎯 Unit 5 Overview
Unit 5 covers common security tools and vulnerability concepts used in information security.
This unit includes spoofing tools, footprinting tools, vulnerability scanning, NetBIOS enumeration,
steganography tools, trojan detection tools, DoS attack tools and packet sniffing tools.
Exam Tip: Footprinting, vulnerability scanning, steganography, packet sniffing, trojan detection and DoS attack tools are important short and long answer topics.
🛡️ Security Vulnerability
A vulnerability is a weakness in a system, network, software or security policy that can be exploited
by an attacker to gain unauthorized access or disturb services.
Examples
- Weak passwords
- Outdated software
- Open ports
- Misconfigured server
- Unpatched operating system
- Insecure network services
👣 Footprinting Tools
Footprinting is the first phase of security assessment where information about a target system,
network or organization is collected.
Information Collected
- Domain name details
- IP address range
- DNS information
- Email information
- Server details
- Network structure
Purpose
- Understand target environment
- Identify possible weak points
- Prepare for security testing
🎭 Spoofing Tools
Spoofing means pretending to be another trusted user, device or system. Spoofing tools are used
to test whether a system can detect fake identity or forged network information.
Types of Spoofing
- IP spoofing
- Email spoofing
- DNS spoofing
- MAC spoofing
- Website spoofing
Spoofing ka main idea hota hai fake identity create karke system ko deceive karna.
🔍 Vulnerability Scanning Tools
Vulnerability scanning tools automatically scan systems and networks to find security weaknesses.
These tools help administrators fix problems before attackers exploit them.
Functions
- Detect open ports
- Identify outdated software
- Find weak configurations
- Detect known vulnerabilities
- Generate security reports
Advantages
- Improves security posture
- Helps in risk management
- Supports compliance checking
- Reduces manual checking effort
🖥️ NetBIOS Enumeration
NetBIOS enumeration is the process of collecting information from Windows systems using NetBIOS services.
It may reveal useful information about network shares, users and machine names.
Information Found
- Computer name
- Domain name
- Shared folders
- User accounts
- Network resources
In exams, write NetBIOS enumeration as information gathering technique in Windows-based networks.
🌐 NetView
NetView is a Windows command used to display shared resources, computers and domains available
in a network.
Uses
- View computers in a network
- Check shared resources
- Identify accessible network systems
- Support basic network administration
🖼️ Steganography Tools
Steganography is the technique of hiding secret data inside another file such as image, audio,
video or document.
Difference Between Cryptography and Steganography
| Cryptography |
Steganography |
| Converts message into unreadable form. |
Hides the existence of message. |
| Anyone can see encrypted data exists. |
Hidden data is not easily visible. |
| Focuses on secrecy of content. |
Focuses on hiding communication. |
| Example: AES, RSA |
Example: hiding text inside image |
Applications
- Secret communication
- Digital watermarking
- Copyright protection
- Secure information hiding
🐴 Trojan Detection Tools
A Trojan is a malicious program that appears useful but performs harmful activities in the background.
Trojan detection tools identify and remove such malicious programs.
Signs of Trojan Infection
- System becomes slow
- Unknown processes running
- Unexpected network activity
- Files are modified or deleted
- Unauthorized remote access
Prevention
- Install trusted antivirus
- Keep software updated
- Avoid unknown downloads
- Do not open suspicious attachments
- Use firewall protection
💥 DoS Attack Tools
Denial of Service attack attempts to make a system, server or network unavailable by sending
excessive traffic or requests.
Types of DoS Attacks
- Flooding attack
- Application layer attack
- Protocol attack
- Distributed Denial of Service attack
Protection Methods
- Traffic filtering
- Rate limiting
- Firewall rules
- Load balancing
- Intrusion detection and prevention
📡 Packet Sniffing Tools
Packet sniffing means capturing and analyzing network packets travelling through a network.
It is used by administrators for troubleshooting and by attackers for stealing information.
Uses
- Network troubleshooting
- Traffic analysis
- Security monitoring
- Protocol analysis
- Detecting suspicious traffic
Risks
- Password stealing
- Data leakage
- Session hijacking
- Privacy violation
🧰 Security Tools Summary
| Tool Category |
Main Use |
| Footprinting Tools |
Collect target information |
| Spoofing Tools |
Test fake identity attacks |
| Vulnerability Scanning Tools |
Find system weaknesses |
| NetBIOS Enumeration Tools |
Collect Windows network information |
| Steganography Tools |
Hide secret data inside files |
| Trojan Detection Tools |
Find and remove trojans |
| DoS Detection/Testing Tools |
Analyze service availability risks |
| Packet Sniffing Tools |
Capture and analyze network traffic |
⚠️ Ethical Use of Security Tools
Security tools should be used only for learning, testing your own systems, college labs,
authorized security testing and defensive purposes.
- Do not test on public websites without permission.
- Do not access someone else's system.
- Use tools only in legal and ethical environments.
- Always take permission before security testing.
⭐ Important Questions
- What is vulnerability? Explain common system vulnerabilities.
- Explain footprinting and its purpose.
- Write short note on spoofing tools.
- Explain vulnerability scanning tools and their functions.
- Explain NetBIOS enumeration.
- Write short note on NetView.
- Explain steganography and its applications.
- Differentiate between cryptography and steganography.
- Explain trojan detection tools.
- Explain DoS attack tools and packet sniffing tools.
🔥 Last Minute Revision
- Vulnerability = system weakness.
- Footprinting = target information gathering.
- Spoofing = fake identity attack.
- Vulnerability scanning = automatic weakness detection.
- NetBIOS enumeration = Windows network information collection.
- Steganography = hiding secret data inside normal file.
- Trojan looks useful but works maliciously.
- DoS makes service unavailable.
- Packet sniffing captures network packets.