During my studies a few of the courses I took involved ethical hacking in some form, which helped me gain a deeper understanding of cybersecurity. My ethical hacking courses covered essential concepts and techniques used to identify and mitigate security risks. In particular, my CYSE 450: Ethical Hacking and Penetration Testing course taught me the fundamentals of penetration testing, network security, and vulnerability assessment. CYSE 450 and other courses not only helped me understand the tools and methodologies used by ethical hackers by approaching cybersecurity problems from a hackers point of view while maintaining my ethical responsibilities.

Section 1:

One instance of hacking I learned was in Linux for cybersecurity class, where we were taught password cracking. In this assignment I used John the ripper with a text file containing thousands of common passwords to crack the passwords of dummy accounts I created.

Section 2:

In this assignment, I learned about steganography by embedding a secret message into an image using Kali Linux. I created a text file with a hidden message, downloaded an image, and used the steghide command to embed the text file into the image. I then verified the integrity of the files using the md5sum command.

Section 3:

In this assignment, I demonstrated web application vulnerabilities by bypassing the login screen with an SQL injection, creating a backdoor user account, and hijacking customer accounts by resetting their passwords. I also performed an XSS attack by injecting a malicious script into a product’s name, triggering a pop-up when a victim viewed the product page. This exercise highlighted the risks of SQL injection and XSS attacks in web applications..