Welcome to my official repository for the YoungDev Interns Ethical Hacking Remote Internship. This project documents my journey from a cybersecurity enthusiast to a practitioner, covering foundational, intermediate, and expert-level security tasks.
- Name: Daniyal Shahid
- Role: Ethical Hacking Intern
- Duration: 01 Month (Remote)
- Repository:
YoungDevInterns_EthicalHacking_Tasks
- Week 1: Foundations of Ethical Hacking
- [Week 2: Scanning, Enumeration & System Hacking]
- [Week 3 & 4: Exploitation & Web Security]
- Toolset & Technologies
- Connect With Me
The objective of this week was to establish a secure environment and understand the core language of the internet: Networking.
- Environment Setup: Installed Kali Linux on VirtualBox and deployed Metasploitable2 as a vulnerable target machine.
- Linux Mastery: Mastered CLI navigation, file permissions, and system administration.
- Networking Basics: Deep dive into TCP/IP, OSI Layers, DNS, DHCP, and packet structures.
- Reconnaissance: Explored Passive Recon (Whois, theHarvester) and Active Recon (Nmap).
- Performed network discovery using
ifconfig,ping, andtraceroute. - Captured and analyzed live traffic packets with Wireshark.
- Executed basic Nmap scans to map local network devices.
This week focused on finding "cracks in the armor" through advanced scanning and initial system hacking concepts.
- Advanced Scanning: Version detection (
-sV), OS fingerprinting (-O), and Nmap Scripting Engine (NSE). - Web Enumeration: Using Nikto, Dirb, and Gobuster to discover hidden directories and web vulnerabilities.
- System Hacking: Understanding password storage (hashes) and the mechanics of dictionary/brute-force attacks.
- Vulnerability Research: Mapping discovered services to CVEs and searching for exploits via Searchsploit.
- Cracked password-protected ZIP/PDF files using John the Ripper.
- Performed full enumeration on a vulnerable Linux system to identify exploitable services.
The final phase focused on the "Gain Access" and "Escalate Privileges" stages of a penetration test.
- Exploitation Frameworks: In-depth use of the Metasploit Framework (msfconsole) to launch payloads.
- Privilege Escalation:
- Linux: SUID bits, Cronjobs, and Kernel exploits.
- Windows: Unquoted service paths and Token manipulation.
- Web App Hacking: Study of the OWASP Top 10 (SQLi, XSS, CSRF).
- Interception: Using Burp Suite to modify HTTP requests in real-time.
- SQL Injection: Performed manual and automated SQLi using sqlmap.
- CTF Challenge: Successfully exploited a VulnHub VM (e.g., Mr. Robot) and escalated privileges to gain Root Access.
- OS: Kali Linux, Windows 10, Metasploitable2
- Network: Wireshark, Nmap, Hping3
- Web: Burp Suite, Nikto, Gobuster, SQLmap
- Exploitation: Metasploit, Hydra, John the Ripper
- Research: Exploit-DB, CVE Mitre, Shodan
Every task from this internship is shared on my professional networks to contribute to the community.
- LinkedIn: https://www.linkedin.com/in/daniyal-shahid-249a3b283
- Portfolio: https://daniyalshshidportfolio.netlify.app/
All activities documented in this repository were performed within a strictly controlled, legal, and authorized laboratory environment for educational purposes only. I do not support or engage in any unauthorized hacking activities.
#YoungDevInterns #EthicalHacking #CyberSecurity #PenetrationTesting #InfoSec #InternshipJourney