i need video recording while attack is performed the attack name is dns spoofing or web xss
consists of two key components, with an additional step for graduate students to
complete. All students have been assigned a group and should be able to find the group information on
Blackboard. You should determine as early as possible what type of attack you would like to work on
and what each member’s role will be within the group.
Each group will need to decide upon a type of attack either from the list below or approved by me. You
will need to find an existing tool or solution which performs the attack in question and then write
python code using only standard python libraries and scapy. Your python script should detect when the
attack is taking place and provide key information about the attack, e.g. IP:port of attack/victim,
payload, etc. You can ask for permission to use other libraries, but are not guaranteed for approval.
Note that the exact nature of what data your script should be saving is dependant on the attack you
want to implement.
Graduate student groups will have an additional step where they will have to write a python script that
performs a version of the same attack as the existing tool/solution. For example, if you select ARP
Poisoning and found python code online which presented a solution for how to execute an ARP
Poisoning attack, you would need to research another method of performing an ARP Poisoning attack
and implement that. Note that with the abrupt shift to remote learning and the limited time remaining
in the semester I am not expecting a refined and complex exploit, but your script should illustrate the
basics of the network attack.
Note that if you are in the group of 3, to account for the additional person, you should find a
tool/solution which performs the same type of attack and run your code against that as well. Basically,
you should find two methods of performing the same attack and write a single script to detect each.
Setup – the setup of your system depends entirely on which attack you choose. You may only need a
single machine, you may need a Kali VM and Metasploitable VM, you may want at least 3 VM for some
attacks. Choose a setup which can best be used to illustrate how your chosen network attack works.
Step 1: Find and execute existing network attack solution while capturing network traffice, e.g.
Wireshark.
Step 2: Investigate the PCAP and other relevant data collected during the attack.
Step 3: Outline the details of the attack and how you intend to detect when it happens.
Step 4: Write a python script to raise an alert when the attack is detected.
Step 5: Include in your report screenshots demonstrating the output of the exploit and your python
script.
Step 6: Prepare a video where you narrate over a screen capture walking through your execution of the
exploit and your python script.
Step 7: (Grad Only) Research the attack and write a basic version of your own design in python.
Step 8: Submit a zip file with your report, video, and code
Suggested Types of Attacks:
Only one attack
•DNS spoofing