 So hi guys, welcome to the course on Python Cyber Security. I'm Hanin and with me is Boyan and we are from Daman High School. Yes, so moving on to the next slide. So this will be the link that you guys can use to have access to all our codes that we will be using in the course. What are the possible cyber attacks, right? So one of which will be malware and then malware is a shorthand for malicious software which typically consists of code developed by cyber attackers designed to cause extensive damage to data and systems to gain unauthorised access to a network. So there are actually various cyber attacks possible and this was only one of them. The others would be SQL injection and phishing, yes. So which leads us to the main topic of cyber security. Why is cyber security? So cyber security is the protection of networks, devices and data from unauthorised access or criminal use and the practice of ensuring confidentiality, integrity and availability of information. So why must we protect ourselves from cyber security? All our data currently are stored online because of the prevalent users of the internet and then we store basically everything online because of convenience, right? So that's why it's important to ensure that we are safe on the cyberspace. So how do we protect ourselves from cyber attacks then? So ethical hacking is one of the ways where we can protect ourselves. Basically it's hacking performed by company or individuals to help identify potential threats on a computer or network. So moving on to the main gis of our course today, we're teaching you guys four different methods of how we can protect ourselves on the web. Namely, there are pod scanner, encryption, input data validation and key logger. So now we'll pass the time on to Boyan to explain more. So we'll be starting off with pod scanners. So pod scanning in Python is essentially just sending client request to each different pod of a specified IP address to check if that pod is open. So it's just like how a burglar, before going to burglar a house, he will actually go to the house and check if the door or the windows were open so that he can get in more easily. So in this case in Python, we'll be using sockets to send the client request to each of the pod in the IP address. So we'll start with a demonstration. Okay, so I will use IDLE for this. Okay, so first, yeah, we will import everything from socket module. So first we'll import everything from the socket module. Then next we'll import time so that we can know how long our program can run. So we'll start first with defining a start time, which is the current time of which when the time the program starts. Then we'll start with a run condition of the normal if name is equals to main. So first we'll ask the user for a target input IP address. Then next we will be changing the target given by the host to an IPv4 address through the get host by name function. And then next we'll be just printing a line to tell the user that the scan is starting. Okay, so next we'll be starting a follow-up of 50 to 60. The slides show 50 to 500 but because in this case we have a limited time and 50 to 500 will be too long, we'll just do 50 to 60. So first we'll initialise a socket with AFiNet and SocStream. Yeah, then we'll use the socket to connect to the IP address and the current port, which is specified in the follow-up. Yeah, then next we'll check if the connection is, if it's equals to zero, that means the connection has went through and thus the port is actually open. So we can print that the port number, this port is open. Yeah, then else that means the port is not open because we have gotten a message so we can tell the user that this port is closed. So next we'll close the socket so that in the next follow-up we can connect to the same IP address but in another port. Then lastly we will print out the time taken for this whole program to run which is essentially the time at the end of the program minus of the start time. Okay, then we will run this program. Yeah, and then the host to be scanned is... Yeah, so we will be scanning a test server by Nmap which is the scanme.map.org with the IP address of 45.33.32.156. Yeah, so it's starting to scan on the host. This can take a while as sockets are very, very slow. Yeah, so currently as you can see it's been quite a while and it has only sensed that two ports are closed. Okay, so we'll let it run in the background and then we will move to the next part which would be encryption in Python. So encryption in Python for encryption in Python we'll be using the hashlib module and we'll be teaching you how to encrypt your text string with a very widely used algorithm called SHA256. So we'll start with a demonstration. So first we'll create a new file on the idle so first we'll import hashlib then next we'll ask the user for an input and then we'll be defining result as the encryption of the SHA256 in the hashlib module. So we'll initialise it with a text.encode which encodes the string, which is text. And then we'll print out the result.hex digest which is the encrypted string with the SHA256 because printing result will only return a SHA256 object. So we will save it and run it. So we can try Hello World. As you can see, this is like the encrypted string through the SHA256 algorithm and you can see the previous program so the program stopped prematurely because we started running the encryption but it has scanned that from port 50 to port 58 of the test server for NMAT all these eight ports are closed. So now that we are done with port scanning and encryption we will be moving on to the next part which would be our input data validation. So I'm sure all of you have written programs before and that you have been asking users for their input and sometimes users may decide to input data that it's not what you want and this may cause errors in your program and result in your program stopping. So in this case, we'll be using the try and accept in Python where the try block let's us test a block of code for errors and the accept block let's us handle the error. So we'll be demonstrating how to use it. First, we'll start with a while true so that we can continuously ask the user for input if it does not accept it and then we'll start with a try and we will attempt to make the input of the user of their age into an integer. Next, we will do an accept value error because that is the error that occurs when something that is not a number is put into int. Then we'll print an error message and after that we will tell the program to continue running after there is a value error. So for the next condition we'll be using an if else to check if the age is a negative number. So if age is less or equals to zero we will also print out an error message. Then after this we will continue. We will tell the program to continue. Then else, this means that it has passed both conditions and we are ready to exit the loop and put in a break. So now that we have exited the while loop we will do our last check condition so if age is more or equals to 21 we can then we can tell the user that they are eligible to vote in Singapore and else we will tell the user that they are not. Okay, we will attempt to run this. So first we will try to input with a character A. So as you can see, it says that sorry I didn't understand that which means that it's the first condition, the try and accept condition that it did not fulfill and it outputted the error message. We could also try with a colon. It will output the same thing as the program is unable to make this string into an integer. So we can try now with a negative number of negative one. So this does not fulfill the second condition in the if else task it will still return another of the second error message. So now we can try 10 years old which means that this will not fulfill the last error message. Now we will run the program again to we will run the program again to with trying age 21 to show that they are eligible to vote with this input. Okay, so we will be, we are done with this part and we will be moving on to the last part of our workshop which is the keylogger. So first we will need all of you who are going to attempt this to pip install pyput. Yes, pip install pyput. Yes, has everyone succeeded in pip installing? Okay, sure. Okay, we shall walk around and see if anyone needs help. Does anyone need help? Oh no, it's spelled wrongly. It's pi N P U T. Okay, so Ember, are you fine? Okay, we shall now proceed on. So keyloggers can be used to allow, you can use it to run it in the background and see if anyone decides to use your laptop or devices without you knowing and you'll also be able to see what they have been attempting to look for on your devices without you knowing. So now we'll open a new file and start. So firstly, we will from pyput.keyboard import the key and listener. Next, we'll import the logging so that we can actually write to a file. Then we'll set the dog directory. So in this case, the log directory would be the directory that this file is currently in. So we'll be using the directory that our Python file currently is in as you can see is on the top of the save file. So you all should not be copying ours. You all should be saving it where you want to save it. Please key in the correct directory in a place where you can actually find the final output file. Yes, so for now, this is our directory. Is everyone done with keying in your own directories? Okay, then we'll move on with setting the configurations for our logging. So first, it will be logging.basic.config. We will be setting the file name to be equals to our log directory and then we will name our output text file to be keylog.txt. So the log directory will be where this text file will be saved in. Then next, we'll be setting the logging level to be logging debug so that we can actually read. Then lastly, the format would be of as time and message. If any of you cannot follow us, you all can go online to the Google Drive and you all can refer to the code there. So next, we'll be defining a function called onPress with the import of key which would be which would be detected when you press on the key on your keyboard. So we'll do a logging.info, shrink key which would actually let logging record the stroke of your key. Then lastly, we'll do the run. We'll make it run through with listener and set the condition of the function being true to itself. OnPress equals to onPress and name this as listener and then we'll make it join all the output from the keyboard together to write to the text file. Okay, we shall run this now. So it's currently running. Then we shall just open up a node pad file and then we shall just type random characters in there like hello world. So now that we have this then we shall go into the file and we shall go into the file directory where our program is stored. As you can see, there's a keylog.txt inside there and when we open it we can see that here this is what we have typed after the program has started running. So as you can see we have searched for node pad. We have typed in the hello world. So this can continue to run in the background and record all keystrokes that you have typed. So... Ya. So does anyone need help? Okay, sure. Y'all can refer to the drive but we can always... It's in the slides. So we shall show you the slides. The... Slides is at this sling. Yes, so this is where the slides is at. Y'all can access this drive to access our workshop video, our slides and all the program code. Sure. Y'all need any assistance? The O is the big one and zero is the small one. Yes. Y'all need any assistance in typing in the link? Okay, so for the benefit we shall copy it and go to TinyURL and make your lives much easier. Okay, so the TinyURL is tinyurl.com slash qp44s34. So has everyone managed to access the slides? Okay, so... Y'all still need the code for the keylogger or are you all able to view it for yourselves? Okay, go to the code. Ya, so this is the code for the keylogger. So since this is the last part of our workshop Y'all can actually try out different ideas and also the different parts of our workshop in different contexts like maybe the input data validation not in the age context but maybe in some other context like asking them to input their email. Ya. So does anyone need help in doing this? We shall come and help y'all. Is there any way that y'all can trigger an event to happen if let's say y'all press the A key of a click just by using a button? I think then if you are going to want that to trigger then I think when you read in the key at like I don't know I think it's at the string key there I think you can compare because let's go to the keylog. So as you can see each okay so as you can see in here each has a similar format so if you are able to compare this last string here to let's say equals equals A then you should be able to add in a specific event that occurs. Ya it depends on what you want to do that if you find how to do it I'm sure you can do it in Python you can do everything in Python so does anyone have any more questions if not that's all we have yes thank you