30 Days Cybersecurity Internship

Introduction to Cybersecurity: ethical vs illegal hacking, attack surface, mindset

Lab Setup: Kali Linux (VM), VirtualBox/VMware, basic Linux navigation (cd, ls, pwd)

Networking Basics (Hands-on): IP, DNS, ports; ping, traceroute, netstat

Linux Deep Dive: file permissions, users & groups, terminal practice

Web Basics for Hackers: HTTP/HTTPS, requests/responses, browser dev tools

Intro to Reconnaissance: passive vs active recon, WHOIS, DNS enumeration

Hands-on Recon Tools: Subfinder, Amass; task: find subdomains of a target

Port Scanning Basics: open ports & services; Nmap

Advanced Nmap: service detection, OS detection, NSE scripts

Directory Enumeration: find hidden paths; Gobuster

Subdomain + Directory Combo: map attack surface fully; practical target scanning

Intro to Web Vulnerabilities: OWASP basics, real examples

Burp Suite Basics: setup proxy, intercept requests; Burp Suite

Practice Lab: DVWA-style target; task: recon + scan report

SQL Injection (Hands-on): manual SQLi; sqlmap

XSS (Cross-Site Scripting): reflected & stored XSS; payload testing

Authentication Attacks: brute force basics; Hydra

File Upload Vulnerabilities: upload shells; bypass filters

Command Injection: execute system commands; reverse shell intro

Privilege Escalation Basics: Linux privesc; SUID, cron jobs

Practice Lab: full exploit chain on a lab machine

Project Brief: target vulnerable app, define scope, plan attack

Recon Phase: subdomain + DNS enumeration, collect data

Scanning Phase: Nmap + directory enumeration

Vulnerability Discovery: use Burp Suite to find bugs

Exploitation: exploit at least 1 injection and 1 misconfiguration

Post Exploitation: privilege escalation attempt, data extraction

Report Writing: summary, vulnerabilities, fixes

Presentation Prep: create PPT, explain attack flow

Demo Day: recon → exploit → report