MAL3018 COMPUTING PROJECT

Permanent URI for this collection

https://digitallibrary.peninsulacollege.edu.my/handle/123456789/1083

Browse

Recent Submissions

Now showing 1 - 5 of 12
  • Thumbnail Image
    Item
    Filpal Nexus (USB Management System)
    (PCN, 2025-05-06) Goh, Vincent Kah Fung
    In collaboration with Filpal (M) Sdn Bhd, this project addresses the critical security risks posed by USB devices, such as data breaches, malware propagation, and unauthorized access. The project focuses on the development of a USB Whitelisting Application designed to enhance endpoint security by allowing only authorized USB devices to connect to a system while blocking all others. The application is developed using C# and implements a robust whitelisting mechanism that identifies USB devices using their unique Vendor ID and Product ID. It features a real-time monitoring system that verifies connected devices against a predefined whitelist, ensuring compliance with security policies. The project includes an intuitive Windows Forms interface for user-friendly operation and an administrative panel for managing whitelist policies, viewing logs, and generating reports. The application’s backend logic is implemented in C#, ensuring seamless integration with Windows operating systems and providing scalable solutions for small to large enterprises. This project not only strengthens Filpal’s cybersecurity framework but also offers a practical solution for organizations seeking to mitigate USB-related security risks. Testing and evaluation demonstrate the application’s effectiveness in preventing unauthorized USB access while maintaining ease of use for approved devices. This collaborative effort contributes to the field of cybersecurity by providing a reliable tool for USB device management, with potential applications in corporate, educational, and government environments.
  • Thumbnail Image
    Item
    Smart E-Commerce Platform for Plastic Household Products and Vendor Supplies
    (PCN, 2025-05-06) Tan, Jia Tian
    I created my website live and publicly available online using Vercel, a cloud platform for web application deployment. Here is a quick rundown of the procedure. Local Website Development: Using common web technologies like HTML, CSS, and JavaScript, I built the front end. On my local computer, I tested and improved the website. Code Uploaded to GitHub: In order to enable automated deployment, I uploaded my project files to a GitHub repository, which Vercel can immediately integrate with. Vercel deployment: I linked the GitHub repository to Vercel. Vercel constructed and launched the website instantly after it was linked. Future updates are automatically reflected on the live site when they are pushed to GitHub. Lack of Backend or Database Link: Although the frontend is operational and live, platform constraints prevent the backend or database (such as MongoDB or a Node.js server) from being linked at this time. Only the client-side features are presently displayed on the website. Here is my live website: https://project-website-sepia.vercel.app/
  • Thumbnail Image
    Item
    YoInspector: An Automation Pentesting tool
    (PCN, 2025-05-06) Muhammad Sahif As Sani
    This project, titled YoInspector, focuses on developing a command-line-based penetration testing automation tool using Python. It specifically targets two widely exploited vulnerabilities: Android Meterpreter Reverse_TCP and Windows SMB MS17-010 (EternalBlue). Both vulnerabilities are critical due to their widespread impact on Android devices and Windows systems, respectively. YoInspector aims to automate the processes of payload generation and exploitation through the integration of the Metasploit framework, a leading platform in penetration testing. Android Meterpreter Reverse_TCP is a commonly used attack vector, enabling unauthorized access to Android devices by establishing a reverse TCP connection. The exploit is significant in cybersecurity research and real-world attack simulations due to its versatility in testing mobile device vulnerabilities. Windows SMB MS17-010, known as EternalBlue, was famously used in the WannaCry ransomware attack in 2017. It exploits a critical flaw in the Windows SMB protocol, enabling remote code execution on vulnerable systems. Automating these attacks allows for a deeper understanding of their mechanisms and provides a streamlined method for cybersecurity practitioners to test their systems against these threats. This project builds on the foundation of existing penetration testing tools but fills a critical gap by focusing on lightweight automation for specific vulnerabilities. Tools like AutoSploit and Cobalt Strike offer broader automation but are either limited to generalized attack scenarios or are prohibitively expensive. YoInspector, in contrast, is open-source and caters specifically to Android and Windows vulnerabilities, ensuring cost-effectiveness and precision. The significance of this project lies in its ability to balance technical functionality with accessibility, making penetration testing more approachable for a diverse range of users. The inclusion of ethical guidelines and disclaimers further ensures that the tool aligns with responsible cybersecurity practices. As the threat landscape continues to evolve, tools like YoInspector play a vital role in equipping individuals and organizations to proactively address vulnerabilities in their systems. By integrating the Metasploit framework, the project provides users with a powerful and flexible toolset for ethical hacking. Its emphasis on automation not only simplifies the testing process but also highlights the importance of innovation in cybersecurity education and practice. With its focus on Android and Windows platforms, YoInspector demonstrates the potential to bridge the gap between complex penetration testing frameworks and accessible, targeted solutions for cybersecurity challenges.
  • Thumbnail Image
    Item
    SHIPMATE: Students Peer-to-Peer Service System
    (PCN, 2025-05-06) Ng, Man Yew
    This report presents Shipmate, a web-based peer-to-peer service platform designed specifically for students of The Ship Campus. The system allows users to offer and request services within a secure and student-verified environment. Key features include real-student verification, service listing, service application with status tracking, a messaging system, and an anonymous rating and review system. The project follows a structured Web Development Lifecycle (WDLC), encompassing research, design, implementation, and testing phases. It adopts client-server architecture using Next.js (React) on the frontend and Node.js with Express on the backend, with MongoDB as the database and Auth0 for secure authentication. Manual and automated testing were conducted to assess system reliability. Out of 21 manual test cases, 20 passed and 1 failed (non-real-time messaging). Additionally, all 31 unit tests for backend controllers passed successfully. While the system successfully delivers its core functions, some limitations such as the absence of real-time chat and admin role management were identified. Future enhancements are proposed to address these. The development of Shipmate has not only achieved its technical objectives but also contributed significantly to the developer’s growth in full-stack development, architectural planning, and resilience in overcoming personal and technical challenges.
  • Thumbnail Image
    Item
    ScholarChain: Blockchain-Driven Framework for E-Transcript Validation
    (PCN, 2025-05-06) Lim, Hon Sheang
    With the world becoming more digital and interconnected, authenticating academic qualificationsis still manual, takes time, and is vulnerable to forgery. ScholarChain seeks to solve this problem through a blockchain-based web application to safely provide, maintain, and authenticate academic transcripts. The system leverages Ethereum smart contracts on the Sepolia testnet to ensure data integrity, immutability, and transparency, while MongoDB Atlas supports scalable data storage. ScholarChain allows universities to issue tamper-proof transcripts, students to share verifiable academic records, and employers to authenticate credentials in real-time—eliminating the reliance on traditional paper-based verification. A key innovation in the system is the incorporation of gamification features, which award blockchain-based digital badges for academic achievements, enhancing student motivation and visibility of accomplishments. The system was developed using a modular architecture comprising frontend, backend, and smart contract layers and was subjected to rigorous functional, security, and performance testing. While limitations such as smart contract immutability, usability challenges for nontechnical users, and dependency on blockchain infrastructure were identified, ScholarChain demonstrates a secure and scalable foundation for transforming academic credentialing. Future work will focus on deploying to Ethereum Layer-2 solutions, enhancing gamification, implementing smart contract upgradability, and achieving cross-institutional interoperability.