Ditutup

Penetration Testing 01

Objectives

1. Analyse the given operating system for vulnerabilities.

2. Exploit all discovered vulnerabilities to gain root access to the operating system.

3. Produce a report summarizing your penetration testing processes and findings.

Preparation

You are given a VMWare virtual machine containing a potentially vulnerable operating system. The coursework is to apply the techniques discussed in lectures and labs over previous weeks to find and exploit as many vulnerabilities as you can. You will need to take contemporaneous notes and produce a report based upon the techniques you used as well as the results of your exploitations.

You will need to download a compressed file ([login to view URL]) from here. This server is visible from any machine behind the DMU firewall, ie [login to view URL], or by “tunnelling in”. This file is not available from any other server/location.

In the compressed file is a Virtual Machine containing a complete operating system. You will need to extract the folder containing the VM files to your HD. You will need VMPlayer (or VMWare Workstation) to run the Virtual Machine containing the web-application. VMPlayer is available to download from:

You should have VM Player/Workstation installed on your caddy for working in the forensic labs. You could also work with the vulnerable Virtual Machine on your own machine. You will not be able to use your coursework VM images on the machines in the general DMU labs. NB this VM may work with VirtualBox, but that is at your own risk.

Scope

You are to plan and execute a penetration test of the computer system hosted in the VM, following a formal, recognised methodology. Which methodology you choose is up to you, but you must give a brief rationale as to why you have selected it.

The scope of the test is limited to the IP address of the VM, and to any discovered open ports.

Submission

You have to submit a single document with a word count of between 2000 and 4000 words, excluding appendices. You must display the word count figure on your title page.

Your report will include (as a minimum) a title page, introduction and summary.

The content of your report will contain:

1. Brief rationale of the chosen methodology.

2. Details of the vulnerabilities you have discovered. Screenshot.

3. Descriptions of the exploits you used to exploit the discovered vulnerabilities.

4. Details of unsuccessful tests.

5. The process and techniques you used, including the tools and commands used.

6. Possible mitigations for each of the vulnerabilities.

Kemahiran: Cisco, Keselamatan Komputer, Keselamatan Internet, Pentadbiran Rangkaian, Sekuriti Web

Lihat lagi: python pentesting tutorial, sans penetration testing poster, penetration testing blogs, pen testing rig, learning python web penetration testing pdf, python web penetration testing cookbook, sans penetration testing curriculum poster, sans penetration testing blueprint, penetration testing india, penetration testing karachi, risk assessment penetration testing services india, penetration testing projects, penetration testing pakistan, penetration testing bangalore, penetration testing roma, site penetration testing, penetration testing project, penetration testing sql server 2005, penetration testing united arab dubai, india penetration testing companies

Tentang Majikan:
( 0 ulasan ) Singapore, Singapore

ID Projek: #17963672

10 pekerja bebas membida secara purata $213 untuk pekerjaan ini

mdakteruzzaman

Hi, I have been working as Network Analyst more than 10 years. I became CCNP, RHCE 3 years back. Earlier I completed B.Sc. Enng and M.Sc. Engg both in computer engineering. Hire Network professional not only write Lagi

$333 SGD dalam 6 hari
(65 Ulasan)
6.0
AhmadSameer

Hello !! How are you? I have been in the Cyber Security arena for years. I had done tons of similar projects on Computer Security and Penetration Testing. I'm a former black hat hacker as well. I can hel Lagi

$250 SGD dalam 3 hari
(29 Ulasan)
4.7
donhuan

Dear Hiring Manager I am an expert in Information Security. I have a lot of experience on network, web application penetration testing and writing lecture. With 8-year experience in these fields, I can guarantee to Lagi

$333 SGD dalam 3 hari
(2 Ulasan)
1.4
rxrkrx

I have Knowledge in Penetration testing and Ethical Hacking. I have also performed Penetration tests for several clients. Mostly I have tested Web Applications and Servers. I can do your work. Relevant Skills and Ex Lagi

$155 SGD dalam 3 hari
(0 Ulasan)
0.0
synjfreelance

Hello Sir/Ma'am, We are SYNJ Intel Services And Solutions Pvt. Ltd, a Ahmadabad based company working towards excellence in the Cyberspace, and believe in pursuing business through Cyber Defense, Cyber Warfare Innov Lagi

$172 SGD dalam 10 hari
(0 Ulasan)
0.0
ujjwal0612

I have technical and anaytical skills, with experience in cloud computing & virtualization, data analysis, database management, information system support, security, network & server support. My skills also encompass Lagi

$111 SGD dalam 3 hari
(0 Ulasan)
0.0
talktosuleman

GOAL: DON’T PAY, UNTIL WE DO NOT HACK! Hi, As per your requirement, I am the best match. Currently, I am heading the “Red Team (Penetration Testers), at one of the largest Banks in Asia. We have successfully by passe Lagi

$166 SGD dalam 3 hari
(0 Ulasan)
0.0
$111 SGD dalam 5 hari
(0 Ulasan)
0.0
DannyGonzalez21

Hello, to help you with this work I propose my methodology used: 1. Introduction 2. Objective 3. Work methodology 4. Scope 5. Analysis and treatment of Risks 6. Analysis of detected vulnerabilities 7. Results Lagi

$277 SGD dalam 2 hari
(0 Ulasan)
0.0
$222 SGD dalam 3 hari
(0 Ulasan)
0.0