Penetration Testing Report Project

Project: Penetration Testing Report

(20 Points)

Don't use plagiarized sources. Get Your Custom Essay on
Penetration Testing Report Project
Just from $13/Page
Order Essay

Scenario You have been hired as a junior security consultant and have been tasked with performing an in-house penetration test to demonstrate your readiness to support the audit of a large corporate client that has employed your firm’s services. Conducting a penetration test consists of 1) planning the test, 2) preparing your test tools, 3) performing the test, 4) analyzing the data, and 5) writing up and communicating your findings. The project will document your notional penetration test.

Project OVERVIEW Your project will be submitted in four sections. The final deliverable will include all combined sections:

 Pre-Test: Deployment of attack tools and victim host (Week 2)  Testing (Mapping and Scanning): Mapping the target environment

and conducting a vulnerability scan (Week 4)  Testing (Exploitation): Gaining Access through a vulnerability

identified during the vuln scan (Week 6)  Analysis and Reporting: Communicating findings and providing

mitigation recommendation (Week 8)

Supporting Details The purpose of this project is to evaluate the student’s ability to:

 Build and deploy an attack OS (Kali Linux or other similar operating system (OS))

 Configure and deploy a victim host (Metasploitable, Broken Web Apps, Mutillidae, other exploitable OS or virtual machine (VM))

 Conduct a vulnerability scan  Research a hardware or software vulnerability  Discuss how the vulnerability can be exploited  Exploit the vulnerability  Evaluate the risk posed by this vulnerability  Provide a recommended compensating control to mitigate the


Students may choose to submit the project using one of two options – each option has pros and cons that students should evaluate before making their decision.



1. Local Lab: Requires access to a dedicated computer in which students have sufficient:

o access (continued access to the same machine for the duration of the course)

o permissions (administrative permissions to install software) o storage (minimum of 30 GB available to the student for VM

storage) o memory (minimum of 8 GBs) o bandwidth (downloading large VMs can take considerable

time even with high-speed Internet connections) 2. Remote Lab: Utilizes the online lab environment used to complete

the weekly course labs

Part 1 – Pre-Test: Deployment of attack tools and victim host (Week 2) PROJECT SECTION 1 DETAILS: The first part of your project consists of preparing and deploying your testing tools (the attack OS) and the vulnerable host that will serve as your attack target. Instead of requiring the use of two physical machines, we will utilize one physical machine and we will leverage virtualization software to install a hypervisor (VirtualBox, VMware, etc.) along with two (2) “guest” operating systems. For those new to virtualization, we are simply using our “host OS” (Window, Mac, Linux) and installing a virtualization “software application” that then allows us to run multiple OS’es on our “host OS” very quickly and easily. Many options exist that provide virtualized solutions, e.g., cloud-based (Amazon Web Services, Microsoft Azure, DigitalOcean, and many, many others) or local instances on our machines. Some hypervisors run as the “host OS” (‘bare metal’ like VMware ESXi – common in enterprise environments) or as hosted applications like VMware Fusion/Workstation, or Oracle VirtualBox. First you decide which “free” virtualization software you want to install (VMware or Oracle) – some may already have a preference, feel free to explore both options. If you are undecided, go with VMware.

As mentioned earlier, you have two options to choose from:

Option 1 – Local Lab 1. Virtualization Software. Choose your virtualization software

(either works fine and they are both free):  VirtualBox:

o (Links to an external site.)

 VMware Workstation Player: o




2. Attack OS/VM. Once your virtualization software is chosen, choose an attack OS to download. You will use Kali Linux in the lab environment and would likely be the most comfortable with that. However, you may download any “attack OS.” Other options include: Parrot OS, BackBox, BlackArch (advanced only – save yourself the pain and skip this one), and many others. Note: It will be much easier to download a pre-built VM instead of the .iso image option. Additionally, the pre-built images are specific to the virtualization software that you are using so choose accordingly.

 image-download/

3. Vulnerable Target OS/VM. You will need a victim machine to target and exploit. Download a virtual machine that you can attack. There are many options that are designed to help students practice their skills and learn to exploit vulnerabilities in an approved, educational manner. Keep in mind that these are inherently vulnerable and designed to be relatively easy to exploit. A recommended best practice is to not allow other machines outside of your “virtual network” to be able to communicate with them. There is a “NAT” network setting within your virtualization software that helps to isolate your “lab” systems from the other devices on your local area network. Many options exist, but here are a few:

 Metasploitable (also includes many of the ones below – the same as what is in the InfoSec labs). There are a few versions out there – go with “Metasploitable2” – it can be downloaded from: table2/ (Links to an external site.) or 2017.html (Links to an external site.)

 OWASP’s Broken Web Apps (includes WebGoat): wnload (Links to an external site.)

 DVWA (Web Application): .zip (Links to an external site.) .

 Bad Store (Web Application):,41/ (Link s to an external site.)

 VulnHub: Many options exist here – somewhat like a “capture the flag” with near limitless possibilities with new ones being added all of the time (Note: I would save these for after the class project – more for fun) (Links to an external site.)



4. If you need additional help installing Kali, please review Kali Linux Revealed for step-by-step instructions. There is also a course video during Week 2 that is very helpful


Option 2 – Remote Lab The previous option is definitely a lot of fun and helps develop a better understanding of the underlying architecture but, unfortunately, may not be a viable option for you depending on your circumstances. Option 2 can be done without having to install any software and consists of the student logging in to the InfoSec Learning labs to complete the project for the remainder of the project sections. In lieu of downloading , installing and configuring software, Option 2 Part 1, requires research into an online cloud hosting provider and the deployment of a virtual private server. This option also has some flexibility.

 Option 2A: Research and choose a cloud hosting provider and deploy a virtual private server that you can remotely access and configure. Install any “free” operating system on the cloud server. Typically, any Linux OS can be freely deployed without charge. Most, if not all, of the cloud hosting providers will require a credit card or PayPal account to verify identity and may charge a nominal fee ($1 or more). The submission requirement for this option is to take a screenshot of your newly created VPS with an open terminal window echoing (printing to screen) your name and date simply to show that you created it.

 Option 2B: Research three cloud hosting providers and compare and contrast their offerings in terms of a solution that you could use if you were to conduct your penetration testing from their cloud services. Consider costs for computing time, storage, access, security, etc. The research paper should be 1.5 – 2 pages in length with a minimum word count of 750 words.

Part 2 – TESTING (MAPPING AND SCANNING): Mapping the target environment and conducting a vulnerability scan (Week 4) PROJECT SECTION 2 DETAILS: The second part of your project has two parts. You may choose either Project Lab Option (“Local Lab” or “Remote Lab”) below to complete the following requirements:

 Part A: Identifying the target system through network discovery using at least two network discovery/mapping tools (e.g., Nmap,



Netdiscover, Arp-scan, etc.) to identify networks and targets. Identify what ports, services, and versions of software are running in the network environment.

 Part B: Additionally, you will need to complete a vulnerability scan against your target host to identify vulnerabilities that you can then use to exploit to gain administrative/root access in the following project section

Option 1 – Local Lab Choose any of the tools within your chosen Attack VM (Kali, Parrot OS, etc.) to map your network following the Part A requirements

Choose any vulnerability scanning software to download, install and configure (Open VAS, Nessus, etc.) complete Part B. You should be able to find free “personal/home use versions).” Configure a scan to run against your target host. If your target host is a deliberately vulnerable machine, you should find plenty of “critical/high” vulnerabilities to choose for your attack in the following project section.

Option 2 – Remote Lab You may choose to complete this portion of the project using the Infosec Learning Lab “Remote and Local Exploitation.” No software downloads are required, so just configure your tools and complete the scans. Follow the requirements in the Project Section 2 Details.



Part 3 – Exploitation: Gaining Access through A vulnerability identified during the vuln scan (Week 6) PROJECT SECTION 3 DETAILS: The third part of your project requires you to exploit a vulnerability of your choosing based on the previous section’s scanning. The exploit should be through a Metasploit Module or other open- source/commercial tool or custom script/code. Select your vulnerability carefully. You should thoroughly research your vulnerability before you start to exploit it – which is the same process you would use in a professional capacity. The vulnerability MUST RESULT IN GAINING SYSTEM/ROOT ACCESS on the target host. Compromised credentials (including no password or weak password) is not a sufficient vulnerability to exploit.



During the course labs, you will have completed labs that require you to exploit a vulnerability. You must choose an exploit that we have not done in class. I suggest doing a web search on “Metasploitable Walkthrough” for additional ideas on Metasploit modules that could be used (if you have selected Metasploitable as your vulnerable target), or research vulnerabilities specific to your vulnerable framework. Keep in mind that your vulnerability should have been flagged during the vulnerability scanning portion.

Option 1 – Local Lab Depending on your chosen vulnerable target host, you may have many more vulnerabilities to choose from. I recommend that you keep it simple and stick with a vulnerability that is well documented so there is sufficient write- ups and posts to follow. With that said, creativity and rigorous exploit research is always welcomed and appreciated.

Option 2 – Remote Lab Your choices are surprisingly not limited here. There are, of course, vulnerabilities in some of the web applications that will not show up in a vulnerability scan with a tool like Nessus due to what Nessus is actually looking at. With that said, web application vulnerabilities are a bit more complex than some of the other software vulnerabilities that are well documented for Metasploitable. I recommend you stick with a well- documented vulnerability.

Part 4: Analysis and Reporting: Communicating findings and providing mitigation recommendation (Week 8) PROJECT SECTION 4 DETAILS: The fourth part of your project requires you to provide a well written report documenting your results and reporting your findings and recommendations. The report should include the following:

 Vulnerability Research: Research the vulnerability and discuss the specifics. What does the software do and why does the vulnerability exist? You must explain the technical aspects of the vulnerability to get full credit. Remember: This is the research portion. Learn about the vulnerability and discuss it in your own words – do not simply copy and paste.

 Vulnerability Analysis: Describe the vulnerability in terms of complexity, access, privileges required, vulnerability scoring, etc. Reference the National Vulnerability Database (NVD) scoring. Explore the links associated with the vulnerability in the NVD. This



typically provides a lot of high-level and low-level technical details. The difference between this section and the vulnerability research section is that this should be specific to the implementation of the software and the existing environment. For example, does the vulnerability exist across all instances of this software or is it specific to a configuration or installation stack? Each vulnerability should have a CVE and CVSS score that will help provide additional context.

 Vulnerability Exploitation: Discuss the steps that were taken for the exploitation. Please provide the configuration of the script or the settings of the tool. To receive full credit for the exploitation, you need to show system-level access, root-level access, or admin-level access.

 Testing Detail: You need to show elevated access. If you cannot show root (or privileged access), choose another vulnerability. Run the following commands on the target machine once you have fully compromised it:

o id o hostname o run the hostname command on the compromised

machine and then re-run the hostname command (see figure below)

o whoami o One of the following commands: [ ifconfig ] |

[ ipconfig ]

Figure 1 Evidence of Exploitation

 Risk Assessment: Use this area to discuss what the risk represents to an organization. Would it change the risk if it were on a public-facing server as opposed to an internal server? What happens if this exploit were successful? Assume that the vulnerable software would be installed in a business environment, not your home lab network. Discuss the a few different risks that would be dependent on where and how the vulnerable software would be installed across the organization.

 Mitigation and Security Control Recommendation: Discuss how you fix this vulnerability. Can you patch it? Are there additional security controls, protections, or sensing mechanisms that could be installed to lessen the impact of an attack?

Guidelines  The proposal document should be 7 to 10 pages, conforming to APA

standards (double-spaced).



 At least two authoritative outside references are required. These should be listed on the last page titled “References” – which does not count toward your overall page count.

 Screenshots are required for each major section – any sensitive information may be obfuscated or redacted).

o Screenshots will be no larger than 1/4 page. The text within the screenshot should appear readable so avoid taking “full screen” captures. Capture only the appropriate detail. Terminal command output should be no smaller than an “equivalent” 12-point font size (similar to the font in this document).

o Screenshots and images do not count toward the overall page count. The project may extend into multiple pages depending on the number of screenshots

o Clear screenshots should be used. There are numerous options available to take screenshots. Use Google, or go to for various options. By no means should you take a picture with your smartphone or camera and paste in.

Appropriate in-text citations are required.  This will be graded on quality of the research topic, technical

demonstration/write-up, the content quality, use of citations, grammar and sentence structure, and creativity.

 The paper is due during Week 8 of this course.  This paper should effectively describe the vulnerability, risks and

recommendation in a manner that will allow TECHNICAL readers to understand the vulnerability, risk and mitigation. The course material and research should provide you with the right level of technical understanding.

 Format: The paper must contain clearly labeled headings for each major section: Network Mapping, Vulnerability Scan, Vulnerability Research, etc.

References 

sample-report-2013.pdf (Links to an external site.)  Note: If you’ve never used Microsoft Word’s “References” feature to

manage citations, please invest some time in learning how to do this. You’ll be glad that you did. ie/article/Add-a-citation-and-create-a-bibliography-17686589-4824- 4940-9c69-342c289fa2a5?ui=en-US&rs=en-IE&ad=IE (Links to an external site.)

 Ensure that you cite your references in the text when you are using material from the reference.



Grading Rubric Final Deliverable

Category Weight % Description


Detailed discussion commensurate with the option chosen, e.g., Local Lab build-out | Remote lab (w/Option 2A or 2B).


Appropriate discussion and screenshots to document the tool usage and generated output for the network mapping and vulnerability scan


Appropriate discussion and screenshots to document the tool usage and generated output for the exploitation phase. Screenshots should include post-exploitation commands run to demonstrate system/root access


Appropriate research and discussion, including: vulnerability research, vulnerability analysis, vulnerability analysis, Risk Assessment and recommendations. Exploitation should be written so that it could be re-created with supporting evidence. There must be clear evidence that the screenshots are not simply taken from an Internet page and that they are your own work. A technically sound and logical recommendation is provided and supported.

Word Count 10% Full Credit: 2,000 words or more

Partial Credit: Less than 2,000 words



Spelling, grammar and Sentence Structure

5% Ensure your paper is professional and technically written using appropriate terminology as discussed in class

Documentation and Formatting 5%

Appropriate APA citations/referenced sources and formats of characters/content.

Total 100% A quality paper will meet or exceed all of the above requirements.


  • Scenario
  • Project OVERVIEW
  • Supporting Details
  • Part 1 – Pre-Test: Deployment of attack tools and victim host (Week 2)
    • Option 1 – Local Lab
    • Option 2 – Remote Lab
  • Part 2 – TESTING (MAPPING AND SCANNING): Mapping the target environment and conducting a vulnerability scan (Week 4)
    • Option 1 – Local Lab
    • Option 2 – Remote Lab
  • Part 3 – Exploitation: Gaining Access through A vulnerability identified during the vuln scan (Week 6)
    • Option 1 – Local Lab
    • Option 2 – Remote Lab
  • Part 4: Analysis and Reporting: Communicating findings and providing mitigation recommendation (Week 8)
  • Guidelines
  • References
  • Grading Rubric

Get Professional Assignment Help Cheaply

Buy Custom Essay

Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?

Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.

Why Choose Our Academic Writing Service?

  • Plagiarism free papers
  • Timely delivery
  • Any deadline
  • Skilled, Experienced Native English Writers
  • Subject-relevant academic writer
  • Adherence to paper instructions
  • Ability to tackle bulk assignments
  • Reasonable prices
  • 24/7 Customer Support
  • Get superb grades consistently

Online Academic Help With Different Subjects


Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.


Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.

Computer science

Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!


While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.


Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.


In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.


Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.


We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!


We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.


Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.

What discipline/subjects do you deal in?

We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.

Are your writers competent enough to handle my paper?

Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.

What if I don’t like the paper?

There is a very low likelihood that you won’t like the paper.

Reasons being:

  • When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
  • We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.

In the event that you don’t like your paper:

  • The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
  • We will have a different writer write the paper from scratch.
  • Last resort, if the above does not work, we will refund your money.

Will the professor find out I didn’t write the paper myself?

Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.

What if the paper is plagiarized?

We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.

When will I get my paper?

You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.

Will anyone find out that I used your services?

We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.

How our Assignment  Help Service Works

1.      Place an order

You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.

2.      Pay for the order

Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.

3.      Track the progress

You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.

4.      Download the paper

The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.

smile and order essaysmile and order essay PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!

order custom essay paper