- The first part of your project is installing a hypervisor (VirtualBox, VMware, etc) along with two (2) operating systems. You will later use one of the machines as an attacker to launch attacks on the victim’s machine. Recommended installs.
- Kali Linux
- one Metaspolitable/DVWA: MetaSploitable is a vulnerable server you will scan to find vulnerabilities. Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable.
The second part of your project is identifying the target system through network discovery using NMAP and/or other tools (e.g. Angry IP Scanner), identify network and targets, and look at recon/footprinting. Illustrating method for profiling.
The third part of your project involves installing and successfully run Nessus to identify vulnerabilities. You can alternatively select other vulnerability scanners you’d like.
The fourth part of your project is installing and successfully run Metasploit (or equivalent), demonstrating penetration into machine.
The fifth part is a well written report documenting your process with additional information on lessons-learned and identify how you can maintain access.
0 comments