tHREAT AND VULNERABILITY ANALYSIS, INCIDENT RESPONSE, AND SECURITY DESIGN

Project Report

The first part of your project is installing a hypervisor (VirtualBox, VMware, etc) along with two (2) operating systems. You will later use one of the machine as an attacker to launch attacks on the victim’s machine.

The second part of your project is identifying the target system through network discovery using NMAP and/or other tools (e.g. Angry IP Scanner), identify network and targets, and look at recon/footprinting. Illustrating method for profiling.

The third part of your project involves installing and successfully run Nessus to identify vulnerabilities. You can alternatively select other vulnerability scanners you’d like.

The fourth part of your project is installing and successfully run Metasploit (or equivalent), demonstrating penetration into machine.

The fifth part is a well written report documenting your process with additional information on lessons-learned and identify how you can maintain access.

Example Sample Report from Offensive Security
com/reports/penetration-testing-sample-report-2013.pdf” class=”external” target=”_blank” rel=”noreferrer noopener”>https://www.offensive-security.com/reports/penetration-testing-sample-report-2013.pdf (Links to an external site.)

As stated in the syllabus….Students will be required to install VirtualBox (or VM Player) onto either a classroom PC or their own PC (note: no support is provided if students are using their own PCs, and students are encouraged to work out their own problems anyway even if using the classroom PC).
Students will then work either independently or as a team of no more than 2 individuals to select standing up 2 operating systems as prescribed by the instructor, including Metaspolitable (a vulnerable server you will scan to find vulnerabilities). At the end of the semester, you or your team will complete network discovery (NMAP), complete vulnerability scan (Nessus), and prove penetration of 1 of your virtual machines (Metasploit). Your project will be graded as follows: