Reference no: EM132320517
Final Project - Penetration Test Planning and Reporting
Lab Objectives - Upon completion of this activity, you will be able to:
- Utilize and recognize basic programming and scripting technologies to assist in cyber attacks and defense.
- Differentiate encryption and decryption as they apply to cryptography.
For this assignment, we will research and become familiar with different approaches to complete a penetration testing engagement, using the instructor as your client. You are hired to complete a penetration test of the "target" VM. Some specifics about the assessment:
Purpose/business objective:
- To assess the security posture of the Metasploitable VM.
- Proactively identify, prioritize, and report existing vulnerabilities and successful exploits.
- Gain root access to the system using any of the discovered vulnerabilities.
- Crack the passwords of any existing system, app, database user.
- Provide synthesized action plan for the IT operations team to address the findings.
- Provide a comprehensive findings report.
- Include a table with results that need to line up.
IP Address
|
FQDN
|
OS
|
Port
|
Protocol
|
Service
|
Name
|
Version
|
Additional Nmap Script Information (To be Added Manually)
|
Vulnerability
|
CVE
|
CVSS
|
Exploit Success? If yes, which exploit?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The scope of the assessment is:
- Only the Linux Target, Metasploitable, VM, no other IPs should be included.
- All Metasploitable ports, services/applications, and databases that are open or running need to be evaluated.
- The assessment is system, application, database level.
- Manual and automated scans are acceptable.
- Post-exploitation activities like privilege escalation and password cracking of additional system/database accounts are in scope.
Rules of engagement
- No social engineering and DDoS attacks
- No physical attacks. Since this is a VM, you cannot use the msfadmin:msfadmin credentials to sign in to the VM using the console interface and claim you successfully exploited a vulnerability like weak/easy to guess credentials.
- You can only scan/attack from the Kali VM
- You are find all existing vulnerabilities
- Validate all of the discovered vulnerabilities through active exploitation (at least those specified by the instructor during week 7)
- No time restrictions for the testing; you can test any time of the day
- For the vulnerability identification, you have 1 week (week 6)
- For the exploitation/validation, you have 1 week (week 7).
Lab Instructions -
We will focus on preparing a pen test execution plan and a report template. They will help you for the final project. Think of it as a preparation for the final.
Review the provided video and additional references above
Review approaches like the Pen Testing Execution Standard or NIST SP800-115 before starting to figure out the before, during, and after of a pen test
For the plan, you need to outline what activities, you need to include before, during, and after a pen test execution:
- Before - Planning and preparation
- Example, scope, rules of engagement, methodology, permissions. You need to go in details.
- I provided a foundation for your scope, rules of engagement, and the video and presentation should help you come up with a methodology=approach for complete the pen test.
- During the assessment - Execution
- This is where you provide more details about the phases outlined in your methodology
- Highlight what you will do during each phase
What are the objectives of each phase?
What are the deliverables? For example, for the information gathering phase:
- You will collect information like:
- System IP
- Hostname
- Open ports
- OS type
- Running services/Applications and their versions
- Record any information discovered via Nmap Script Engine
- You will record the results in a table with results so each port, service/app, version can be mapped appropriately
- You will provide evidence of the discovery in the form of a screenshot and brief explanation of the command and findings/result.
After- Reporting and result presentation
- You will organize the results and put them in a comprehensive report
- The report will cover areas like:
Table of contents
Executive summary
- Background
- Scope
- risk classification/categorization
- major findings chart/graph
- overall risk profile
Technical report
Methodology
Examined assets
Tools used
Attack Narrative/Details
- typically focus on the most critical findings,
- what you assessed (IP, app, database)
- what you found (CVE, CVSS, exploit and screenshots),
- how you found it (command, scan and screenshot),
- why is the finding significant (risk impact, likelihood, ease of use, etc)
Conclusion - overall recommendation for direction and prioritization
Appendix
Table with synthesized results that will help with client result verification and remediation lifecycle efforts
IP Address
|
FQDN
|
OS
|
Port
|
Protocol
|
Service
|
Name
|
Version
|
Additional Nmap Script Information (To be Added Manually)
|
Vulnerability
|
CVE
|
CVSS
|
Exploit Success? If yes, which exploit?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Manual and automated scan results
Additional exploit information and reference link to figures, graphs in the body of the report
Additional guidance and recommendation to address the findings like guide on how to align the findings prioritization against CIS CSC top 20 or another control standard
Once you finish the write up of the plan, create a report template cover
Submit assignment including the plan and report template in the same assignment.
Lab Deliverables -
Plan that provides a roadmap for completing a pen test engagement and addresses before, during, and after of a pen test as shown in the lab instructions section
Report template appended to the plan that addresses all sections specified in the lab instructions "after" the pen test (section 5.c)
- You may include additional sections as needed
- Create a document/template that you can use for the final project
Make sure each screenshot is accompanied by a brief explanation of what you did in the screenshot.
Attachment:- Assignment File.rar