Penetration Testing / EXPLOITATION training program
£20-250 GBP
Closed
Posted over 4 years ago
£20-250 GBP
Paid on delivery
THE FOLLOWING GIVE DETAILS OF WHAT IS EXPECTED TO COMPLETE THE EXPLOITATION TESTING PROGRAM. WILL GIVE A FULL BRIEF LATER ON..
You will need is to exploit the three target machines and provide a proof of enumeration/vulnerability assessment, scanning, exploit development, exploitation, and vulnerability fixes. You will also need to explain all steps . You will be provided with three OVF/OVA Virtual Machine files with instructions on how to import the files and start each Virtual Machine using VMware. You will also be provided with the Linux Virtual Machine to attack the targets.
Each target machine contains at least one proof file, which you must retrieve, and include with your documentation.
So to get started,,,,,,,,,,,,,
1- Enumeration and vulnerability scanning (this step may have a minimum of 4 screen shots )
Suggested methods:
- use Linux terminal commands to find local machine IP address then scan for available live pcs/systems using may be netdiscover command.
- we also need to include a GUI method of discovering an enumeration of the network around us.
- we should also use the terminal command to check for vulnerabilities on target machines found on the previous step (enumeration)
- for this we repeat the same thing just like before but now we use a GUI tool such as openVAS
2- Exploitation development (this step may have a minimum of 2 screen shots )
- This need to show what commands need to be used for the exploitation strategy and what GUI tools could be used
3- the exploitation itself. (this step may have a minimum of 2 screen shots )
Having established an exploitation strategy, now using command lines and GUI we should complete the exploitation. examples such as MSFconsole > exploit > payload. We need to use a GUI tool for snapshots, reports etc.
So basically explain how you managed to get to the proof file and how you retrieved it using the above example. The brief says at least one proof file meaning that you can go the extra mile and may be retrieve more than one to show better success.
The proof file is mentioned in the full brief (will be provided later)
4- fixing vulnerabilities. (this step may have a minimum of 2 screen shots, reports, graphs etc)
OpenVAS for example could find all available vulnerabilities and could also be used to fix them. This could also generate reports, graphs, tables etc. This data could be added to our main report too. (put them in an appropriate place - may be in appendices if too much)
GENERAL POINTERS:
- REMEMBER WE NEED TO HAVE VERY CLEAR SCREEN SHOTS + DESCRIPTION OF HOW WE HAVE DONE IT
- ALSO THE USE OF COMMANDS NEED TO BE DESCRIBED
- THERE ARE 2 RECOMMENDED HACKING BOOKS - (CHECK IF THEY MAY HELP) AS FOLLOWS:
Penetration Testing (also available in E-book)
A Hands-On Introduction to Hacking
by Georgia Weidman
June 2014, 528 pp.
ISBN-13: 978-1-59327-564-8
The Hacker Playbook 3: Practical Guide to Penetration Testing
Paperback by Peter Kim (Author)
Paperback: 289 pages
Language: English
ISBN-10: 1980901759
ISBN-13: 978-1980901754
- ALL THE TOOLS WE MENTIONED ABOVE ARE JUST EXAMPLES. YOU CAN USE DIFFERENT TOOLS IF NECESSARY.
- WE COULD HAVE A MINIMUM OF 30 SCREENS SHOTS IN TOTAL.
THANKS AND REGARDS
THE REQUIRED VM WARE FILES WILL BE PROVIDED LATER
Hi. I am an IT Security expert and penetration tester with 300+ technical project completion experience. I am expert in Kali/backtrack, metasploitable, RHEL, Ubuntu and several other Linux distributions. Also I am an expert in nmap, metasploit, wireshark, hping3, hydra, ettrcap, openvas, nessus and several other penetration tools. I will provide the full documentation of the process which will include all the screenshots and short descriptions of the steps. I am the number one freelancer in IT Security category. So I am the best person for this job. Come to chat for details.
Hey there,
I have been in the Information Security arena for years.
I had conducted tons of Penetrations Tests.
I'm a former black hat hacker as well.
Would you share more details?
Regards.
Hi there,
I have read your project description and i'm confident i can do this project for you perfectly.I still have a few questions. please leave a message on my chat so we can discuss the budget and deadline of the project.
Thanks.
...
I'm an OSCP Certified Pentester having Knowledge in Penetration testing and Ethical Hacking.
With a Background of 3+ Years in Cyber Security and Ethical hacking.
I have also performed Penetration tests for several clients. Mostly I have tested Web Applications and Servers.
I can Work and Perform Tests on The Following:-
Network testing both Wired and Wireless .
System/Server Testing including all Operating Systems such as Windows and Linux.
Web App Testing including CMS Software such as Wordpress, Drupal and Joomla.
I can provide you with a detailed report.
regards
Rahul
Hi
My name is Randy, I'm a security expert based at Costa Rica. My working normal hours are from 7am to 9pm MT US time but I can be flexible if needed.
I'm very interested in your project, I'm skilled in what you are looking for, feel free to ping me to discuss more details about the project.
I will be glad to assist you with your request. You can ask for my linkedin for reference.
Any question let me know.
I am experienced php developer and web designer with the depth knowledge related to MySQL,Codeigniter,Laravel,WordPress,MSSQL,JSON,JAVASCRIPT,AJAX,XML,jQuery,CSS,HTML5,Material Designing with the integration of web technologies.
I have worked as Php & Web developer in industry and now i am full time freelancer and having the experience of huge and live projects.
I can design the web pages with the backend of php and I have also experience of query optimization and performance management through php support.
I am finding one startup like you so i can provide my skills to IT market and I can give you 100% surity for quality work in minimum time sir.
I have also launched eCommerce Product for pharmacy industry and launched android app on play store as well , I have great control in android with backend of php webservices and api generation with JSON integration.
I can work at anytime with the great satisfactions,quality output and result in your hand with the fulfilling your requirements for sure.
Waiting for your positive response , so we can start the work soon ...
Hi, I am a both a CEH and a certified penetration tester for the U.K. ministry of defence. This sounds like a fun project and something I do on a daily basis (user of vulnhub, hack the box etc)
Relevant Skills and Experience
CEH, CISSP, Tiger QSTM, expert in burp suite, nmap and metasploit. Documentation of vulnerability exploits is also a core ability.
Hi. I am good and an expert in penetration testing. I am expert in Kali Linux and windows systems. Also I am an expert in nmap, metasploit, wireshark, dirbuster, hydra, Qualys, nessus and several other penetration tools. I will provide the full documentation of the process which will include all the screenshots and short descriptions of the steps in time.