Lab Assignment 1

The assignment focuses on practical proficiency with Vulnerability Assessment and Penetration Testing (VA/PT) tools, requiring participants to document their findings and provide remediation recommendations. It includes hands-on exercises such as network scanning with Nmap, vulnerability scanning with Nessus or OpenVAS, web application testing with Burp Suite, exploitation using Metasploit, and traffic analysis with Wireshark. Participants must work in authorized environments, document their processes, and emphasize safety and cleanup.

Uploaded by

aaditgulati11

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

73 views2 pages

Lab Assignment 1

Uploaded by

aaditgulati11

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

Assignment 1

Vulnerability Assessment & Penetration Testing Tools

Objectives:

• Demonstrate practical proficiency with common VA/PT tools.

• Produce a clear technical report with findings, risk ratings, and remediation
recommendations.

Important instructions (read carefully)

1. Work only in an authorized lab environment or on systems you own/have explicit

permission to test. Any unauthorized scanning or exploitation is strictly prohibited and
will be reported.

2. Document every command you run, configuration changes, and screenshots that support
your findings. Include timestamps and tool/version numbers where possible.

Hands-on practical

Complete the following hands-on exercises in the lab. For each exercise include: objective,
environment (IP addresses, VM names), step-by-step commands, screenshots/exports, findings,
risk rating (High/Medium/Low), and remediation.

B1 — Recon & Scanning

• Use Nmap to discover hosts and open ports on the provided target network. Provide the
exact Nmap commands you used (including flags) and the output summary.

• Run a targeted web service discovery using DirBuster (or Gobuster if DirBuster
unavailable). Submit the successful paths discovered and describe why these findings
matter.
B2 — Vulnerability Scanning & Analysis

• Run an authenticated scan (or unauthenticated if kernel/lab restricts authentication) using

Nessus or OpenVAS against a web server VM. Export the report (PDF/CSV). Identify the
top 3 findings and explain CVSS, exploitability, and potential impact.

B3 — Web App Testing

• Using Burp Suite (or OWASP ZAP), perform a manual test and an automated scan of a
deliberately vulnerable web application (e.g., DVWA or Juice Shop). Demonstrate
discovery of at least one of: SQL injection, XSS, or insecure direct object reference.
Show proof-of-concept and remediation steps.
B4 — Exploitation & Post-exploitation

• In a fully authorized lab VM, use Metasploit or Armitage to exploit a known vulnerable
service and obtain a shell. Explain the exploit chosen, payload, and post-exploit activities
(e.g., privilege escalation attempt, pivoting — if allowed). Emphasize safety and cleanup
steps.

B5 — Network & Traffic Analysis

• Capture traffic with Wireshark during a simulated login to an insecure service. Identify
any sensitive data transmitted in cleartext (e.g., credentials, session tokens) and propose
mitigations. Attach the packet capture and highlight the relevant packets.

Practical Lab Task
No ratings yet
Practical Lab Task
3 pages
Lab5
No ratings yet
Lab5
17 pages
Vapt Mini Project Report - Jinandjuice
No ratings yet
Vapt Mini Project Report - Jinandjuice
9 pages
Offensive Security Tasks
No ratings yet
Offensive Security Tasks
5 pages
Vapt
No ratings yet
Vapt
7 pages
Lab5 VAPT
No ratings yet
Lab5 VAPT
14 pages
Virtual Penetration Testing Guide
No ratings yet
Virtual Penetration Testing Guide
4 pages
Network Vulnerability Testing Guide
No ratings yet
Network Vulnerability Testing Guide
3 pages
VAPT Methodology Report
No ratings yet
VAPT Methodology Report
3 pages
Lab 3 - Vulnerability Scanning and Exploitation Instructions - Mar 4
No ratings yet
Lab 3 - Vulnerability Scanning and Exploitation Instructions - Mar 4
5 pages
DVWA Report
No ratings yet
DVWA Report
16 pages
SyCyS Project
No ratings yet
SyCyS Project
11 pages
Penetration Testing Report
No ratings yet
Penetration Testing Report
98 pages
Ethical
No ratings yet
Ethical
13 pages
Vulnerability Assessment Tools
No ratings yet
Vulnerability Assessment Tools
12 pages
2.MICRO SYLLABUS - PAVT.v3 (VR20)
No ratings yet
2.MICRO SYLLABUS - PAVT.v3 (VR20)
3 pages
pt0 002 05
No ratings yet
pt0 002 05
33 pages
IS499 Final Project
No ratings yet
IS499 Final Project
6 pages
Exp 5
No ratings yet
Exp 5
11 pages
Vulnerability Assessment and Penetration Testing VAPT 1730885750
No ratings yet
Vulnerability Assessment and Penetration Testing VAPT 1730885750
29 pages
Scs File
No ratings yet
Scs File
4 pages
Untitled
No ratings yet
Untitled
772 pages
How To Perform A Vulnerability Assessment
No ratings yet
How To Perform A Vulnerability Assessment
14 pages
Ethical Hacking Essentials
No ratings yet
Ethical Hacking Essentials
18 pages
Penetration Testing Tools Assignment
No ratings yet
Penetration Testing Tools Assignment
3 pages
VAPT
No ratings yet
VAPT
11 pages
Tools Required
No ratings yet
Tools Required
2 pages
Penetration Testing Presentation
50% (2)
Penetration Testing Presentation
15 pages
Lec5 Vulnerability
No ratings yet
Lec5 Vulnerability
10 pages
Vulnerability Assessment & Penetration Testing From Recon To Report
No ratings yet
Vulnerability Assessment & Penetration Testing From Recon To Report
16 pages
CEH Module 5
No ratings yet
CEH Module 5
39 pages
7 Cyberssyll
No ratings yet
7 Cyberssyll
14 pages
Lab Guide For Student
No ratings yet
Lab Guide For Student
15 pages
Lab Report-2
No ratings yet
Lab Report-2
8 pages
Lab 4
No ratings yet
Lab 4
20 pages
Cie-1 (Vapt)
No ratings yet
Cie-1 (Vapt)
5 pages
Module 5
No ratings yet
Module 5
26 pages
KunalKhandelwal - Cyber Security Testing - Practical Assignment
No ratings yet
KunalKhandelwal - Cyber Security Testing - Practical Assignment
18 pages
Scenario Q Updated
No ratings yet
Scenario Q Updated
2 pages
Penetration Testing (Pen Testing) I
No ratings yet
Penetration Testing (Pen Testing) I
4 pages
Vulnerability Assessment Techniques Guide
100% (1)
Vulnerability Assessment Techniques Guide
18 pages
Task 1
No ratings yet
Task 1
48 pages
Ethical Hacking Lab Manual
No ratings yet
Ethical Hacking Lab Manual
6 pages
Pen Testing Lab Setup Guide
No ratings yet
Pen Testing Lab Setup Guide
8 pages
John Doe-Coursework2 Report
No ratings yet
John Doe-Coursework2 Report
6 pages
Web Penetration Testing Checklist - XLSX - Checklist
No ratings yet
Web Penetration Testing Checklist - XLSX - Checklist
27 pages
Vulnerability Assessment & Penetration Testing
No ratings yet
Vulnerability Assessment & Penetration Testing
17 pages
UNIT1
No ratings yet
UNIT1
21 pages
DVWA Vulnerability Assessment Report
No ratings yet
DVWA Vulnerability Assessment Report
3 pages
Penetration Testing Activity Guide
No ratings yet
Penetration Testing Activity Guide
4 pages
C-VA Exam: Introduction To Vulnerability Analysis
No ratings yet
C-VA Exam: Introduction To Vulnerability Analysis
2 pages
Advanced Penetration Testing With Kali Linux
86% (7)
Advanced Penetration Testing With Kali Linux
24 pages
CompTIA PenTest+ Exam Guide
No ratings yet
CompTIA PenTest+ Exam Guide
15 pages
Lab-3 Kumiss
No ratings yet
Lab-3 Kumiss
23 pages
Vulnerability Assessment and Penetration Testing
No ratings yet
Vulnerability Assessment and Penetration Testing
25 pages
7-Day Penetration Roadmap
No ratings yet
7-Day Penetration Roadmap
8 pages
Penetration Testing Plans and Scope
No ratings yet
Penetration Testing Plans and Scope
2 pages
VAPT
No ratings yet
VAPT
4 pages
Penetration Testing Report
No ratings yet
Penetration Testing Report
14 pages
The Herbwitch Princess - Ireen Chau
No ratings yet
The Herbwitch Princess - Ireen Chau
343 pages
Functions and Limits
No ratings yet
Functions and Limits
9 pages
This Memorandum of Deposit of Title Deeds Is Executed at On This 10 Day of MARCH 2025
No ratings yet
This Memorandum of Deposit of Title Deeds Is Executed at On This 10 Day of MARCH 2025
3 pages
Covid-19 RTPCR Test Invoice
No ratings yet
Covid-19 RTPCR Test Invoice
1 page
Admission Letter Compressed
No ratings yet
Admission Letter Compressed
1 page
Chi2016 Ao3 Fiesler
No ratings yet
Chi2016 Ao3 Fiesler
12 pages
Docu62057 - RecoverPoint 4.4 Administrator's Guide PDF
No ratings yet
Docu62057 - RecoverPoint 4.4 Administrator's Guide PDF
362 pages
Pediatric Orthosis
No ratings yet
Pediatric Orthosis
78 pages
Android Module Debugging Report
No ratings yet
Android Module Debugging Report
41 pages
Hibernate ORM Guide for Java Devs
No ratings yet
Hibernate ORM Guide for Java Devs
663 pages
Proposal of G-1 (Harvester) Final Edited
No ratings yet
Proposal of G-1 (Harvester) Final Edited
17 pages
Jitterbit Overview Solution Sheet
No ratings yet
Jitterbit Overview Solution Sheet
2 pages
Photo Vocabulary Lesson Plan
No ratings yet
Photo Vocabulary Lesson Plan
5 pages
The Minority Game An Introduction
No ratings yet
The Minority Game An Introduction
25 pages
LEE Roll-Out PPT Final
No ratings yet
LEE Roll-Out PPT Final
68 pages
CV 7-1
No ratings yet
CV 7-1
4 pages
Thermodynamics for Engineering Students
No ratings yet
Thermodynamics for Engineering Students
28 pages
Mythology Activity Kit
100% (1)
Mythology Activity Kit
5 pages
Ssi 02
No ratings yet
Ssi 02
9 pages
Yuga Architectures and Time Cycles
No ratings yet
Yuga Architectures and Time Cycles
1 page
Klasifikasi Olahraga Disabilitas
No ratings yet
Klasifikasi Olahraga Disabilitas
33 pages
Edexcel Higher Paper 3 Revision Topics
No ratings yet
Edexcel Higher Paper 3 Revision Topics
3 pages
Effective Resistance in Electrical Circuits
No ratings yet
Effective Resistance in Electrical Circuits
9 pages
Smart Computing and Communication
No ratings yet
Smart Computing and Communication
425 pages
Unit 1 CG Notes
No ratings yet
Unit 1 CG Notes
29 pages
Sand and Gravel For Se As Filtration Medium - Specification: Indian Standard
No ratings yet
Sand and Gravel For Se As Filtration Medium - Specification: Indian Standard
12 pages
The National List of Threatened Philippine Plants and Their Categories PDF - PDF
100% (1)
The National List of Threatened Philippine Plants and Their Categories PDF - PDF
33 pages
A Pipeline For Harmonising NHS Scotland Laboratory D 2025 Journal of Biomedi
No ratings yet
A Pipeline For Harmonising NHS Scotland Laboratory D 2025 Journal of Biomedi
12 pages
DRRM Action Plan S.Y. 2020-2021
No ratings yet
DRRM Action Plan S.Y. 2020-2021
2 pages
Heifer Proposal
100% (1)
Heifer Proposal
6 pages