Penetration Testing Lab
88AAC313-1ACB-4098-B5DB-1E9700AC0A00Skill Demonstrated: Ethical Hacking and Penetration Testing
Problem: During this assignment, I had to successfully use Kali Linux to exploit a Server Message Block and EternalBlue vulnerabilities on a Windows XP and 2022 server using Metasploit. Lastly, I had to exploit a Windows 7 server using a payload I created.
Action: I created a detailed document including pictures of each step I used when completing the assignment through Kali Linux. I used various commands to run port scans, open Metasploit, set/create payloads, get system information, establish reverse shell connections and give admin privileges.
Result: This artifact shows I have detailed understandings on how to code in Linux-based environments and can connect to Windows systems, which are widely used in the workplace. I also know how to safely and ethically hack into systems using a payload, Metasploit, and EternalBlue.
CYSE 301:Linux-Based Password Cracking
CYSE270-Lab-5Skill Demonstrated: Penetration testing
Problem: I was tasked with testing the strength of 6 different passwords.
Action: In this hands-on lab in a Kali environment, I first had to create six different users. Next, I set all of the passwords to different difficulty levels. Then, I created a text file with all of the users password hashes after using the command to receive them. Finally, I used the Jack the Ripper tool to try and crack each one.
Result: After this lab, I saw the Jack the Ripper tool was only able to crack the first two password hashes. However, in the end I learned the importance of creating a strong password with symbols numbers and letters. I also learned how easy a password attack can be, since this assignment allowed me to be in the hackers position. Penetration testing is a great skill to have to understand what is vulnerable. This skill is beneficial to have while pursuing a career in cybersecurity, because it exposes vulnerabilities, shows the tester pays attention to detail, and can sometimes understand a hackers process.
CYSE 450: Malware Analysis:
A58FA243-3203-4303-9E1C-301520BACBEASkill Demonstrated: Downloading and detecting malware
Problem: During this assignment, I was asked to download a malware and analyze how it works and why it works that way. Using a website called malware bazaar, I was able to find the network traffic and connections made by a virus called Mirai.
Action: Using the website, I downloaded the virus then assessed it network patterns and connections. I viewed its DNS requests as well. Then I explained the characteristics of the malware.
Result: I determined based on the evidence in the lab and what I know about viruses the main reason why many of the connections were Microsoft connections. I learned the main thing the virus goes to is the system resources. This way it can steal data and corrupt files, spreading through document macros.