The Topic For My Capstone Project Was To Gain Introductory

1279 WordsMay 9, 20176 Pages
The topic for my capstone project was to gain introductory knowledge for penetration testing. I had little knowledge on the subject itself, but I was interested in it enough to base this project around it. What I knew before hand was very basic information and I would need to learn a lot more before I could consider myself fully introduced to penetration testing. The goal of my capstone was to learn how to safely practice penetration testing, set up a virtual machine penetration lab, learn why a lab would need to be set up, and lastly to find out why penetration testing is important. Penetration testing is when a company pays a specialist to try and break into their network and relay back to them any vulnerabilities they may find. Now…show more content…
Using these labels and their definitions explains the purpose of penetration testing a bit better. White-hats use the same methods and tools to break into networks as a black-hat would, but they disclose the security issue with the network owner. In a sense, a white-hat imitates a malicious attack but there would be no harm done to the network. What are the vulnerabilities in which a penetration test would look for? Most penetration tests would go through an information gathering state in which they look for as many different possible vulnerable targets, and they may also capture the network traffic and investigate that as well. One example of an attack could be infiltrating the file server and uploading a payload to that server. If an attacker can find their way to accessing the file server, depending on what is kept on it, they could also have access to secure files and any other sensitive information kept on it, possibly any of the configuration files to that file server holding hashes for user passwords. Attackers may also look for any vulnerable programs on network computers for more ways into the system. Depending on how much effort a hacker wants to go through there is an endless amount of areas that they can check for vulnerabilities. Anything from scanning port numbers to bypassing the firewall without being detected, networks can be well secured but not to a point of being 100% safe from any

More about The Topic For My Capstone Project Was To Gain Introductory

Open Document