We are looking for web application and infrastructure level penetration knowledge according to modules taken within your university. However, if you could accomplish the following:

1) Agreement phase - mutual agreement between the client and you

2) Planning and reconnaissance – You will gather as much information about the target as possible. The information can be IP addresses, domain details, mail servers, network topology, etc.

3) Scanning – You will interact with the target to identify the vulnerabilities. Furthermore, you will send probes to the target and record the target's response to various inputs. This phase includes scanning the network with various scanning tools, identifying open share drives, open FTP portals, running services, and much more.

4) Gaining Access - Once the vulnerabilities have been identified, the next step is to exploit the vulnerabilities to access the target. The target can be a system, firewall, secured zone, or server.

5) Maintaining access - The next step is to ensure that the access is maintained, i.e., persistence. This is required to ensure that the access is maintained even if the system is rebooted, reset, or modified.

6) Exploitation – You will try to get the data, compromise the system, launch dos attacks, etc. Usually, this phase is controlled in penetration testing to ensure that the issues caused on the network are limited.

7) Evidence collection and report generation -The final aim is to collect the evidence of the exploited vulnerabilities and report it to the executive management for review and action.

Owner/Partners