Professional Documents
Culture Documents
Pen Test
Pen Test
PenTest Expert was contacted by Top Motors to do a penetration test in order to find
out its vulnerabilities from a potential attack. All of the tests were being done to
simulate an attacker who was involved in the attack against Top Motors. Determined
attempts used general security access levels that common users have over the
network. The main goal was to identify and exploit vulnerabilities, that a possible
remote attacker can use to obtain illegal access to the company’s information.
STAGES
In this stage, PenTest Expert took time and gathered information that related to Top
VULNERABILITY SCANS
In this step PenTest Expert engages with Top Motors in order to find possible
vulnerabilities, by probing the network and web applications and identify poor
ACCESS
In this stage exploitable vulnerabilities that have been identified are used to access
PERSISTENCE
This step guarantees that access obtained, is then preserved whenever the system
EXPLOITATION
A control environment is used here and backups are created to reduce damage on
the network. PenTest Expert will throw a series of attacks on the systems by trying to
REPORTING
When the penetration test simulation is over, the evidence of vulnerability within the
Tools that were used to identify known vulnerabilities are listed below. Most of them
are able to present reports used to engage other procedures and compliment
subsequent stages.
Nessus
Nessus was selected for scanning the network and web application vulnerability. It
Metasploit
escalate privileges.
Dirbuster
This tool searches for the availability of directories that can be found within the