logo

Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux

This document provides joining instructions to the RedNet VPN of the University of Hertfordshire for the purposes of the assignment for the level 7 Penetration Testing module.

20 Pages2559 Words88 Views
   

Added on  2023-01-18

About This Document

This project critically discusses and analyzes the penetration testing process, including the ethical and legal issues surrounding hacking, the methodology of penetration testing, and conducting a full scale testing in Kali Linux.

Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux

This document provides joining instructions to the RedNet VPN of the University of Hertfordshire for the purposes of the assignment for the level 7 Penetration Testing module.

   Added on 2023-01-18

ShareRelated Documents
University
Semester
PENETRATION TESTING
Student ID
Student Name
Submission Date
Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux_1
Table of Contents
1. Introduction...................................................................................................................................1
2. Task 1............................................................................................................................................1
2.1 Computer Crime Definitions..................................................................................................1
2.2 Criminal Activity...................................................................................................................1
2.3 Hacking Definition................................................................................................................2
2.4 Critical Discussion.................................................................................................................2
3. Task 2............................................................................................................................................3
3.1 Pen Test Methodology Discussion.........................................................................................3
3.2 SOP for Pen Testing..............................................................................................................3
3.3 Decision Making Tree...........................................................................................................5
4. Task 3............................................................................................................................................5
4.1 Attack Narrative.....................................................................................................................5
4.2 Vulnerability Details & Mitigation......................................................................................11
4.2.1 Vulnerability Details........................................................................................................11
4.2.2 Vulnerability Mitigation..................................................................................................12
5. Conclusion and Reflection...........................................................................................................14
References...........................................................................................................................................16
Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux_2
1. Introduction
This project is used to critically discuss and analysis the penetration testing and this
project is divided into three tasks. First one is, to provide the understanding the ethical and
legal issues surrounding the hacking. Second one is, to provide the understanding of the
process of penetration testing and describe the following phase such as formation gathering,
vulnerability identification and analysis, and target profiling. The third one is, to provide the
ability to conduct a full scale penetration testing in kali Linux. These are will be discussed
and analysed in detail.
2. Task 1
The main objective of this task is to discuss the why hacking is not a criminal activity to
provide the understanding of the legal and ethical issues surrounding ‘hacking’. It is likely to define
the cyber-crime and correlating the traditional crime to the computer crime. This process is used to
gives the logical link to the criminal activity discussion and it also define the hacking and it
explanation. It is likely to explain the threat agents in the hacking. The explanation of hacking is used
to suitable the classifications of threat agent. This process is used to create the use of
motivation, opportunity and capability as the classifying the attributes. Finally, we are
concluding the supported opinion of why hacking is not a criminal activity. These are
discussed in detail.
2.1 Computer Crime Definitions
The computer crime is the use of networks and computers and it perform the illegal
activities such as online bullying, performing unauthorized electronic fund transfers,
computer viruses and more.
Basically, the computer crime as separate entity to traditional crime. The computer and
traditional crime are carried out the same of criminals for same type of reasons.
2.2 Criminal Activity
To explain the criminal activity, it is necessary to understand the types of hackers.
There are various types of hackers such as:
1) Professional Hackers:They are classified into Black hats and White hats.
The Black hats are the hackers who access system/devices illegally, whereas the
White hats are the professional security experts who do hacking to improve the
security and avoid the threats to the system.
1
Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux_3
2) Criminal Hackers: They are the actual criminals as they don't bother to hurt
anyone with their acts.
3) Disgruntled employees: They are the insiders who are extremely dangerous to
the company.
There is always a question whether the computer hackers are criminals or not. It is
necessary to know that the Black hats hackers refer to a small community and thus all the
computer hackers cannot be regarded as criminals (Rayner, 2018). Computer hacking can be
held as a crime, in cases where the intensions and actions of the individuals are wrong and
when they have no permission from the owner (Edwards, 2019).
Criminal activity is a sort of cybercrime which incorporates online predatory crimes,
identity theft, online bank information theft and unauthorized computer access. The two type
of categories of criminal activities are listed below:
1) DoS (denial of service) attacks and viruses are the crimes which are targetedfor
the computer system or networks.
2) When other criminal activities like identity theft, cyber talking,fraud and
phishing are crimesthat utilize the computer network for advancing.
Cybercrime vs Traditional Crime
Cybercrime and traditional crime are two different crimes which the same type of
criminal carry out, basically for a same reason. The traditional crimes involve breach of
information and hardly follows the ethical laws. The cybercrimes refers to criminal activities,
for instance theft, scam, fraud, defamation and intrusion.
2.3 Hacking Definition
The hacking is to activities that seek to compromise the digital devices such as
computers, tables, mobile phones and even entire networks.
2.4 Critical Discussion
The basic impression given for the hackers is,“Criminals”. But, it is not actually true.
They can be regarded as criminals based on the following aspects -If unauthorized
interference involves with the network, computer or computer system then it is called as
computer hacking which is not a crime, but if computer hacking involves breaking into a
computer with an intension of stealing, damaging, modifying or monitoring the data/ settings
2
Penetration Testing: Ethical and Legal Issues, Methodology, and Full Scale Testing in Kali Linux_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Penetration Testing: Legality, SOP, and Penetration Test
|26
|3368
|66

Ethical Hacking and Penetration Testing
|3
|417
|96

Penetration Testing Methodologies
|18
|3974
|91

Ethical Hacking and Defence: Flags, Web Shells, and System Security
|14
|3249
|79

Ethical Issues in the Cyber World
|4
|1178
|341

Ethical Hacking: Introduction, Pen Testing Approach, Results and Findings
|7
|1139
|93