CSS Level 7 Penetration Testing Project: Analysis and Execution

This project report details a penetration testing assignment, divided into three tasks. The first task explores the ethical and legal issues surrounding hacking, defining computer crime and discussing the classification of hackers (professional, criminal, and disgruntled employees). The second task focuses on penetration testing methodologies, including a Standard Operating Procedure (SOP) and a decision-making tree for phases like information gathering, vulnerability analysis, threat modeling, exploitation, and reporting. The third task involves conducting a full-scale penetration test using Kali Linux, including an attack narrative, vulnerability details (command injection, outdated applications, and lack of system hardening), and mitigation strategies. The project successfully demonstrates the understanding and application of penetration testing principles, providing a comprehensive analysis of vulnerabilities and mitigation techniques within a simulated environment.