Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.
Help with Cybersecurity Homework
Overview
GlobalComm has hired you as an offensive security consu
ltant. You have been
tasked with writing a
penetrating test report against the web application
of
GlobalComm
-
DVWA
. The expectation is you use active information gathering
techniques and methods to
exploit web applications.
R
ules of engagement
•
The only c
omputer that should targeted is
Metasploitable
•
Students must of preformed the lab preparation assignment before
continuing
Ta
sks
and expectations
•
Show proficiency
Web application security
•
Write a
response to the tasks and questions below
Technical
Questions
For this lab report screenshots of every command is not needed, please use your
judgment when documenting this. Screenshots again should be used but limited.
I
do not want 5 pages of screenshots;
additionally use the cropping tool to tighten the
screenshots that are used.
Web Application Assessment
The CTO of GlobalComm has requested an in
-
depth assessment
of the Web
Applications running on the Linux virtual machine provided.
A report should be
written outlining the risk the curre
nt system has and recommendations on how to
resolve them.
DVWA should be the focus of the report but feel free to include an
assessment of the other web applications running. Within the report you should
explain the following:
•
Information gathering
•
Vulner
ability identification
•
Authentication weaknesses
•
Web Application
Exploitation
o
4 Exploits should be demonstrated
!
1 SQL injection attack
!
1 attack using SQL Map
!
1 attack using demonstrating a web shell!
1 attack of choice
o
1
additional
Exploit with DVWA in medium
will award you 5 bonus
points
•
Data e
xfiltration
or disc
losure
possibilities
should be outline and explain the
risk in
-
depth.
•
Remediation
steps and action items to resolve issues
identified
should be
elaborated
on.