You Have Just Joined A Cyber-Security Company And You Are About To Assist One Of The Engineers: Pen Testing Assignment

Assignment Details:

Students are asked to perform a pen testing test on a web site using open source tools.

During the assignment you are asked to detail the following:

What investigation method are you using and why
What type of information do you hope to obtain using each of the methods
In case if you cannot find the information you are looking for, please try to describe briefly why this information could be important to you
Please provide a description of tools and search methods you have been using e.g. search queries, configuration option, etc. – the amount of information provided should be sufficient for others to reproduce your results

When conducting analysis using Open Source Intelligence (OSINT), please try to establish the following:

Information about IP address ranges related to the organization
DNS enumeration
List of internal email addresses
Software used by the organization
Previous breaches
Any vulnerabilities which may be present in the IT infrastructure
Assess if the organisation was subject to the data breach of any other cybercrime.
IP Address range (check if active with ping)
Email Server (match to pastebin.com)
Operating System Type (use finger)
Hosting Provider
Staff members Phone Numbers, personal details, email addresses
Removed web pages use Google cache

Question 1

You have just joined a cyber-security company and you are about to assist one of the engineers with the preparation of security audit for two of the company customers. You have been asked to establish what digital footprint, important to security audit, can be obtained using an open source intelligence techniques.

Question 2

One of the customers mentioned in question 1, has reported that it has discovered suspicious activity on their firewall. They have asked you to obtain as much information as possible about the attackers source IP address. You have been asked to use Open Source Intelligence techniques only. Any active engagement like scanning, or social engineering is outside of the scope at the
moment.

Your target IPs are:

119.226.175.133
128.199.223.220
193.201.224.238

Reconnaissance:

Find the following if possible, Email addresses, ip addresses, software server version,

Open Source Pentesting Resources

Use the following tools in Windows:

Ping
Tracert
Nslookup , (switches) mx, ptr, ns, A, txt
Dnslookup
Use the Following tools in Kali Linux
NMAP –script-vuln
DIG
Nikto
Whois
netcraft

Awesome writing service!

Got a clean A. I had the writer revise a few areas and I’m here… Read more “Awesome writing service!”

This service is always on time

When you thought completing a 4-page in one hour was impossible and bam! your writer… Read more “This service is always on time”

Working and studying at the same time is real trouble.

I have really struggled to work to pay bills and study with all the assignments… Read more “Working and studying at the same time is real trouble.”

Way to go, EssayWriting!

With all the stuff going on, I have been doing doordash to make a living.… Read more “Way to go, EssayWriting!”