This project, "Network Penetration Testing and Vulnerability Assessment", was executed under the guidance of Mr. Nishchay Gaba (Senior Faculty, Cybersecurity) at SURE Trust – Innovation & Entrepreneurship Hub for Educated Rural Youth (IERY). The goal was to evaluate the security of a specified network infrastructure using black-box testing techniques and provide a detailed vulnerability analysis and remediation roadmap.
- Intern: Mr. Ritik Kumar (B.Tech, CSE)
- Duration: September 2024 – March 2025
- Mode: Remote (Black-Box Testing)
- Identify vulnerabilities in network services across a defined IP range.
- Evaluate vulnerabilities using CVSS v3 standards.
- Simulate real-world cyberattacks and validate risks.
- Provide practical, prioritized remediation strategies.
- Enhance stakeholder awareness and resilience to network threats.
The pentest followed a structured 4-phase lifecycle:
- Planning – Define scope, rules of engagement.
- Discovery – Scan, enumerate services, gather intelligence.
- Attack/Exploitation – Confirm vulnerabilities through controlled exploitation.
- Reporting – Deliver technical findings, risk analysis, and mitigation plans.
- Nmap – Network scanner for discovery and port analysis.
- Metasploit – Exploitation framework.
- Nessus – Vulnerability scanner for system and service misconfigurations.
- Wireshark – Network protocol analyzer for packet inspection.
- Burp Suite – Intercepting proxy for web-based enumeration.
| Severity | Count | Sample Vulnerabilities |
|---|---|---|
| Critical | 6 | BlueKeep (RDP), Samba RCE, OpenSSH PKCS#11, HTTP login over plain text |
| High | 9 | Anonymous file upload, Admin page exposure, VSFTPD DoS |
| Medium | 6 | XSS in blog, MySQL privilege escalation, Apache partial request DoS |
| Low | 2 | Anonymous FTP, OpenSSH authentication confusion |
- Patch & Upgrade outdated software (OpenSSH, Samba, Exim, etc.).
- Disable unnecessary services (FTP, SNMPv1, unsecured RDP).
- Enforce encryption (HTTPS, SFTP, SNMPv3).
- Use IDS/IPS for real-time threat detection.
- Implement strict access control (IP whitelisting, firewalls, strong auth).
- Regular vulnerability assessments and monitoring.
- Detailed Vulnerability Report
- CVSS Risk Matrix
- Exploit Demonstrations & PoC
- Remediation Plan
- GitHub Repository & Architecture Overview
- Stakeholder Presentation
- Gained hands-on experience in real-world VAPT.
- Deep understanding of network-based vulnerabilities.
- Practical application of OWASP and CVE frameworks.
- Developed secure configurations and best practices.
- Incorporate white-box testing and config# Network Penetration Testing Project
This project, "Network Penetration Testing and Vulnerability Assessment", was executed under the guidance of Mr. Nishchay Gaba (Senior Faculty, Cybersecurity) at SURE Trust – Innovation & Entrepreneurship Hub for Educated Rural Youth (IERY). The goal was to evaluate the security of a specified network infrastructure using black-box testing techniques and provide a detailed vulnerability analysis and remediation roadmap.
- Intern: Mr. Ritik Kumar (B.Tech, CSE)
- Duration: September 2024 – March 2025
- Mode: Remote (Black-Box Testing)
- Identify vulnerabilities in network services across a defined IP range.
- Evaluate vulnerabilities using CVSS v3 standards.
- Simulate real-world cyberattacks and validate risks.
- Provide practical, prioritized remediation strategies.
- Enhance stakeholder awareness and resilience to network threats.
The pentest followed a structured 4-phase lifecycle:
- Planning – Define scope, rules of engagement.
- Discovery – Scan, enumerate services, gather intelligence.
- Attack/Exploitation – Confirm vulnerabilities through controlled exploitation.
- Reporting – Deliver technical findings, risk analysis, and mitigation plans.
- Nmap – Network scanner for discovery and port analysis.
- Metasploit – Exploitation framework.
- Nessus – Vulnerability scanner for system and service misconfigurations.
- Wireshark – Network protocol analyzer for packet inspection.
- Burp Suite – Intercepting proxy for web-based enumeration.
| Severity | Count | Sample Vulnerabilities |
|---|---|---|
| Critical | 6 | BlueKeep (RDP), Samba RCE, OpenSSH PKCS#11, HTTP login over plain text |
| High | 9 | Anonymous file upload, Admin page exposure, VSFTPD DoS |
| Medium | 6 | XSS in blog, MySQL privilege escalation, Apache partial request DoS |
| Low | 2 | Anonymous FTP, OpenSSH authentication confusion |
- Patch & Upgrade outdated software (OpenSSH, Samba, Exim, etc.).
- Disable unnecessary services (FTP, SNMPv1, unsecured RDP).
- Enforce encryption (HTTPS, SFTP, SNMPv3).
- Use IDS/IPS for real-time threat detection.
- Implement strict access control (IP whitelisting, firewalls, strong auth).
- Regular vulnerability assessments and monitoring.
- Detailed Vulnerability Report
- CVSS Risk Matrix
- Exploit Demonstrations & PoC
- Remediation Plan
- GitHub Repository & Architecture Overview
- Stakeholder Presentation
- Gained hands-on experience in real-world VAPT.
- Deep understanding of network-based vulnerabilities.
- Practical application of OWASP and CVE frameworks.
- Developed secure configurations and best practices.
- Incorporate white-box testing and configuration reviews.
- Expand testing to cloud infrastructure and APIs.
- Introduce automation for continuous security assessment.
- OWASP Security Resources
- NVD Vulnerability Database
- SANS Institute Guidelines
- Exim, Apache, OpenSSH Security Advisories
Project part of the Cybersecurity Skill Development Program by SURE Trust to empower rural youth with practical industry knowledge.