Objective: Analyze the given web application (via URL/port 80/port 443) for vulnerabilities, and produce a penetration testing report summarizing the vulnerabilities you uncovered, recommendations for mitigation, incident response plan, together with likely cost areas.
You will need to download a compressed file ([login to view URL]) from: Link will be supplied.
User details will be given.
The VM is a samurai machine with the password of samurai. The website that you need to pen test is located at [login to view URL] The scope of your pen test is limited to the website as seen to the outside world, this means that you should not look at the files directly in a terminal.
You will need VM Player (or VM Workstation) to run the Virtual Machine containing the web-application. VM Player is available to download from:
[login to view URL] (works best in IE)
You are to plan and execute a penetration testing of this web-application. You will describe the tools and techniques that you used to carry out the test.
Please note that the coursework is to assess finding vulnerabilities using only port 80 and or port 443, ie via web-page forms or the address box.