We are 2 young students at the University of Limoges - M2 CRYPTIS.
This blog is the recipe for our advanced project work entitled "Technical audit of a partner’s network security" that took over 3 months and is part of the implementation of the knowledge gained from our courses in security and network administration and systems.
This project is a real need to strengthen the security of the infrastructure of our partner. And due to the nature of highly secure and confidential work in our target, we conducted to sign an administrative agreement with the responsible, which required us to put in place a real pirate work without disclosure or exploitation of the detected vulnerabilities, or running intensive scans without notice and approval of the network administrator.
Having any information on the network and service infrastructure of the laboratory except the name of public domain "traget.fr" and the legal obligations mentioned above, we are faced with a technical audit and penetration test-called "Black Box "on the public portion of our partner.
Initially this blog presents the work we have done in this project. In the first part we will collect the maximum information related to our target. Then, we will try all possible vulnerabilities. Then, we continue by exploiting a few minor vulnerabilities (While respecting the signed agreement).
No comments:
Post a Comment