Key Insight

Acquired knowledge includes:

  • Phase 1 of my project focused on reconnaissance, I gained an understanding of various tools and resources essential for gathering information about Artemis Gas INC. These tools ranged from traditional search engines like Google and Bing, used for passive reconnaissance, to specialized resources such as OSINT Framework, nslookup, and WhoIs Lookup, each providing unique insights into the company's online profile and registration information. I explored additional tools like Hurricane Electric Internet Services, Maltego, DNSDumpster, Shodan, theHarvester, Censys, Recon-ng, BuiltWith, Hunter, URL Fuzzer, and Nmmapper for tasks such as identifying IP addresses, analyzing technology stacks, discovering hidden domains, and searching for employee information on platforms like LinkedIn. I also grasped the practical applications of these tools, emphasizing their role in comprehensively mapping Artemis Gas INC's digital footprint and potential vulnerabilities.

  • Phase 2, I learned to identify targets and run scans using various tools. Nmap, a versatile network mapping tool, aids in network optimization, vulnerability testing, and port scanning. Gobuster, a brute force scanner, helps enumerate hidden directories, files, subdomains, and virtual hosts. I explored its modes, including DIR, DNS, VHOST, S3, and Fuzz. Other tools like Angry IP Scanner, Mitec Network Scanner, and Lansweeper Network Scanner were covered, each offering unique features for speed, simplicity, and comprehensive network scanning. I also examined the reasons for using these tools and their potential drawbacks, providing insights into their applications and limitations in network scanning and enumeration.

  • Phase 3, I explored various tools for identifying vulnerabilities. Key tools included Nessus, an enterprise network vulnerability scanner; OpenVAS, a free and open-source vulnerability assessment tool; Acunetix, a scalable web application vulnerability scanner; Wireshark, a packet-capturing tool for network analysis; and Burp Suite, a web penetration testing framework. I assessed each tool for features, benefits, and limitations, gaining a comprehensive understanding of their roles in vulnerability identification and mitigation.

  • Phase 4, I explored Threat Assessment, analyzing various scenarios and associated risks, remediation actions, and CVSS scores. The scenarios included vulnerabilities like an unpatched Remote Desktop Protocol (RDP) exposed to the internet, a web application susceptible to SQL Injection, default passwords on a Cisco admin portal, and more. The threats encompassed unauthorized access, data breaches, privilege escalation, and exposure of sensitive information. I gained insights into reconnaissance, exploitation, and remediation tools and techniques, focusing on technical aspects with tools like Nmap, Crowbar, and Burp Suite, as well as non-technical aspects such as patching and secure configurations. Understanding the Common Vulnerability Scoring System (CVSS) provided a quantitative measure of the severity of each scenario.

  • Phase 5.1, I created a detailed technical report for Artemis INC.'s Vulnerability Assessment. This confidential document provides a comprehensive overview of the assessment, utilizing scanning tools like Nmap, Acunetix, OpenVAS, and Burp Suite to identify vulnerabilities in Artemis's internet infrastructure. Critical findings, including high and critical risk ratings, are presented, highlighting specific vulnerabilities such as unpatched RDP exposure, SQL injection issues, default passwords, sensitive data exposure on the web server, unpatched Oracle WebLogic Server, and misconfigured security group policy on AWS cloud storage. Each vulnerability is detailed with its associated Common Vulnerability Scoring System (CVSS) score and recommended remediation actions. The report concludes with a call for Artemis INC. to promptly address and mitigate the identified vulnerabilities within a specified timeframe to prevent potential network compromise by malicious actors.

  • Phase 5.2, I compiled an executive summary for a vulnerability assessment on Artemis INC. The summary highlights critical and high-risk vulnerabilities, including issues with patch management, older network hardware, SQL injection on the main website, misconfigurations in new equipment, sensitive data exposure on the web server, and vulnerabilities in Oracle WebLogic Server and Microsoft Exchange. Recommendations emphasize prompt remediation strategies for each vulnerability to mitigate risks, stressing the importance of comprehensive actions to prevent network compromise.

Content:

About
Key Insights
Project Overview
Project Read Me
Phase 1: Reconnaissance
Phase 2: Identify Targets & Run Scans
Phase 3: Identify Vulnerabilities
Phase 4: Threat Assessment
Phase 5.1: Documentation & Reporting - Detailed Technical Report
Phase 5.2: Documentation & Reporting - Executive Summary

Project Info:

Target Company:
Artemis Gas INC.
Tool Used:
Kali Linux, Nmap, Gobuster, Angry IP Scanner, Nessus, Burp Suite, Wireshark, Acunetix, and OpenVAS
Skills:
Reconnaissance · Network Scanning and Enumeration · Vulnerability Scanning and Identification · Threat Analysis · Vulnerability and Threat Assessment · Technical Reporting and Documentation Auditing · Understanding CVSS · Cloud Security · Security Risk Analysis
Status:
Completed
Start Date:
February 2023
Repository:
GitHub
Image 1

Social

Find me on Social Media.

© 2023 Jeff Tsui

Legal Disclaimer