Академический Документы
Профессиональный Документы
Культура Документы
Assignment Overview
This assignment will contribute 50% towards the incoure marks and consists of one
individual task and one group task as follows:
Section A:
This section is an individual research on latest techniques on ethical hacking and
penteration testing and carries 60% of total assessment marks. Each student should select a unique
title in related domains such as:
Each student is requeired to conduct a research and provide a report on any recent technique, tool
or framework that may used by ethical hackers in any of afformentioed domains. The report must
be typed with Times New Roman font and size 12 with maximum length of 3000 words (excluding
diagrams, appendixes and references) in different subsections as follows:
1. Introduction to the technique/tool/framework that you have selected
2. Create scenario to explain the attack nature if its needed.
3. Impact of the selected technique/tool/framework on the security
4. General functionality of selected technique/tool/framework
5. Step by step tutorial on how to use technique/tool/framework
6. Critical analysis of technique/tool/framework and any countermeasure if applicable.
WARNING: DO NOT try the aforementioned tools or techniques on real systems! You should
test and create your tutorials by using Isolated/Testbed environments such as VMWare,
Metasploitable, DVWA, and etc.)
Section B:
This section is Group task focuses on vulnerability assessment and carries 40% of total
marks. Vulnerability scanning identifies vulnerabilities and weaknesses of a system and network
in order to determine how a system can be exploited. The students provided with a Windows and
Linux OS in a virtual machine format. Each group must use proper scanning tool and
methodologies to locate and remediate vulnerabilities in the given operating systems. In addition
it is required to provide detailed reports as follows:
*Windows Machine:
1- List of discovered vulnerabilities and findings
2- Select six top vulnerabilities and briefly explain them.
3- Select one of the vulnerabilities and explain in details.
4- Use any exploit or technique to hack into the target by using selected vulnerability.
Patch the vulnerability and countermeasure the attack.
*Linux Machine:
1- Linux IP Address. Describe the tool used for identifying the IP Address.
2- List of Open Port(s).
3- List of vulnerabilities (OS or Web Application).
4- Select one of the critical vulnerabilities and explain in detail.
5- Use any exploit or technique to hack into the target by using selected vulnerability.
6- Escalate the user privilege to root.
(Hint: Remember how important the robots.txt is.)
Guidelines for the Report
Document the results of your work in a professional and systematic manner, in the form of a
computerized report. One (1) softcopy and hardcopy of your documentation is to be submitted.
Submission requirements
2. Your report must be typed using Microsoft Word with Times New Roman font. You need use
to include a word count at the end of the report (excluding title, source code of program &
contents pages) Report should be in 1.5 spaces.
3. The report has to be well presented and should be typed. Submission of reports that are
unprofessional in its outlook (dirty, disorganized, inconsistent look, varying colored paper and
size) will not fair well when marks are allocated.
4. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper. Paper weight of
80 grams and above is highly recommended.
5. The report should have a one (1”) margin all around the page as illustrated below:
1 inch 1 inch
1 inch
1 inch
The Typed Text
1 inch
1 inch
1 inch 1 inch
6. Every report must have a front cover. A transparent plastic sheet can be placed in front of the
report to protect the front cover. The front cover should have the following details:-
a) Name
b) Intake code.
c) Subject.
d) Project Title.
e) Date Assigned (the date the report was handed out).
f) Date Completed (the date the report is due to be handed in).
7. All information, figures and diagrams obtained from external sources must be referenced using
the Harvard referencing system accordingly.
8. Marking Scheme
Student Name
Section A
Introduction to the selected category (5)
Nobility (15)
Impact (5)
Functionality (10)
Critical Analysis (15)
Presentation (10)
Total Marks (out of 60)
Section B
Windows Machine
List of discovered vulnerabilities and findings (2)
Select six top vulnerabilities and briefly explain them (2)
Select one of the vulnerabilities and explain in details (6)
Use any exploit or technique to hack into the target by
using selected vulnerability. Patch the vulnerability and
countermeasure the attack. (10)
Linux Machine
Linux IP Address (2)
List of Open Port (2)
List of vulnerabilities (OS or Web Application) (2)
Select one of the critical vulnerabilities and explain in
detail (4)
Use any exploit or technique to hack into the target by
using selected vulnerability (5)
Escalate the user privilege to root (5)
Total Marks (out of 40)