Vulnerability assesment and penetration testing of web application

Abstract

The advancement of technology has led to increased cyber-attacks. Companies need a lot of resources to defend against hackers and ensure that their systems are secure, but new exploits and vulnerabilities continue to be discovered. The best way to defend against cyber-attacks is penetration testing. Through penetration testing the organization is able to identify the vulnerabilities before the hackers exploit them. Penetration testing gives companies an opportunity to fix the vulnerabilities in their systems before they are exploited. In this thesis penetration testing is discussed and the different types of penetration testing. The thesis performs penetration testing on Metasploitable 2 identifying the vulnerabilities and finally exploit the vulnerabilities using different open-source tools and coming up with recommendations that can be applied to protect the IT infrastructure from cyber-attacks