Compare and contrast Blackbox, Greybox and Whitebox penetration testing

Compare and contrast Blackbox, Greybox and Whitebox penetration testing. What legal and ethical issues do penetration testers face in the United Kingdom?

Compare and contrast Blackbox, Greybox and Whitebox penetration testing

  Penetration Testing Assessment

Task 1
1.    Compare and contrast Blackbox, Greybox and Whitebox penetration testing [5 marks]
2.    What legal and ethical issues do penetration testers face in the United Kingdom? [10 marks]
3.    You have been tasked with penetration testing an Apache Linux server. Choose an appropriate penetration testing standard (sometimes called a “methodology”), and critically discuss its appropriateness for your penetration test. You should discuss why you have chosen one standard/methodology over another. [10 marks]

Task 2
1. Explain the following nmap commands and the expected output: nmap –sn –v –reason –PS 192.168.0.0/24 [5 marks]

2. Discuss the following shell commands and their uses in regards to penetration testing. In your answer, screenshot examples of you executing these commands and very briefly explain the output [5 marks].
Firstly, ping
Secondly, arp
Thirdly, netstat
whois
Further,  dig

3. Create a script called my_new_dig.sh that utilises the provided dig_google.com.txt file to create a script that prompts the user to perform the following tasks:

Obtains all the unique IP addresses sorted in ascending numerical order.
Obtains all the unique name servers in alphabetical order.
Your script should take as arguments the dig_google.com.txt file and a user-specified output file name to save the output of your script. An example of how your script should execute from the shell is shown below:
./my_new_dig.sh dig_google.com.txt output.txt

Your script should also:

·         Provide an adequate level of input validation. For example, if the user enters ‘3’ as an option (an invalid option) they should be prompted to enter a valid input.
·         Remove leading white space from any lines of text. You will need to research sed and/or awk in order to achieve this.
·         Additionally, Append the date and time to the bottom of the file you created.
[15 marks]
Submission
Place your complete script as an appendix, as plain text, to your overall report and submit the my_new_dig.sh file along with your overall submission when uploading your final submission to Canvas.
That means you are submitting TWO files to Canvas. The first being your textual answers to Task 1 and Task 2 with the script as an appendix AND your shell script (.sh) file.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *