This repository serves as the Proof of Work (PoW) that I completed from March 2025 to the first week of June 2025 for my College Project.
The project delves into the domain of offensive security, focusing on penetration testing practices using Kali Linux within a controlled virtual environment.
It provides a theoretical foundation of ethical hacking, highlights the essentials of Kali Linux, details the setup of a penetration testing lab using VMware Workstation and vulnerable machines from VulnHub, and also provides many reconnaissance tools.
The practical phase encompasses reconnaissance, vulnerability assessment, and exploitation of the FTP-proftpd-backdoor vulnerability of ProFTPD 1.3.3c service found within the target Ubuntu virtual machine.
I have used tools like Netdiscover, Ping, and Nmap for reconnaissance, Nmap’s vuln script for vulnerability analysis, and Metasploit Framework’s msfconsole for searching payloads, exploiting vulnerabilities, gaining a reverse shell, and then upgrading it to a Meterpreter shell for more privileges and full system access.
Through a structured and systematic approach, this report demonstrates key penetration testing methodologies, common tools, exploitation techniques, privilege escalation techniques, and mitigation suggestions. The project offers a comprehensive, hands-on perspective on identifying, analysing, and exploiting system vulnerabilities, and reinforcing the core concepts critical to the cybersecurity field.