CTEC3410 Web Application Penetration Testing

CTEC3410 Web Application Penetration Testing
Penetration Test Coursework Specification
Web Application Penetration Testing
Please read all sections of this specification carefully before starting to work.

You may work on the pentest coursework in pairs. You must make it clear in your report who your partner is. I will assume that each partner has contributed equally unless you tell me otherwise. Include a brief appendix that describes how the work was divided. After reading this coursework specification, I strongly suggest you make yourself a check-list of the submission requirements.

Learning outcomes
On successful completion of this module the student will be able to:
1 Understand penetration testing strategies and methodologies
2 Implement penetration testing methodologies to perform a penetration test
3 Explain the role and importance of a scoping document
4 Craft a suitable technical report outlining discovered problems and suggest mitigation

• Write a scoping document outlining what can and cannot be tested in the pentest. Include all information that is relevant.
• Analyse the given web application (via URL/port 80/port 443) for vulnerabilities.
• Produce a report describing and analysing the processes you used, the vulnerabilities you found and the exploits you used.
• Produce an executive summary summarising your findings.

You have been approached by a nascent e-commerce business (BozBits PLC) who have had a web application created to support and facilitate their business. However, the business’ management has become suspicious of the quality of the application produced by a web development bureau, and have approached you, as a pentesting consultant, to conduct a web application penetration test. The business has no expertise in webtech and the CEO is technically illiterate.


You will prepare, for signing, a scoping contract document, covering the above requirements (any other requirements you identify are for you to create).

You will then plan, execute and document a penetration test of the given web application, following a formal methodology. Which methodology you choose is up to you, but you must give a brief rationale as to why you have selected it. The report will also include details of both successful and unsuccessful tests. There should be sufficient detail for another tester to reproduce your findings.

CTEC3410 Web Application Penetration Testing Penetration Test Coursework Specification

Finally, you have to prepare an Executive Summary of your findings and the implications to the business, remembering that the target reader, the CEO, is not technically capable. Please note that the coursework is to assess your abilities in finding and documenting vulnerabilities using only port 80 and or port 443, ie via web-page forms or the address box. Platform You will need to download a compressed file (ctec3410_victim.vmware.zip) from the Lecturer drive – ie the same directory from which you downloaded the lab virtual machine. The compressed file contains a Virtual Machine which implements a complete operating system hosting a web-application accessible via a browser on port 80. You will need VM Player (or VM Workstation) to run the Virtual Machine containing the web-application. VM
Player is available to download from:
 http://downloads.vmware.com/d/info/desktop_end_user_computing/vmware_player/4_0
 https://vmware.dmu.ac.uk/

The workflow is divided into three main sections:
Process 1 – Planning
To aid in planning for the pentest, you will need to start by creating a scoping contract document that defines the shape and process of the pentest. This needs to briefly summarise the extent and limitations of the pentest. Remember that this is a legal document that gives you permission to perform the test. You will also need to select a pentest methodology. Process 2 – Implementation Your investigation may or may not discover any problems with the web-site. However, you must ensure that you have thoroughly documented all processes used in your investigations.
Process 3 – Reporting You have to submit (via Turnitin) a single PDF file containing three documents:

Scoping Contract
• Legal document outlining the expectations and limitations of the pentest. This should contain clauses that include all of the details discussed, and should be a maximum of 600 words.

Technical Report
• Brief rationale of the chosen methodology.
• The report of the implementation stage comprising:
 discussion of the processes undertaken to complete the investigation
 brief descriptions of the tools used and the commands implemented
©cfi/dmu 2
CTEC3410 Web Application Penetration Testing
Penetration Test Coursework Specification
 discussion of the vulnerabilities discovered
 explanation as to how the vulnerabilities were exploited
• The technical report should be a maximum of 3000 words
 not including appendices.
 NB extra details can be included as appendices.

Executive Summary
• a brief summary of the vulnerabilities you uncovered and recommendations for mitigation, together with likely cost areas and times, couched in non-technical terms, suitable for a busy MD or CEO who is technically illiterate. This summary should be a maximum of 400 words. Submission
You have to submit the three documents as a single PDF file via the Turnitin link. Each document should be standalone, ie there can be no cross referencing between the documents. You must display the word count for each on the cover page.
• Document 1: Scoping Contract – maximum 600 words
• Document 2: Technical Report – maximum 3000 words
• Document 3: Executive Summary – maximum 400 words
The Technical Report document will include (as a minimum) an introduction, summary and reference/bibliography. Ensure all imported/referenced material is correctly cross-referenced with a recognised methodology. Diagrams/screenshots should also be labelled and
referenced. See the Coursework Specification Coversheet document for date and time of submission.

• Read this specification in conjunction with the marking scheme, available as a
separate document.
• Always attempt to implement exploits against any vulnerability you discover.
• Make copious notes of everything that you do. It will make writing the report easier.
You should include these notes as an appendix to your report document.
• Take screenshots as you progress. Use these to illustrate your report.
• Credit will only be given for exploits accessed via ports 80 and/or 443.
• If you work as a pair, only one of you needs to submit a the report.
◦ However, you must make it very clear with whom you completed the work.
NB There is an assumption that each partner has contributed equally. If this is not the case,
please include an appendix to your report detailing who has done what.
After reading this coursework specification, I strongly suggest you make yourself a checklist of the submission requirements.
©cfi/dmu 3

Order Now

Get expert help for CTEC3410 Web Application Penetration Testing Assignment and many more. 100% safe, Plag free, Order Online Now!

No Fields Found.
Universal Assignment (October 2, 2023) CTEC3410 Web Application Penetration Testing. Retrieved from https://universalassignment.com/ctec3410-web-application-penetration-testing/.
"CTEC3410 Web Application Penetration Testing." Universal Assignment - October 2, 2023, https://universalassignment.com/ctec3410-web-application-penetration-testing/
Universal Assignment July 9, 2022 CTEC3410 Web Application Penetration Testing., viewed October 2, 2023,<https://universalassignment.com/ctec3410-web-application-penetration-testing/>
Universal Assignment - CTEC3410 Web Application Penetration Testing. [Internet]. [Accessed October 2, 2023]. Available from: https://universalassignment.com/ctec3410-web-application-penetration-testing/
"CTEC3410 Web Application Penetration Testing." Universal Assignment - Accessed October 2, 2023. https://universalassignment.com/ctec3410-web-application-penetration-testing/
"CTEC3410 Web Application Penetration Testing." Universal Assignment [Online]. Available: https://universalassignment.com/ctec3410-web-application-penetration-testing/. [Accessed: October 2, 2023]

Please note along with our service, we will provide you with the following deliverables:

Please do not hesitate to put forward any queries regarding the service provision.

We look forward to having you on board with us.


Get 90%* Discount on Assignment Help

Most Frequent Questions & Answers

Universal Assignment Services is the best place to get help in your all kind of assignment help. We have 172+ experts available, who can help you to get HD+ grades. We also provide Free Plag report, Free Revisions,Best Price in the industry guaranteed.

We provide all kinds of assignmednt help, Report writing, Essay Writing, Dissertations, Thesis writing, Research Proposal, Research Report, Home work help, Question Answers help, Case studies, mathematical and Statistical tasks, Website development, Android application, Resume/CV writing, SOP(Statement of Purpose) Writing, Blog/Article, Poster making and so on.

We are available round the clock, 24X7, 365 days. You can appach us to our Whatsapp number +1 (613)778 8542 or email to info@universalassignment.com . We provide Free revision policy, if you need and revisions to be done on the task, we will do the same for you as soon as possible.

We provide services mainly to all major institutes and Universities in Australia, Canada, China, Malaysia, India, South Africa, New Zealand, Singapore, the United Arab Emirates, the United Kingdom, and the United States.

We provide lucrative discounts from 28% to 70% as per the wordcount, Technicality, Deadline and the number of your previous assignments done with us.

After your assignment request our team will check and update you the best suitable service for you alongwith the charges for the task. After confirmation and payment team will start the work and provide the task as per the deadline.

Yes, we will provide Plagirism free task and a free turnitin report along with the task without any extra cost.

No, if the main requirement is same, you don’t have to pay any additional amount. But it there is a additional requirement, then you have to pay the balance amount in order to get the revised solution.

The Fees are as minimum as $10 per page(1 page=250 words) and in case of a big task, we provide huge discounts.

We accept all the major Credit and Debit Cards for the payment. We do accept Paypal also.

Popular Assignments

Foundations of Communication Assessment 2 Instructions

Discussion task (Total grade – 10%)   Process Work (Steps to complete the task) Answer on the Assessment 2 Submission Document – Do not upload this instruction document. Requirements (important elements to include) lastname_firstname_studentID_COMS_Assess 2_semester_year. Process for Assessment discussion tasks NOTE: If you do not participate in the class discussions then

Read More »

Assessment Two Dos and Don’ts (Internal)

Do: Read the assessment instructions carefully Read the marking rubric carefully Understand the question – break it down Conduct research – record the reference details Read the topic materials about communication theories, forms and factors and refer to them Contribute to the discussions in class or no marks for the

Read More »

Unpacking the Question: Assessment Two

Studying at university requires you to become familiar with strategies to un-pack or breakdown a variety of assessment questions/tasks throughout your studies.  Task Example of integrating the discussion, research and theories. In the group discussion my group members (name them) stated that an advertisement for a beauty product would most

Read More »

MGMT0001 Introduction to Commerce Assessment

MGMT0001 Introduction to Commerce Assessment 2 (worth 30%) Due date:                  2:00pm (AWST) Friday 15th September 2023 Submission:              Via Turnitin assessment submission link (see ‘Assessment 2’ folder in ‘Assessments’ section of Blackboard). Additional Instructions: Part A (42 marks) Nathan is a well-known chef with years of experience cooking various cuisines. After

Read More »

ACCT5011: Accounting Systems in the Digital Age

Practical Assignment Guide, Semester 2, 2023 Due Date for Submission: Monday 11th September 2023 at 5.00 PM Please note that the Folio Assignment for ACCT5011 Accounting Systems in the Digital Age is an individual assessment task worth 30% of your total marks in the unit. Please refer to the online

Read More »

EC229- Review session

Assume two cities, A and B, that can’t trade between them. Each city produces its own coconuts for its local market. If suddenly trade is possible then: D) As we saw in class, the new price will be somewhere between the original price 𝑃_𝐴,𝑃_𝐵. Hence it is impossible for consumers

Read More »

Computing Theory COSC

Computing Theory COSC 1107/1105 Assignment 1: Fundamentals Assessment Type Individual assignment. Submit online via Canvas → As- signments → Assignment 1. Marks awarded for meeting re- quirements as closely as possible. Clarifications/updates may be made via announcements/relevant discussion forums. Due Date Week 6, Sunday 27th August 2023, 11:59pm Marks 125

Read More »

BE279 Applied Statistics and Forecasting

Strategy, Operations, & Entrepreneurship Group Essex Business School Module Code BE279 Module Title Applied Statistics and Forecasting Assessment Type Individual Report (2,000 word) Academic Year 2022/23, Spring Term Submission Deadline Refer to FASER Task Specific Guidance Please note that: Module Learning Outcomes On successful completion of the module, students will

Read More »

Learning Design Tool: Little Learners Level 1 sounds

Learning Design Tool: Little Learners Level 1 sounds. Prepared by Sara Hart Date 30th August, 2023 (feel free to leave this date as it is the AT2 due date) Brief description of Learning Design   Chooseit Maker: Create, edit and play personalised learning activities that can be used in your

Read More »


HUMN1041 PEOPLE, PLACE AND SOCIAL DIFFERENCE ASSIGNMENT 1 TEMPLATE This assignment is made up of three (3) parts, plus a reference list and appendix. Marks are allocated for each section, as follows: – 1 mark Please ensure that you provide your answers in this template, and provide a Reference list

Read More »

Model 3 Launch in Australia

Client Information Company Name Tesla Contact Name   Email   Phone Number   Address Level 14, 15 Blue St. North Sydney, NSW 2060 Australia Ad link & image Project Information Project Title Model 3 Launch in Australia Project Description (100 words) Highlight the uniqueness of the car. Show the superior

Read More »

MKT10009 Marketing and the Consumer Experience

School of Business, Law and Entrepreneurship Assessment Task – Assignment 2  MKT10009 Marketing and the Consumer Experience Semester 2, 2023. Assessment Type Analytical Report Associated Unit Learning Outcomes (ULO’s) 2, 3, 4 Group or Individual task Individual Value (%) 25% Due Date Monday 20th September at 10:00 AET – Enterthis

Read More »

ASSIGNMENT – 1st Evaluation

ASSIGNMENT – 1st Evaluation Date of Submission- 4TH SEP 2023 25 MARKS COMPARATIVE PUBLIC LAW Q. You are the new Central Minister for Urban Development who is keen to make major Indian cities as smart cities. You visit different countries like USA, UK, European Countries, Japan and other developed countries

Read More »

Corporate & Financial Due Diligence Report

[Name of the company] Note: Students should keep in mind that application of legal provisions (including Securities Regulations) and analysis of the same is important. Merely putting the facts and figures won’t fetch even a decent mark. Note: Students should only mention the broad area of business. This part should

Read More »

ECON1000 S2 2023 – Marking Guidance and FAQs on GTP

Students will be marked on the extent to which they specifically answer the question and provide clear, logical, well-reasoned and sufficient explanations. Here is a summary breakdown of how marks are allocated in this GTP: Part 1 [15 marks] §  Providing relevant observations from the information provided in the articles

Read More »

ECON1000 S2 2023 – GTP Brief

ECON1000 S2 2023 – GTP Brief A.  Context and Overview The Game Theory Presentation (GTP) is worth 30% of the final mark. GTP is a ‘take-home’ exercise with a set of tasks to do. The GTP is based on Lecture Topics: L1 and L2. You will have twenty (21) days

Read More »

Order #35042 Human Rights Research Essay

Draft due 26th Aug 2,500 words (excluding references and bibliography) Instructions: Structure: Title – The Tigray War: A Critical Analysis of What the Future Holds for Human Rights in the Region What can be done to ensure human rights violations will cease and be prosecuted? Expand on different actors and

Read More »

PMC1000: Applied Pathology

Assessment Task Sheet: Poster Presentation Date: Thursday 31st August 2023 | Weighting: 30% Assessment Task 2 You are required to develop a handout style resource (pamphlet or brochure) on a selected pathological condition which is aimed at first year student paramedics. You will need to use high quality peer reviewed

Read More »

Detailed Information: Reflective Assignment

Indigenous Peoples, Law and Justice Detailed Information: Reflective Assignment Due Date:                   Tuesday 5th September 2023 at 4:00 pm (AWST). Marks:                       30% of the total marks for this unit. Assignment:              The assignment will comprise two questions. Students must answer all parts of both questions. Examinable topics: The cultural immersion exercise and/or

Read More »

Indigenous Peoples, Law and Justice

Indigenous Peoples, Law and Justice Reflective Assignment Questions Instructions: The assignment comprises two questions. Students must answer all parts of both questions. Question 1: The proposed Referendum Question is asking Australians whether the Voice should be established. What is meant by the Voice? In May 2019, Professor Anne Twomey, an

Read More »

Cultural immersion activity

Context of Carrolup To support fellow Australian and truth telling. Third space = a spiritual an mental place, meeting point of many cultures all over the world to communicate and feel safe to merge thought and aspects of everyone’s individual culture to create a sense of what they want the

Read More »

High-Fidelity Mockup Design for a Employer / Company  Review Platform

Demo Task: High-Fidelity Mockup Design for a Employer / Company  Review Platform Project Overview: You are tasked with designing high-fidelity mockups for a  Employer / Company  review platform that serves both employers and employees/users. The platform’s goal is to provide a space where employees can share their experiences and opinions

Read More »


ASSESSMENT COVER SHEET (Please ensure this cover sheet is completed and attached on top of each assessment) QUALIFICATION CODE AND TITLE:  Certificate IV in Commercial Cookery UNIT CODE: BSBSUS401               TITLE: IMPLEMENT AND MONITOR ENVIRONMENTALLY SUSTAINABLE WORK PRACTICES               Student Number   Student Name   Assessor Name   Assessment Name and

Read More »

Data Analysis and Findings

Qualitative data analysis technique called thematic analysis includes reading the data collection and looking for patterns in the meaning of the data to determine the theme. Making sense of the data is an active reflexive process in which the researcher’s personal experience is important. On Instagram, though, any company can

Read More »

PHE5STL: Systems Thinking and Leadership

Assessment 2: Complex problem briefing paper instructions and submission link PHE5STL: Systems Thinking and Leadership Assessment 2: Complex, or messy, problem briefing paper Assignment type Briefing paper/policy advising paper Weighting 20% Word count / length 1,500 words Note: The word count does not included references however does include in-text citations

Read More »

Assessment 1 Week-6: UML Modelling for a shopping mall

Assessment 1(    ) Information and Rubric Subject Code  ICT505 Subject Name  Software Development Assessment Number and Title  Assessment 1 Week-6: UML Modelling for a shopping mall Assessment Type Lab Activity Length / Duration  45 Minutes Weighting %  10% Total Marks  100 Submission Online Submission Due Date Week-6 (Sunday 23:59) Mode

Read More »

The Geopolitical, Economic and Legal Environment  

Faculty of Business and Law Assignment Brief Mode E and R Regulations Module Title: The Geopolitical, Economic and Legal Environment     Assignment Number 2 Module Code: 7010SSL   Assignment Title Macro Analysis Report Module Leader: Dr. Bentil Oduro   Assignment Credits 10           Release Date:

Read More »

Paragraph Template: TEEL Structure

 With this example from the discussion board, you can see Courtney answered the question with all four elements very clearly. This gives a coherent answer using different kinds of information and academic integrity. Bias is a natural behaviour of tendency to be in favour or against something in particular. From

Read More »

Choosing the Perfect Event Theme

Choosing the Perfect Event Theme Theme selection is crucial to creating a memorable and meaningful graduation celebration for the class. This selection should reflect their accomplishments and identities. Graduation marks the end of a long period of hard work, commitment, and personal growth.  Therefore, choosing a theme that effectively captures

Read More »

Can't Find Your Assignment?

Open chat
Free Assistance
Universal Assignment
Hello 👋
How can we help you?