CTEC3410 Web Application Penetration Testing

CTEC3410 Web Application Penetration Testing
Penetration Test Coursework Specification
Web Application Penetration Testing
Please read all sections of this specification carefully before starting to work.


You may work on the pentest coursework in pairs. You must make it clear in your report who your partner is. I will assume that each partner has contributed equally unless you tell me otherwise. Include a brief appendix that describes how the work was divided. After reading this coursework specification, I strongly suggest you make yourself a check-list of the submission requirements.

Learning outcomes
On successful completion of this module the student will be able to:
1 Understand penetration testing strategies and methodologies
2 Implement penetration testing methodologies to perform a penetration test
3 Explain the role and importance of a scoping document
4 Craft a suitable technical report outlining discovered problems and suggest mitigation

Objectives
• Write a scoping document outlining what can and cannot be tested in the pentest. Include all information that is relevant.
• Analyse the given web application (via URL/port 80/port 443) for vulnerabilities.
• Produce a report describing and analysing the processes you used, the vulnerabilities you found and the exploits you used.
• Produce an executive summary summarising your findings.

Background
You have been approached by a nascent e-commerce business (BozBits PLC) who have had a web application created to support and facilitate their business. However, the business’ management has become suspicious of the quality of the application produced by a web development bureau, and have approached you, as a pentesting consultant, to conduct a web application penetration test. The business has no expertise in webtech and the CEO is technically illiterate.

Requirements

You will prepare, for signing, a scoping contract document, covering the above requirements (any other requirements you identify are for you to create).

You will then plan, execute and document a penetration test of the given web application, following a formal methodology. Which methodology you choose is up to you, but you must give a brief rationale as to why you have selected it. The report will also include details of both successful and unsuccessful tests. There should be sufficient detail for another tester to reproduce your findings.

CTEC3410 Web Application Penetration Testing Penetration Test Coursework Specification

Finally, you have to prepare an Executive Summary of your findings and the implications to the business, remembering that the target reader, the CEO, is not technically capable. Please note that the coursework is to assess your abilities in finding and documenting vulnerabilities using only port 80 and or port 443, ie via web-page forms or the address box. Platform You will need to download a compressed file (ctec3410_victim.vmware.zip) from the Lecturer drive – ie the same directory from which you downloaded the lab virtual machine. The compressed file contains a Virtual Machine which implements a complete operating system hosting a web-application accessible via a browser on port 80. You will need VM Player (or VM Workstation) to run the Virtual Machine containing the web-application. VM
Player is available to download from:
 http://downloads.vmware.com/d/info/desktop_end_user_computing/vmware_player/4_0
 https://vmware.dmu.ac.uk/

Sections
The workflow is divided into three main sections:
Process 1 – Planning
To aid in planning for the pentest, you will need to start by creating a scoping contract document that defines the shape and process of the pentest. This needs to briefly summarise the extent and limitations of the pentest. Remember that this is a legal document that gives you permission to perform the test. You will also need to select a pentest methodology. Process 2 – Implementation Your investigation may or may not discover any problems with the web-site. However, you must ensure that you have thoroughly documented all processes used in your investigations.
Process 3 – Reporting You have to submit (via Turnitin) a single PDF file containing three documents:

Scoping Contract
• Legal document outlining the expectations and limitations of the pentest. This should contain clauses that include all of the details discussed, and should be a maximum of 600 words.

Technical Report
• Brief rationale of the chosen methodology.
• The report of the implementation stage comprising:
 discussion of the processes undertaken to complete the investigation
 brief descriptions of the tools used and the commands implemented
©cfi/dmu 2
ctec3410_wapt_2021-2022_coursework-specification
CTEC3410 Web Application Penetration Testing
Penetration Test Coursework Specification
 discussion of the vulnerabilities discovered
 explanation as to how the vulnerabilities were exploited
• The technical report should be a maximum of 3000 words
 not including appendices.
 NB extra details can be included as appendices.

Executive Summary
• a brief summary of the vulnerabilities you uncovered and recommendations for mitigation, together with likely cost areas and times, couched in non-technical terms, suitable for a busy MD or CEO who is technically illiterate. This summary should be a maximum of 400 words. Submission
You have to submit the three documents as a single PDF file via the Turnitin link. Each document should be standalone, ie there can be no cross referencing between the documents. You must display the word count for each on the cover page.
• Document 1: Scoping Contract – maximum 600 words
• Document 2: Technical Report – maximum 3000 words
• Document 3: Executive Summary – maximum 400 words
The Technical Report document will include (as a minimum) an introduction, summary and reference/bibliography. Ensure all imported/referenced material is correctly cross-referenced with a recognised methodology. Diagrams/screenshots should also be labelled and
referenced. See the Coursework Specification Coversheet document for date and time of submission.

Notes
• Read this specification in conjunction with the marking scheme, available as a
separate document.
• Always attempt to implement exploits against any vulnerability you discover.
• Make copious notes of everything that you do. It will make writing the report easier.
You should include these notes as an appendix to your report document.
• Take screenshots as you progress. Use these to illustrate your report.
• Credit will only be given for exploits accessed via ports 80 and/or 443.
• If you work as a pair, only one of you needs to submit a the report.
◦ However, you must make it very clear with whom you completed the work.
NB There is an assumption that each partner has contributed equally. If this is not the case,
please include an appendix to your report detailing who has done what.
After reading this coursework specification, I strongly suggest you make yourself a checklist of the submission requirements.
©cfi/dmu 3
ctec3410_wapt_2021-2022_coursework-specification

Order Now

Get expert help for CTEC3410 Web Application Penetration Testing Assignment and many more. 100% safe, Plag free, Order Online Now!

No Fields Found.
Universal Assignment (December 5, 2024) CTEC3410 Web Application Penetration Testing. Retrieved from https://universalassignment.com/ctec3410-web-application-penetration-testing/.
"CTEC3410 Web Application Penetration Testing." Universal Assignment - December 5, 2024, https://universalassignment.com/ctec3410-web-application-penetration-testing/
Universal Assignment July 9, 2022 CTEC3410 Web Application Penetration Testing., viewed December 5, 2024,<https://universalassignment.com/ctec3410-web-application-penetration-testing/>
Universal Assignment - CTEC3410 Web Application Penetration Testing. [Internet]. [Accessed December 5, 2024]. Available from: https://universalassignment.com/ctec3410-web-application-penetration-testing/
"CTEC3410 Web Application Penetration Testing." Universal Assignment - Accessed December 5, 2024. https://universalassignment.com/ctec3410-web-application-penetration-testing/
"CTEC3410 Web Application Penetration Testing." Universal Assignment [Online]. Available: https://universalassignment.com/ctec3410-web-application-penetration-testing/. [Accessed: December 5, 2024]

Please note along with our service, we will provide you with the following deliverables:

Please do not hesitate to put forward any queries regarding the service provision.

We look forward to having you on board with us.

Most Frequent Questions & Answers

Universal Assignment Services is the best place to get help in your all kind of assignment help. We have 172+ experts available, who can help you to get HD+ grades. We also provide Free Plag report, Free Revisions,Best Price in the industry guaranteed.

We provide all kinds of assignmednt help, Report writing, Essay Writing, Dissertations, Thesis writing, Research Proposal, Research Report, Home work help, Question Answers help, Case studies, mathematical and Statistical tasks, Website development, Android application, Resume/CV writing, SOP(Statement of Purpose) Writing, Blog/Article, Poster making and so on.

We are available round the clock, 24X7, 365 days. You can appach us to our Whatsapp number +1 (613)778 8542 or email to info@universalassignment.com . We provide Free revision policy, if you need and revisions to be done on the task, we will do the same for you as soon as possible.

We provide services mainly to all major institutes and Universities in Australia, Canada, China, Malaysia, India, South Africa, New Zealand, Singapore, the United Arab Emirates, the United Kingdom, and the United States.

We provide lucrative discounts from 28% to 70% as per the wordcount, Technicality, Deadline and the number of your previous assignments done with us.

After your assignment request our team will check and update you the best suitable service for you alongwith the charges for the task. After confirmation and payment team will start the work and provide the task as per the deadline.

Yes, we will provide Plagirism free task and a free turnitin report along with the task without any extra cost.

No, if the main requirement is same, you don’t have to pay any additional amount. But it there is a additional requirement, then you have to pay the balance amount in order to get the revised solution.

The Fees are as minimum as $10 per page(1 page=250 words) and in case of a big task, we provide huge discounts.

We accept all the major Credit and Debit Cards for the payment. We do accept Paypal also.

Popular Assignments

ECON20001 Assignment #2

Assignment #2 Due Monday September 30th 2pm AEST The assignment is marked out of 25 points. The weight for each part is indicated following the question text. Style requirements: This assignment requires the submission of a spreadsheet. Please keep THREE decimal places in your answers and include your spreadsheet as

Read More »

RES800 Assessment 1 – Research Question and Literature Review

Subject Title Business Research Subject Code RES800 Assessment Title Assessment 1 – Research Question and Literature Review Learning Outcome/s     Utilise critical thinking to analyse managerial problems and formulate relevant research questions and a research design   Apply research theories and methodologies to assist in developing a business research

Read More »

Assessment Task 2 Health advocacy and communication plan

Assessment Task 2 Health advocacy and communication plan Rationale and multimedia plan presentation Submission requirements Due date and time:         Rationale: 8pm AEST Monday 23 September 2024 (Week 11) Multimedia plan presentation: 8pm AEST Monday 30 September 2024 (Study Period) % of final grade:         50% of overall grade Word limit: Time

Read More »

MLI500 Leadership and innovation Assessment 1

Subject Title Leadership and innovation Subject Code MLI500 Assessment Assessment 1: Leadership development plan Individual/Group Individual Length 1500 words Learning Outcomes LO1 Examine the role of leaders in fostering creativity and innovation LO5 Reflect on and take responsibility for their own learning and leadership development processes Submission   Weighting 30%

Read More »

FPC006 Taxation for Financial Planning

Assignment 2 Instructions Assignment marks: 95 | Referencing and presentation: 5 Total marks: 100 Total word limit: 3,000 words Weighting: 40% Download and use the Assignment 2 Answer Template provided in KapLearn to complete your assignment. Your assignment should be loaded into KapLearn by 11.30 pm AEST/AEDT on the wdue

Read More »

TCHR5001 Assessment Brief 1

TCHR5001 Assessment Brief 1 Assessment Details Item Assessment 1: Pitch your pedagogy Type Digital Presentation (Recorded) Due Monday, 16th September 2024, 11:59 pm AEST (start of Week 4) Group type Individual Length 10 minutes (equivalent to 1500 words) Weight 50% Gen AI use Permitted, restrictions apply Aligned ULOS ULO1, ULO2,

Read More »

HSH725 Assessment Task 2

turquoise By changing the Heading 3 above with the following teal, turquoise, orange or pink you can change the colour theme of your CloudFirst CloudDeakin template page. When this page is published the Heading 3 above will be removed, but it will still be here in edit mode if you wish to change the colour theme.

Read More »

Evidence in Health Assessment 2: Evidence Selection

Evidence in Health Assessment 2: Evidence Selection Student name:                                                                    Student ID: Section 1: PICO and search strategy Evidence Question: Insert evidence question from chosen scenario here including all key PICO terms.       PICO Search Terms                                                                                                                                                                                                          Complete the following table.   Subject headings Keywords Synonyms Population  

Read More »

Assessment 1 – Lesson Plan and annotation

ASSESSMENT TASK INFORMATION: XNB390 Assessment 1 – Lesson Plan and annotation This document provides you with information about the requirements for your assessment. Detailed instructions and resources are included for completing the task. The Criterion Reference Assessment (CRA) Marking Matrix that XNB390 markers will use to grade the assessment task

Read More »

XNB390 Task 1 – Professional Lesson Plan

XNB390 Template for Task 1 – Professional Lesson Plan CONTEXT FOR LESSON: SOCIAL JUSTICE CONSIDERATIONS: Equity Diversity Supportive Environment UNIT TITLE:    TERM WEEK DAY TIME 1   5           YEAR/CLASS STUDENT NUMBERS/CONTEXT LOCATION LESSON DURATION         28 Children (chl): 16 boys; 12

Read More »

A2 Critical Review Assignment

YouthSolutions Summary The summary should summarise the key points of the critical review. It should state the aims/purpose of the program and give an overview of the program or strategy you have chosen. This should be 200 words – included in the word count. Critical analysis and evaluation Your critical

Read More »

PUN364 – Workplace activity Assignment

Assessment 1 – DetailsOverviewFor those of you attending the on-campus workshop, you will prepare a report on the simulated simulated inspection below. For those of you who are not attending, you will be required to carry out your own food business inspection under the supervision of a suitably qualified Environmental

Read More »

FPC006 Taxation for Financial Planning

Assignment 1 Instructions Assignment marks: 95 | Referencing and presentation: 5 Total marks: 100 Total word limit: 3,600 words Weighting: 40% Download and use the Assignment 1 Answer Template provided in KapLearn to complete your assignment. Your assignment should be loaded into KapLearn by 11.30 pm AEST/AEDT on the due

Read More »

Mental health Nursing assignment

Due Aug 31 This is based on a Mental health Nursing assignment Used Microsoft word The family genogram is a useful tool for the assessment of individuals, couples, and families.  It can yield significant data and lead to important, new patient understandings and insights as multigenerational patterns take shape and

Read More »

Assessment 2: Research and Policy Review

Length: 2000 words +/- 10% (excluding references)For this assessment, you must choose eight sources (academic readings and policy documents) as the basis of your Research and Policy Review. You must choose your set of sources from the ‘REFERENCES MENU’ on the moodle site, noting the minimum number of sources required

Read More »

HSN702 – Lifespan Nutrition

Assessment Task: 2 Assignment title: Population Nutrition Report and Reflection Assignment task type: Written report, reflection, and short oral presentation Task details The primary focus of this assignment is on population nutrition. Nutritionists play an important role in promoting population health through optimal nutritional intake. You will be asked to

Read More »

Written Assessment 1: Case Study

Billy a 32-year-old male was admitted to the intensive care unit (ICU) with a suspected overdose of tricyclic antidepressants. He is obese (weight 160kg, height 172cm) and has a history of depression and chronic back pain for which he takes oxycodone. On admission to the emergency department, Paramedics were maintaining

Read More »

Assessment Task 8 – Plan and prepare to assess competence

Assessment Task 8 – Plan and prepare to assess competence Assessment Task 8 consists of the following sections: Section 1:      Short answer questions Section 2:      Analyse an assessment tool Section 3:      Determine reasonable adjustment and customisation of assessment process Section 4:      Develop an assessment plan Student Instructions To complete this

Read More »

Nutrition Reviews Assignment 2 – Part A and Part B

This assignment provides you with the opportunity to determine an important research question that is crucial to address based on your reading of one of the two systematic reviews below (Part A). You will then develop a research proposal outlining the study design and methodology needed to answer that question

Read More »

NUR332 – TASK 3 – WRITTEN ASSIGNMENT

NUR332 – TASK 3 – WRITTEN ASSIGNMENT for S2 2024. DESCRIPTION (For this Task 3, the word ‘Indigenous Australians’, refers to the Aboriginal and Torres Strait Islander Peoples of Australia) NUR332 Task 3 – Written Assignment – Due – WEEK 12 – via CANVAS on Wednesday, Midday (1200hrs) 16/10/2024. The

Read More »

NUR100 Task 3 – Case study

NUR100 Task 3 – Case study To identify a key child health issue and discuss this issue in the Australian context. You will demonstrate understanding of contemporary families in Australia. You will discuss the role of the family and reflect on how the family can influence the overall health outcomes

Read More »

NUR 100 Task 2 Health Promotion Poster

NUR 100 Task 2 Health Promotion Poster The weighting for this assessment is 40%. Task instructions You are not permitted to use generative AI tools in this task. Use of AI in this task constitutes student misconduct and is considered contract cheating. This assessment requires you to develop scholarship and

Read More »

BMS 291 Pathophysiology and Pharmacology CASE STUDY

BMS 291 Pathophysiology and Pharmacology CASE STUDY Assessment No: 1 Weighting: 40% Due date Part A: midnight Friday 2nd August 2024 Due date Part B: midnight Sunday 29th September 2024 General information In this assessment, you will develop your skills for analysing, integrating and presenting information for effective evidence-based communication.

Read More »

Assessment Task: Health service delivery

Assessment Task Health service delivery is inherently unpredictable. This unpredictability can arise from, for example, the assortment of patient presentations, environmental factors, changing technologies, shifts in health policy and changes in division leadership. It can also arise from changes in policy within an organisation and/or associated health services that impact

Read More »

LNDN08002 Business Cultures Resit Assessment

LNDN08002 Business Cultures Resit Assessment Briefing 2023–2024 (Resit for Term 1) Contents Before starting this resit, please: 1 Assessment Element 1: Individual Report 1 Case Report Marking Criteria. 3 Assessment Element 2: Continuing Personal Development (CPD) 4 Guidance for Assessment 2: Reflection and Reflective Practice. 5 Student Marking Criteria –

Read More »

Assessment Task 2 – NAPLAN Exercise

Assessment Task 2 (35%) – Evaluation and discussion of test items Assessment Task 2 (35%) – Evaluation and discussion of test items AITSL Standards: This assessmeAITSL Standards: This assessment provides the opportunity to develop evidence that demonstrates these Standards: 1.2        Understand how students learn 1.5        Differentiate teaching to meet with

Read More »

EBY014 Degree Tutor Group 2 Assignment

  Assignment Brief Module Degree Tutor Group 2 Module Code EBY014 Programme BA (Hons) Business and Management with   Foundation Year Academic Year 2024/2025 Issue Date 6th May 2024 Semester Component Magnitude Weighting Deadline Learning outcomes assessed 2 1 2000 words Capstone Assessment 100% 26th July, 2024 1/2/3/4 Module Curriculum

Read More »

Can't Find Your Assignment?

Open chat
1
Free Assistance
Universal Assignment
Hello 👋
How can we help you?