Penetration Test Demonstration
A 150+ hour project simulating real-world cyber attacks inside a virtual network built with GNS3 — followed by security hardening and mitigation strategies.
Objectives
Demonstrate real-world network penetration attacks in a simulated environment.
Research and implement security strategies to prevent further attacks.
Project Overview
A virtual network was built in GNS3, with services and hosts configured to simulate a real-world environment. Three distinct cyber attacks were executed against the network — each targeting different vulnerabilities. After testing, the systems were patched, hardened, and retested.
Attack 01
Denial-of-Service
A SYN flood DoS attack was launched against a webserver, crashing it and making it inaccessible.
View writeup →
Attack 02
Brute-force with Hydra
Hydra was used to crack webserver credentials via brute-force against an FTP service vulnerability.
View writeup →
Attack 03
Metasploit Exploit
The Metasploit Framework was used to exploit service vulnerabilities and open a reverse shell session.
View writeup →
Defense
Attack Mitigation
Security solutions were implemented post-testing: password policies enforced, configurations applied, and ACLs established.
View writeup →
All sections