🛡️ Ethical Hacking & Penetration Testing Lab Report

Hands-on labs covering OSINT, Recon, Exploitation, Web App Attacks & VAPT using Kali Linux.

---

⚙️ Setup

VM	Oracle VirtualBox 7.2.6
Attacker	Kali Linux
Target	Metasploitable 2
Web Target	DVWA

---

📁 Practicals

🔍 Recon & OSINT

#	Tool	What
4	Whois	Domain registration lookup
5	Dig	DNS records (A, MX, NS, TXT)
6	TheHarvester	Emails, subdomains, IPs
11	Shodan	Internet-connected device search
13	Dnsenum	DNS info gathering
20	Nmap + Dig + Whois	Full info gathering on Metasploitable

🔎 Scanning & Enumeration

#	Tool	What
1	Nmap	Host discovery, port scan, OS detect
9	Sublist3r	Subdomain enumeration
10	Dirbuster	Hidden directory brute-force
14	Gobuster	Hidden files & directories

🔑 Password Attacks

#	Tool	What
3	John the Ripper	Hash cracking (SHA1, SHA512)
12	Hydra	Brute-force on Metasploitable

🌐 Web App Attacks

#	Tool	What
2	Wireshark	Packet capture, cleartext creds
7	Zphisher	Phishing / fake login page
8	Burp Suite Intruder	Sniper, Cluster Bomb on VulnWeb
16	Burp Suite	Brute-force DVWA (Medium security)
17	DVWA	Reflected XSS
18	DVWA	File Inclusion (LFI/RFI)
19	DVWA	Command Injection
21	DVWA	Stored XSS
22	DVWA + Hashcat	SQL Injection + hash crack
23	DVWA	Upload Vulnerability
24	DVWA + Hashcat	Blind SQLi + hash crack

💥 Exploitation

#	Tool	What
15	Metasploit	SMB, SSH, FTP, Telnet exploitation

---

🧰 Tools Used

Nmap · Wireshark · John the Ripper · Hashcat · Whois · Dig · TheHarvester · Zphisher · Burp Suite · Sublist3r · Dirbuster · Shodan · Hydra · Dnsenum · Gobuster · Metasploit · DVWA

---

⚠️ Disclaimer

All labs were done on intentionally vulnerable machines in a local environment. Don't use any of this on systems you don't own or have permission to test.