For this assignment, you will evaluate two password cracking tools and write a report with video presentation on how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.
Marks will be awarded based on the sophistication and the difficulties the demonstration explored.
Your task is to complete and make a video presentation and writing a report on the following:
1. Download and install (on your computer or on MIT Virtual box) any two of the password cracking tools from Table 1.
2. Outline of your presentation should include description of the tools.
3. Demonstrate how to use these tools to crack the password. Your demonstration should include:
i. Discussion on the password cracking counter Measures, and
ii. Explanation of how to use these tools to crack the password.
4. Comparison of the tools that you used in this work. Your comparison could include:
i. Time is taken to crack the password
ii. Ease of usage
5. Analyse the following scenarios and give your opinion on which of the tools that you investigated could be more suitable for these scenarios. In your analysis, please consider the following:
i. Discuss how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.
6. You should appear in the video at the first and last 30 secs to introduce yourself and draw a conclusion on your experience with the security tool.
Case Scenario: Your client is Mr. Daniel Gromer who runs a chain of clothing shops in Australia. Mr Gromer runs over 50 clothing shops in Sydney and Melbourne targeting female customers in their early twenties with moderate budget. Mr. Gromer has recently taken an interest in online business as he realized that many of his competitions have moved onto the online platforms reducing their expenditure significantly. Mr. Gromer has hired a team of web developers (located overseas) to develop and their new online shop is ready to launch in May 2019. Mr. Gromer has no IT background but he is aware of many cases where the websites were hijacked and lost fortunes alongside ruining their digital reputations.
Mr. Gromer has approached the PureHacking.com to assess his new eCommerce website and report any vulnerabilities ahead of its launch as Mr. Gromer is aware that he may get only one chance at the online success and if the website security is breached, he can face major loss in his investment.
Mr. Gromer informs: his eCommerce website is using WooCommerce plugin implemented on the WordPress website platform and the entire website is running on Linux webserver. The website developers have been using FTP to upload the website contents to the Linux webserver.