Lab Challenges
Lab Challenges
Personalized Web Application Penetration Testing (DVWA Lab)
Objective: exploit common web vulnerabilities on the Damn Vulnerable Web Application (DVWA) to understand and demonstrate mitigation techniques. I performed reconnaissance, input validation bypass, and SQL injection testing across DVWA’s security levels, capturing and analyzing traffic with Burp Suite and Wireshark to observe payload delivery and server responses; tools used included Kali Linux, Burp Suite, OWASP ZAP, SQLMap, and Wireshark. Key lessons learned: proper input sanitization and use of prepared statements are essential to prevent injection attacks, and combining application-layer testing with network monitoring provides deeper visibility for detection and remediation.
Active Directory Privilege Escalation Lab
Objective: simulate lateral movement and privilege escalation within a controlled Windows domain environment. I compromised low-level user credentials through password spraying and leveraged misconfigurations to escalate privileges using PowerView, Mimikatz, and BloodHound, while documenting each stage of post-exploitation and persistence. Tools used included PowerView, Mimikatz, BloodHound, CrackMapExec, and Windows Server. Key lessons learned: weak permissions and poor credential management enable privilege escalation, while privilege auditing and PowerShell logging are critical for proactive detection.
Password Cracking & Credential Security (CTF Challenge)
Objective: recover compromised passwords from leaked hashes to demonstrate the risks of weak authentication practices. I performed brute-force and dictionary attacks using Hashcat and John the Ripper on various hashing algorithms (MD5, SHA1, bcrypt), benchmarking the impact of password complexity and salting on cracking time. Tools used included Hashcat, John the Ripper, Crunch, and Kali Linux. Key lessons learned: enforcing complex passwords and implementing salting and hashing significantly strengthen authentication, while user education remains vital in maintaining password hygiene.