kapy
/
public
mirror of https://github.com/01-edu/public.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CON-3103 docs(pentest-kit) improve the subject quality

This commit is contained in:
Zouhair AMAZZAL 2024-08-24 15:00:14 +03:00 committed by Zouhair AMAZZAL
parent d3b5db8460
commit 65d3eeec08
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
subjects/cybersecurity/pentest-kit/README.md
View File

@ -6,11 +6,11 @@
### Introduction:
Penetration testing (pen-testing) is a critical process in cybersecurity, involving the use of specialized tools to identify and exploit vulnerabilities in systems and networks. Pentest tools are essential for conducting thorough security assessments, helping to safeguard against potential threats.
Penetration testing (Pentesting) is a critical process in cybersecurity, involving the use of specialized tools to identify and exploit vulnerabilities in systems and networks. Pentest tools are essential for conducting thorough security assessments, helping to safeguard against potential threats.
### Objective:
Using a programming language from your choice you will create a a multi-functional tool for penetration testing, similar to popular security tools like `Nmap`, and `Dirsearch`. This project aims to give hands-on experience in understanding and developing security tools and building a practical toolkit for various pen-testing tasks.
Using a programming language from your choice you will create a multi-functional tool for penetration testing, similar to popular security tools like `Nmap`, and `Dirsearch`. This project aims to give hands-on experience in understanding and developing security tools and building a practical toolkit for various Pentesting tasks.
By completing this project, You will:
@ -64,6 +64,8 @@ You will develop the following tools:
4. **HeaderGrabber:**
- Implement a tool that retrieves and analyzes HTTP headers from a web server.
> All the tools must be built from scratch. Calling existing or external CLI will not be considered a valid solution in the audit!
#### Input Handling:
Each tool should accept the relevant input parameters, such as IP addresses, URLs, and port ranges.

4
subjects/cybersecurity/pentest-kit/audit/README.md
View File

@ -99,6 +99,10 @@ $> pentestkit -g http://example.com -o result4.txt
4. **Usability:** Are the tools user-friendly and well-documented?
> You can compare the results of the student's tool with another tool to to prove the output match with the expected one if needed!
###### Are all the tools implemented from scratch? Can you confirm that no external CLI are called to perform the checks described in the subject?
###### Did the tool design and implementation align with all the project requirements above?
###### Were the students able to implement functional and reliable tools that meet the project requirements?