From 65d3eeec080bfc8af3bb4aad395827f41f7c93bf Mon Sep 17 00:00:00 2001 From: Zouhair AMAZZAL Date: Sat, 24 Aug 2024 15:00:14 +0300 Subject: [PATCH] CON-3103 docs(pentest-kit) improve the subject quality --- subjects/cybersecurity/pentest-kit/README.md | 6 ++++-- subjects/cybersecurity/pentest-kit/audit/README.md | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/subjects/cybersecurity/pentest-kit/README.md b/subjects/cybersecurity/pentest-kit/README.md index a3cd76b80..8cdd26ef4 100644 --- a/subjects/cybersecurity/pentest-kit/README.md +++ b/subjects/cybersecurity/pentest-kit/README.md @@ -6,11 +6,11 @@ ### Introduction: -Penetration testing (pen-testing) is a critical process in cybersecurity, involving the use of specialized tools to identify and exploit vulnerabilities in systems and networks. Pentest tools are essential for conducting thorough security assessments, helping to safeguard against potential threats. +Penetration testing (Pentesting) is a critical process in cybersecurity, involving the use of specialized tools to identify and exploit vulnerabilities in systems and networks. Pentest tools are essential for conducting thorough security assessments, helping to safeguard against potential threats. ### Objective: -Using a programming language from your choice you will create a a multi-functional tool for penetration testing, similar to popular security tools like `Nmap`, and `Dirsearch`. This project aims to give hands-on experience in understanding and developing security tools and building a practical toolkit for various pen-testing tasks. +Using a programming language from your choice you will create a multi-functional tool for penetration testing, similar to popular security tools like `Nmap`, and `Dirsearch`. This project aims to give hands-on experience in understanding and developing security tools and building a practical toolkit for various Pentesting tasks. By completing this project, You will: @@ -64,6 +64,8 @@ You will develop the following tools: 4. **HeaderGrabber:** - Implement a tool that retrieves and analyzes HTTP headers from a web server. +> All the tools must be built from scratch. Calling existing or external CLI will not be considered a valid solution in the audit! + #### Input Handling: Each tool should accept the relevant input parameters, such as IP addresses, URLs, and port ranges. diff --git a/subjects/cybersecurity/pentest-kit/audit/README.md b/subjects/cybersecurity/pentest-kit/audit/README.md index 97c019004..413035594 100644 --- a/subjects/cybersecurity/pentest-kit/audit/README.md +++ b/subjects/cybersecurity/pentest-kit/audit/README.md @@ -99,6 +99,10 @@ $> pentestkit -g http://example.com -o result4.txt 4. **Usability:** Are the tools user-friendly and well-documented? +> You can compare the results of the student's tool with another tool to to prove the output match with the expected one if needed! + +###### Are all the tools implemented from scratch? Can you confirm that no external CLI are called to perform the checks described in the subject? + ###### Did the tool design and implementation align with all the project requirements above? ###### Were the students able to implement functional and reliable tools that meet the project requirements?