# Fundamentals of Penetration Testing Methodology Guide
> Learn penetration testing basics: footprinting, reconnaissance, and vulnerability scanning using Kali Linux and Metasploitable 2 in a lab environment.

Tags: penetration-testing, cybersecurity, information-security, kali-linux, vulnerability-scanning, network-security, educational
## Penetration Testing Methodology Overview
- Simulation of real-world attack scenarios to identify security weaknesses.
- Focus on reconnaissance, information gathering, and vulnerability scanning in a controlled environment.

## Virtual Lab Setup
- **Host OS:** Windows
- **Attacker Machine:** Kali Linux
- **Target Machine:** Metasploitable 2
- **Network:** Isolated Host-Only Network

## Footprinting & Reconnaissance
- **Whois Lookup:** Gathering domain registration and contact details.
- **DNS Footprinting:** Using `nslookup` and `dig` for MX records and IP resolution.
- **Network Enumeration:** Using Nmap to detect live hosts and open ports.
- **Social Engineering (OSINT):** Gathering tech stack and employee info from public sources like LinkedIn.

## Technical Findings: Port Scanning
- **TCP 21 (FTP):** Potential unencrypted file transfer.
- **TCP 22 (SSH):** Secure shell remote access.
- **TCP 23 (Telnet):** Insecure administration protocol.
- **TCP 80 (HTTP):** Web services.
- **TCP 3306 (MySQL):** Database service accessible from network.
- **TCP 5900 (VNC):** Remote desktop access.

## Vulnerability Assessment
- **Database Enumeration:** Found MySQL on default port 3306, susceptible to SQL injection.
- **SNMP Enumeration:** Revealed OS details and process lists without strong authentication.
- **Nessus Scan Results:** 
  - **Critical:** 2
  - **High:** 5
  - **Medium:** 7
  - **Key Issues:** Outdated services, weak authentication, and default configurations.
---
This presentation was created with [Bobr AI](https://bobr.ai) — an AI presentation generator.