Share 
## https://sploitus.com/exploit?id=01330BA9-9AFB-5AA8-A3E2-3AB2FE216993
# Vulnerability Assessment โ€” Metasploitable 2

A end-to-end vulnerability assessment conducted against a controlled lab environment, documented in consulting-style deliverables. This project demonstrates a structured four-phase VA methodology including automated scanning, manual verification, controlled exploitation, and professional reporting.

---

## Project Overview

| Parameter | Detail |
|---|---|
| **Target** | Metasploitable 2 (192.168.121.130) |
| **Assessor Host** | Kali Linux (192.168.121.129) |
| **Environment** | Isolated VirtualBox lab โ€” no production systems involved |
| **Assessment Type** | Vulnerability Assessment + Controlled Proof-of-Concept Exploitation |
| **Fictional Client** | TechCorp Solutions Ltd. |
| **Date** | June 2026 |

---

## Tools Used

| Tool | Purpose |
|---|---|
| Nessus Essentials | Automated vulnerability scanning |
| Nmap 7.98 | Port scanning, service enumeration, vuln scripts |
| Metasploit Framework | Controlled proof-of-concept exploitation |
| Firefox | Manual web application testing |

---

## Key Results

**72 vulnerabilities identified. 4 confirmed exploitable.**

| Severity | Count |
|---|---|
| Critical | 10 |
| High | 7 |
| Medium | 26 |
| Low | 9 |
| Informational | 140 |

### Confirmed Exploits

| CVE | Service | Tool | Result |
|---|---|---|---|
| CVE-2011-2523 | vsftpd 2.3.4 (FTP) | Metasploit | Root shell |
| CVE-2010-2075 | UnrealIRCd (IRC) | Metasploit | Root shell |
| N/A | VNC default credential | Metasploit | Login successful |
| N/A | Mutillidae SQL injection | Manual | Error-based injection + info disclosure |

---

## Repository Structure

```
vulnerability-assessment-metasploitable2/
โ”‚
โ”œโ”€โ”€ report/
โ”‚   โ”œโ”€โ”€ executive-summary.md          # One-page business summary
โ”‚   โ”œโ”€โ”€ methodology.md                # Assessment approach and phases
โ”‚   โ”œโ”€โ”€ findings-register.md          # All 43 actionable findings with CVSS scores
โ”‚   โ”œโ”€โ”€ remediation-roadmap.md        # Prioritized remediation across 3 phases
โ”‚   โ””โ”€โ”€ rules-of-engagement.md        # Authorized scope and testing boundaries
โ”‚
โ”œโ”€โ”€ scans/
โ”‚   โ””โ”€โ”€ nmap-vuln-scan.txt            # Full nmap NSE vulnerability script output
โ”‚
โ”œโ”€โ”€ screenshots/
โ”‚   โ”œโ”€โ”€ 01-ping-confirmation.png
โ”‚   โ”œโ”€โ”€ 02-nessus-dashboard.png
โ”‚   โ”œโ”€โ”€ 03-scan-running.png
โ”‚   โ”œโ”€โ”€ 04-nmap-service-scan.png
โ”‚   โ”œโ”€โ”€ 05-nmap-vuln-scripts.png
โ”‚   โ”œโ”€โ”€ 06a-nessus-summary.png
โ”‚   โ”œโ”€โ”€ 06b-nessus-summary.png
โ”‚   โ”œโ”€โ”€ 06c-nessus-summary.png
โ”‚   โ”œโ”€โ”€ 06d-nessus-summary.png
โ”‚   โ”œโ”€โ”€ 07-msfconsole-launch.png
โ”‚   โ”œโ”€โ”€ 08-vsftpd-exploit.png
โ”‚   โ”œโ”€โ”€ 09-unrealircd-exploit.png
โ”‚   โ”œโ”€โ”€ 10-sqli-mutillidae.png
โ”‚   โ””โ”€โ”€ 11-vnc-default-credential.png
โ”‚
โ””โ”€โ”€ README.md
```

---

## Assessment Phases

**Phase 1 โ€” Scoping and Authorization**
Defined scope, established Rules of Engagement, confirmed network connectivity.

**Phase 2 โ€” Vulnerability Scanning**
Nmap service enumeration (23 open ports identified) followed by Nessus Basic Network Scan (72 findings returned in 17 minutes).

**Phase 3 โ€” Manual Verification**
Nmap NSE vulnerability scripts used to independently confirm top findings and eliminate false positives before escalating to exploitation.

**Phase 4 โ€” Controlled Exploitation**
Four pre-authorized targets exploited using Metasploit to confirm real-world exploitability. Exploitation limited to initial access confirmation โ€” no post-exploitation, persistence, or lateral movement conducted.

---

## Learner Context

This project was conducted in a controlled lab environment using Metasploitable 2, an intentionally vulnerable virtual machine designed for security training. The target is not representative of a modern production environment โ€” Ubuntu 8.04 reached end of life in 2013 and contains over a decade of unpatched vulnerabilities by design.

The value of this project is not the findings themselves but the methodology applied: structured scoping, multi-tool verification, controlled exploitation with documented evidence, and consulting-style reporting in business language.

All exploitation was conducted in an isolated VirtualBox network. No real systems were affected.

---

## Related Portfolio Projects

This project is part of a broader GRC and AI security portfolio:

- [AI GRC Risk Register](https://github.com/Dhanya93)
- [ISO 27001:2022 Gap Analysis](https://github.com/Dhanya93)
- [AI Vendor Risk Assessment](https://github.com/Dhanya93)
- [EU AI Act Compliance Gap Analysis](https://github.com/Dhanya93)
- [AI Governance Framework](https://github.com/Dhanya93)
- [AI Inventory Register](https://github.com/Dhanya93)

---

## Contact

**Dhanya M. Sam**
AI Analyst
- Email: dhanya.dms2025@gmail.com
- LinkedIn: [linkedin.com/in/dhanya-m-sam](https://linkedin.com/in/dhanya-m-sam)
- GitHub: [github.com/Dhanya93](https://github.com/Dhanya93)
- TryHackMe: Top 4% globally

*Certifications: CompTIA Security+, CEH v13, SC-200*