Assessment Approach
The engagement used a practical workflow: enumerate exposed services, identify high-risk weaknesses, validate exploitation safely in-lab, and report mitigation actions that reduce immediate risk.
Coursework Case Study
Sweeny Barbers Penetration Test
Conducted a full penetration test of a vulnerable Windows Server 2008 environment, validating exploitability and translating findings into prioritized remediation.
Nmap Reconnaissance
MS17-010 Exploitation
CVSS 10.0 Risk
Reconnaissance Findings
Network and service discovery showed FTP exposure and SMB attack surface on a Windows Server 2008 host.
Exploit Validation
Successfully validated EternalBlue (MS17-010) exploitability using Metasploit to demonstrate critical impact.
Defensive Remediation
Mapped findings to immediate hardening actions, including patching, service restriction, and least privilege controls.
Professional Value
- Demonstrated end-to-end penetration testing flow from reconnaissance to reporting.
- Balanced offensive validation with practical blue-team mitigation guidance.
- Built confidence in writing findings that are understandable to technical and non-technical stakeholders.
- Reinforced vulnerability prioritization based on exploitability and business impact.