Perfored a classic vulnerability exploitation of EternerBlue utilizing offensive methods to demonstrate five phases of hacking. We evaluate the security posture of its infrastructure compared to current industry bestpractices that included an external penetration test. All testing performed is based on the ISOEH Technical Guide to InformationSecurity Testing assessment and open source exploiting frameworksand tools.
Most basic configuration is used to demonstrate this attack.
- 1 Windows 7 VM (victim)
- 1 Kali VM (attacker)
- Both connected in same lab network.
- Kali Linux = pentesting distribution
- NMAP = network scanning and system information
- NESSUS = industrial standard network scanner
- METASPLOIT = exploiting the target system