Cracked 6 out of 7 user password hashes from an intentionally vulnerable open-source Linux system (Metasploitable 2) using real-world password cracking techniques with tools like John the Ripper and Hashcat. This project was executed during my cybersecurity internship to simulate real-world password auditing on a compromised system.

Discovered 69 vulnerabilities (6 Critical, CVSS 10.0) on Metasploitable2 using Nessus Essentials | Full CVE analysis and remediation report

Virtual machines full of intentional security vulnerabilities. Exploit at will! Metasploitable is essentially a penetration testing lab in a box created by the Rapid7 Metasploit team.

Penetration testing and security automation toolkit integrating Nmap, Metasploit, OSINT techniques, and scripting to perform efficient network scanning, vulnerability analysis, and exploitation in controlled environments.

End-to-end Metasploitable2 vulnerability management & hardening — scans, remediation, verification

Step-by-step guide to scanning and exploiting Metasploitable2 ports with practical examples. – clear, professional, and searchable.

A documented penetration testing lab built on Kali Linux and Metasploitable2, walking through a full attack chain from network traffic analysis and service enumeration through to exploiting the vsftpd 2.3.4 backdoor (CVE-2011-2523) and achieving root access. Includes blue team detection notes and MITRE ATT&CK mapping throughout.

A comprehensive penetration testing report detailing 46 security vulnerabilities discovered during a full-scope assessment of a Metasploitable2 lab environment. Findings include Network Services, Web Applications, Privilege Escalation, and Enumeration vulnerabilities.

🛡️ Mise en place d'un laboratoire de Pentest (Sandbox VMware). Documentation complète du cycle d'attaque : de la Reconnaissance à l'Exploitation (Root) sur Metasploitable 2 via Kali Linux.