0% found this document useful (0 votes)

21 views4 pages

DISA Project Report VAPT

The DISA Project Report focuses on Vulnerability Assessment and Penetration Testing (VAPT) as crucial methods for identifying and mitigating cybersecurity risks in organizations. It outlines the project's objectives, methodology, tools used, findings, and recommendations for improving security posture. Key vulnerabilities identified include SQL injection and weak password policies, with suggestions for regular VAPT exercises and strong authentication enforcement.

Uploaded by

anuradhamaheshwari85

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

21 views4 pages

DISA Project Report VAPT

Uploaded by

anuradhamaheshwari85

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

DISA Project Report - Vulnerability Assessment and Penetration Testing (VAPT)

Introduction

In today's digital environment, businesses face increasing cybersecurity threats. Vulnerability Assessment and

Penetration Testing (VAPT) are essential methodologies to identify, assess, and mitigate security risks in an

organization's IT infrastructure. This project explores VAPT techniques, tools, and implementation in a real-world

business environment.

Objectives of the Project

- To understand the methodology and importance of VAPT.

- To identify vulnerabilities in the IT infrastructure of an organization.

- To assess risk levels and provide recommendations for mitigation.

- To understand the legal and ethical framework surrounding VAPT activities.

Scope of the Project

- Assessment of a sample organization's web application and internal network.

- Identification of vulnerabilities using automated tools and manual testing.

- Suggesting appropriate remediation measures.

- Coverage limited to OWASP Top 10 and critical network vulnerabilities.

Methodology

- Planning and Scope Definition

- Information Gathering

- Vulnerability Assessment

- Penetration Testing

- Risk Analysis
DISA Project Report - Vulnerability Assessment and Penetration Testing (VAPT)

- Reporting

Tools Used

- Nmap - Network discovery and port scanning

- Nessus - Vulnerability scanning

- OpenVAS - Open-source vulnerability assessment

- Metasploit Framework - Exploitation tool

- Burp Suite - Web application penetration testing

- Nikto - Web server vulnerability scanner

Observations and Findings

1. Open SSH Port (22) - Medium Risk - Restrict SSH access using firewall rules

2. SQL Injection - High Risk - Implement input validation

3. Outdated Apache Server - High Risk - Update to latest version

4. XSS - Medium Risk - Sanitize and encode input

5. Weak Password Policy - High Risk - Enforce strong password policy

Risk Assessment Matrix

- High: SQLi, Weak Passwords, Outdated Software

- Medium: SSH Port, XSS

- Low: N/A

Recommendations

- Patch management policy to be enforced

DISA Project Report - Vulnerability Assessment and Penetration Testing (VAPT)

- Conduct regular VAPT exercises

- Train developers on secure coding practices

- Enforce strong authentication

- Deploy Web Application Firewall (WAF)

Benefits to the Client

- Improved security posture

- Mitigation of high-risk vulnerabilities

- Compliance with cybersecurity standards

- Awareness of internal and external threats

Limitations of the Project

- Limited time frame

- Partial internal system testing

- Social engineering and physical testing excluded

Conclusion

This VAPT project highlighted the importance of proactive vulnerability management. The findings indicate that

organizations must integrate security in all phases of the IT lifecycle to prevent breaches and maintain data integrity.

References

- OWASP Top 10: https://owasp.org

- NIST Cybersecurity Framework

- Tool Documentation: Nessus, Metasploit, Burp Suite

DISA Project Report - Vulnerability Assessment and Penetration Testing (VAPT)

Annexures

- Annexure A: Tool Screenshots

- Annexure B: Vulnerability Report

- Annexure C: Management Sign-off

Wa0000.
No ratings yet
Wa0000.
13 pages
EWD Camry 2006
No ratings yet
EWD Camry 2006
400 pages
Vulnerability Assessment and Penetration Testing
No ratings yet
Vulnerability Assessment and Penetration Testing
48 pages
Vulnerability Assessment and Penetration Testing VAPT 1730885750
No ratings yet
Vulnerability Assessment and Penetration Testing VAPT 1730885750
29 pages
Enhancing Web App Security with VAPT
No ratings yet
Enhancing Web App Security with VAPT
17 pages
Cyber Security Analysis Using Vulnerability Assessment and Penetration Testing
No ratings yet
Cyber Security Analysis Using Vulnerability Assessment and Penetration Testing
5 pages
Synopsis CYBER
No ratings yet
Synopsis CYBER
9 pages
Shinde2016 (Cyber Security Analysis Using Vulnerability Assessment and Penetration Testing)
No ratings yet
Shinde2016 (Cyber Security Analysis Using Vulnerability Assessment and Penetration Testing)
5 pages
Paper6 PDF
No ratings yet
Paper6 PDF
12 pages
Enterprise VAPT Solutions
No ratings yet
Enterprise VAPT Solutions
4 pages
NoteGPT AI PPT 1741797284350
No ratings yet
NoteGPT AI PPT 1741797284350
24 pages
02 Comprehensive Vulnerability Assessment and Security Scanning
No ratings yet
02 Comprehensive Vulnerability Assessment and Security Scanning
126 pages
An Analysis of Vulnerability Scanners in Web Applications For VAPT
No ratings yet
An Analysis of Vulnerability Scanners in Web Applications For VAPT
6 pages
Vulnerability Assessment and Penetration Testing
No ratings yet
Vulnerability Assessment and Penetration Testing
25 pages
Vulnerability Assessment Report: © Vista Infosec
No ratings yet
Vulnerability Assessment Report: © Vista Infosec
14 pages
VAPT
No ratings yet
VAPT
4 pages
VAPT Internship Report Full
No ratings yet
VAPT Internship Report Full
7 pages
John Doe-Coursework2 Report
No ratings yet
John Doe-Coursework2 Report
6 pages
VAPT Demo1
No ratings yet
VAPT Demo1
15 pages
I Jcs It 2014050467
No ratings yet
I Jcs It 2014050467
4 pages
Comparison of Vulnerability Assessment and Penetration Testing
No ratings yet
Comparison of Vulnerability Assessment and Penetration Testing
4 pages
Web Application VAPT Sample Report PDF CyberSapiens
No ratings yet
Web Application VAPT Sample Report PDF CyberSapiens
8 pages
Vulnerability and Penetration Testing
No ratings yet
Vulnerability and Penetration Testing
30 pages
Submitted To: Mr. Amit Kumar Singh Submitted By: Amisha Bansal (A217131523064)
No ratings yet
Submitted To: Mr. Amit Kumar Singh Submitted By: Amisha Bansal (A217131523064)
8 pages
M2 T4
No ratings yet
M2 T4
12 pages
Jishan-LAB2-Metasploit-3 Report-Merged
No ratings yet
Jishan-LAB2-Metasploit-3 Report-Merged
15 pages
VAPT Internship Report
No ratings yet
VAPT Internship Report
4 pages
Mse (Vapt)
No ratings yet
Mse (Vapt)
15 pages
Web App Security for IT Pros
No ratings yet
Web App Security for IT Pros
23 pages
Virtual Vapt Cert in Certification Datasheet
100% (1)
Virtual Vapt Cert in Certification Datasheet
11 pages
VAPT Guide For Penetration Testers - 2023
No ratings yet
VAPT Guide For Penetration Testers - 2023
39 pages
How To Perform A Vulnerability Assessment
No ratings yet
How To Perform A Vulnerability Assessment
14 pages
Practical Lab Task
No ratings yet
Practical Lab Task
3 pages
Vulnerability Assessment and Penetration Testing: January 2012
No ratings yet
Vulnerability Assessment and Penetration Testing: January 2012
5 pages
Executive Summary - Vulnerability Assessment & Penetration Testing Report
No ratings yet
Executive Summary - Vulnerability Assessment & Penetration Testing Report
4 pages
Cyber Security VAPT v1.0 Published - Compressed
100% (3)
Cyber Security VAPT v1.0 Published - Compressed
29 pages
Module 4 Assignment
No ratings yet
Module 4 Assignment
3 pages
Vulnerability Assessment & Penetration Testing
No ratings yet
Vulnerability Assessment & Penetration Testing
17 pages
Vulnerability Testing and Server Client Side Attack
No ratings yet
Vulnerability Testing and Server Client Side Attack
34 pages
Vulnerability Assesment of Owasp Juice Shop Report
No ratings yet
Vulnerability Assesment of Owasp Juice Shop Report
47 pages
Vol 7 Issue 8 M 03
No ratings yet
Vol 7 Issue 8 M 03
10 pages
Unit 1
No ratings yet
Unit 1
43 pages
Vurnerability Assesment
No ratings yet
Vurnerability Assesment
28 pages
Day2va 121130175145 Phpapp01
No ratings yet
Day2va 121130175145 Phpapp01
24 pages
Vulnerability Management Insights
No ratings yet
Vulnerability Management Insights
51 pages
Exploring Vulnerability Assessments and Penetration Testing For Robust Cybersecurity
No ratings yet
Exploring Vulnerability Assessments and Penetration Testing For Robust Cybersecurity
3 pages
Vulnerability Management
No ratings yet
Vulnerability Management
5 pages
Vishwa 3
No ratings yet
Vishwa 3
5 pages
Nciipc-Merged-Training Blue Ver 1.0
No ratings yet
Nciipc-Merged-Training Blue Ver 1.0
30 pages
Final My Cmsms
No ratings yet
Final My Cmsms
30 pages
How To VA Step-By-step
No ratings yet
How To VA Step-By-step
18 pages
JL Morission - VAPT - Proposal - REV
No ratings yet
JL Morission - VAPT - Proposal - REV
10 pages
Vol 7 Issue 8 M 03
No ratings yet
Vol 7 Issue 8 M 03
10 pages
Vulnerability Assessment Using Nessus Essentials
No ratings yet
Vulnerability Assessment Using Nessus Essentials
24 pages
Top 45+ VAPT Interview Questions and Answers
No ratings yet
Top 45+ VAPT Interview Questions and Answers
18 pages
Security Audit
No ratings yet
Security Audit
28 pages
Activity 2 - Scenario-Based Vulnerability Assessment Exercise
No ratings yet
Activity 2 - Scenario-Based Vulnerability Assessment Exercise
4 pages
Om Tej Ac STMT
No ratings yet
Om Tej Ac STMT
11 pages
DISA 3 0 Project 12 PDF 2
No ratings yet
DISA 3 0 Project 12 PDF 2
29 pages
Concurrent Audit Report - Feb
No ratings yet
Concurrent Audit Report - Feb
25 pages
March 2025 Report
No ratings yet
March 2025 Report
2 pages
Mtn66060008-Usermanual 2
No ratings yet
Mtn66060008-Usermanual 2
46 pages
Navigating Landscapes of Mediated Memory 1st Edition Paul Wilson Instant Download
100% (5)
Navigating Landscapes of Mediated Memory 1st Edition Paul Wilson Instant Download
85 pages
Module 4 - Technology For Teaching and Learning
No ratings yet
Module 4 - Technology For Teaching and Learning
39 pages
160719a0cd3011 - 29094359708
No ratings yet
160719a0cd3011 - 29094359708
2 pages
Share 'Ch05
100% (1)
Share 'Ch05
81 pages
Automobile Technology Ceylon German Technical Training Institute Moratuwa
No ratings yet
Automobile Technology Ceylon German Technical Training Institute Moratuwa
28 pages
Marine Crane Failure Analysis
100% (1)
Marine Crane Failure Analysis
27 pages
The Life and Death of Planet Earth How The New Science of Astrobiology Charts The Ultimate Fate of Our World 1st Edition Peter Ward Download
No ratings yet
The Life and Death of Planet Earth How The New Science of Astrobiology Charts The Ultimate Fate of Our World 1st Edition Peter Ward Download
51 pages
A Study On Customer Satisfaction at HDFC Bank Vijayapura
No ratings yet
A Study On Customer Satisfaction at HDFC Bank Vijayapura
85 pages
International Journal of Non-Linear Mechanics: Chiara Gastaldi, Teresa M. Berruti
No ratings yet
International Journal of Non-Linear Mechanics: Chiara Gastaldi, Teresa M. Berruti
16 pages
FREE ENERGY Tesla Secrets For Everybody
100% (9)
FREE ENERGY Tesla Secrets For Everybody
58 pages
Mrcs Part B Osce Anatomy
No ratings yet
Mrcs Part B Osce Anatomy
287 pages
Ocular Ischemic Syndrome Case Report
No ratings yet
Ocular Ischemic Syndrome Case Report
18 pages
AES DRRM Memo PASS
No ratings yet
AES DRRM Memo PASS
2 pages
Listening Starter 1
No ratings yet
Listening Starter 1
9 pages
Physics1 PDF
No ratings yet
Physics1 PDF
7 pages
Đề Khảo Sát Cuối Kỳ Ii
No ratings yet
Đề Khảo Sát Cuối Kỳ Ii
5 pages
Stress in Speech
No ratings yet
Stress in Speech
1 page
R22 BEFA All Units Questions & Answers 03-8-2024
No ratings yet
R22 BEFA All Units Questions & Answers 03-8-2024
87 pages
Pre Post Observation
100% (2)
Pre Post Observation
4 pages
Meaning and Discourse: Dr. Manjet Kaur Dr. Omer Mahfoodh
No ratings yet
Meaning and Discourse: Dr. Manjet Kaur Dr. Omer Mahfoodh
59 pages
Chapter 1 SAD
No ratings yet
Chapter 1 SAD
8 pages
Physics 107L Lab Guidelines
No ratings yet
Physics 107L Lab Guidelines
2 pages
Array Formulas
No ratings yet
Array Formulas
12 pages
SM Chalisa CH 5 - Strategic Implementation & Evaluation - Unlocked
No ratings yet
SM Chalisa CH 5 - Strategic Implementation & Evaluation - Unlocked
28 pages
Fender
No ratings yet
Fender
14 pages
Well Productivity in An Iranian Gas-Cond
No ratings yet
Well Productivity in An Iranian Gas-Cond
11 pages
Turbo Machinery Exam Results 2019
No ratings yet
Turbo Machinery Exam Results 2019
3 pages
WiFi, Working, Elements of WiFi
100% (2)
WiFi, Working, Elements of WiFi
67 pages