This repository contains the deliverables for Cyber Security Task 1 (2026) by Future Interns.
The objective of this task was to perform a read-only vulnerability assessment of a public-facing web application and present the findings in a professional security report.
The assessment was conducted in an ethical and non-intrusive manner, focusing on identifying common security misconfigurations and weaknesses without exploiting or harming the target system.
- Website Tested: Altoro Mutual (demo web application)
- Application Type: Public-facing web application
- Assessment Type: Vulnerability Assessment (Read-Only Scope)
- Publicly accessible web pages
- Passive vulnerability scanning
- HTTP header and cookie analysis
- Network exposure analysis (port scanning)
- Configuration and information disclosure checks
- Authentication bypass
- Exploitation of vulnerabilities
- Brute-force attacks
- Denial-of-Service (DoS)
- Any action that could disrupt service availability or data integrity
The following tools were used during the assessment:
- Nmap / Zenmap β Network and port exposure analysis
- OWASP ZAP (Passive Scan) β Identification of security misconfigurations and vulnerabilities without active exploitation
- Browser Developer Tools β HTTP headers, cookies, and client-side inspection
- Canva β For pdf preparation