Cybersecurity
MegaCorpOne
Penetration Test Report
[DarkArchLabs], LLC
, Confidentiality Statement
This document contains confidential and privileged information from MegaCorpOne Inc. (henceforth
lnerability testing methodology to assess all relevant web applications, networks, and systems in
scope.
MegaCorpOne has outlined the following objectives:
Table 1: Defined Objectives
Objective
Find and exfiltrate any sensitive information within the domain.
Escalate privileges to domain administrator.
Compromise at least two machines.
known as MegaCorpOne). The information contained in this document is confidential and may
constitute inside or non-public information under international, federal, or state laws. Unauthorized
forwarding, printing, copying, distribution, or use of such information is strictly prohibited and may be
unlawful. If you are not the intended recipient, be aware that any disclosure, copying, or distribution
of this document or its parts is prohibited.
2
, Table of Contents
Confidentiality Statement 2
Contact Information 4
Document History 4
Introduction 5
Assessment Objective 5
Penetration Testing Methodology 6
Reconnaissance 6
Identification of Vulnerabilities and Services 6
Vulnerability Exploitation 6
Reporting 6
Scope 7
Executive Summary of Findings 8
Grading Methodology 8
Summary of Strengths 9
Summary of Weaknesses 9
Executive Summary Narrative 10
Summary Vulnerability Overview 11
Vulnerability Findings 12
MITRE ATT&CK Navigator Map 13
3
, Contact Information
Company Name [Dark Arch Labs, LLC
Contact Name [Allen Doggett]
Contact Title Penetration Tester
Contact Phone 555.224.2411
Contact Email [allen]@[DAL.com
Document History
Version Date Author(s) Comments
001 01/01/2021 [Allen]
4
MegaCorpOne
Penetration Test Report
[DarkArchLabs], LLC
, Confidentiality Statement
This document contains confidential and privileged information from MegaCorpOne Inc. (henceforth
lnerability testing methodology to assess all relevant web applications, networks, and systems in
scope.
MegaCorpOne has outlined the following objectives:
Table 1: Defined Objectives
Objective
Find and exfiltrate any sensitive information within the domain.
Escalate privileges to domain administrator.
Compromise at least two machines.
known as MegaCorpOne). The information contained in this document is confidential and may
constitute inside or non-public information under international, federal, or state laws. Unauthorized
forwarding, printing, copying, distribution, or use of such information is strictly prohibited and may be
unlawful. If you are not the intended recipient, be aware that any disclosure, copying, or distribution
of this document or its parts is prohibited.
2
, Table of Contents
Confidentiality Statement 2
Contact Information 4
Document History 4
Introduction 5
Assessment Objective 5
Penetration Testing Methodology 6
Reconnaissance 6
Identification of Vulnerabilities and Services 6
Vulnerability Exploitation 6
Reporting 6
Scope 7
Executive Summary of Findings 8
Grading Methodology 8
Summary of Strengths 9
Summary of Weaknesses 9
Executive Summary Narrative 10
Summary Vulnerability Overview 11
Vulnerability Findings 12
MITRE ATT&CK Navigator Map 13
3
, Contact Information
Company Name [Dark Arch Labs, LLC
Contact Name [Allen Doggett]
Contact Title Penetration Tester
Contact Phone 555.224.2411
Contact Email [allen]@[DAL.com
Document History
Version Date Author(s) Comments
001 01/01/2021 [Allen]
4
