Penetration testing and mitigation of vulnerabilities windows server

Abstract

Cyber attack has become a major concern over the past few years. While the technical capability to attack has declined, hacking tools-both simple and comprehensive-are themselves evolving rapidly. Certain approaches are necessary to protect a system from cyber threats. This work engages with comprehensive penetration testing in order to find vulnerabilities in the Windows Server and exploit them. Some forms of method penetration testing have been used in this experiment, including reconnaissance probes, brute force attacks based on password guessing, implanting malware to create a backdoorfor escalating privileges, and flooding the target. This experiment was focused on gaining access in order to ascertainthe identities of hackers and thus better understand their methods and performed penetration testing to evaluate security flaws in the Windows Server, which is a famous OS for web applications. It is expected that this work will serve as aguideline for practitioners who want to prepare and protect their systems before putting them online