Discovering Pentesting

Context

This project aimed to explore the fundamentals of pentesting by practicing various vulnerability analysis and exploitation techniques. Through the Root Me platform, we worked on realistic scenarios to understand how security flaws can compromise systems, websites, and applications.
The approach was based on active learning: each challenge confronted us with a specific vulnerability that we had to identify, exploit, and then analyze to understand its implications. This process allowed us to develop a more critical view of cybersecurity issues and deepen our knowledge of protection mechanisms to implement.

Skills Developed

• Vulnerability analysis and understanding of different attack techniques.
• Use of specialized tools such as Burp Suite, Wireshark, and Nmap.
• Exploration and exploitation of common vulnerabilities like SQL injection, XSS, and buffer overflow.
• Handling Linux and system commands in a cybersecurity context.
• Writing scripts in Python and Bash to automate certain analyses and attacks.
• Developing a methodical approach to identify and fix security flaws.
• Strengthening skills in cryptanalysis and forensics through practical exercises.
• Improving strategic thinking in defense and system security.

This project offered us a concrete immersion in the world of offensive cybersecurity, allowing us to acquire essential skills to understand and anticipate digital threats.