This was actually pretty fun. Having no way to really get out of my house’s ISP connection to do proper external pentesting, a long time friend of mine decided to help and wanted to learn at the same time! Obviously there had to be a discussion of permissions given for all this to go down in the event some legal issues came up, but I asked him to do this, he said lets go, and my home network got pentested!
I think the total amount of time he spent hacking away and deploying tools within my network from somewhere in the world was a good 2 weeks. He did a really good job, some stuff I explained to him from my S+ class and other things he picked up on his own from YouTube and websites explaining “how this works” with the tools he was given. No doubt, he has a lot of tools at his fingertips and in my opinion, for being a first time, he did pretty well.
The final discussion we had, were the results and researching what could be done to help secure some of this stuff. Turns out the tools he was utilizing has a lot of this stuff already documented. Walking through the steps and deploying a security check tool in the website, we found out that while we could do more, with what we did, we ended up locking up 37% of the website which is way better than 0%.
A Success and a wonderful learning experience for us both. I guess in the future I will be asking my ISP for two lines, one for self hosting and one for the home lan of which I can utilize for pentesting the self hosting line!
ncrdpN wgSOIVhU oXCLWRx ipxdPcTn