A collection of hands-on penetration testing and vulnerability assessment labs demonstrating practical offensive security skills. These labs cover network enumeration, vulnerability scanning, exploitation techniques, social engineering, and remediation documentation across enterprise environments.
- Network Enumeration — Host discovery, port scanning, service identification
- Vulnerability Scanning — Identifying security weaknesses across multiple platforms
- Exploitation Techniques — Leveraging vulnerabilities using industry-standard frameworks
- Reconnaissance & Footprinting — Information gathering and target profiling
- Social Engineering — Understanding human-based attack vectors
- Phishing Detection — Identifying and analyzing phishing attempts
- Remediation Documentation — Mapping findings to actionable security improvements
| Tool | Purpose |
|---|---|
| Nmap | Network discovery and security auditing |
| Metasploit | Penetration testing framework for exploitation |
| Wireshark | Network protocol analysis and packet capture |
- Performed comprehensive network reconnaissance
- Conducted port scans to identify open services
- Detected operating systems and service versions
Conducted vulnerability assessments across multiple platforms:
- ✅ Windows Workstations
- ✅ Linux Servers
- ✅ Domain Controllers
- ✅ Wireless Access Points (WAPs)
- ✅ Security Appliances
- Conducted passive and active reconnaissance
- Gathered target intelligence for penetration testing engagements
- Mapped network topology and identified high-value targets
- Analyzed social engineering attack vectors
- Understood human vulnerability in security chains
- Documented defense strategies against social attacks
- Analyzed phishing email samples
- Identified indicators of compromise in suspicious emails
- Developed detection strategies for email-based threats
- Installed and configured Wireshark
- Captured and analyzed network traffic
- Identified protocols and potential security issues
penetration-testing-labs/
├── README.md
├── docs/
│ ├── Reconnaissance and Scanning Lab.docx
│ ├── Vulnerabilities Scans Labs.docx
│ ├── Hands_On_Lab_Footprinting_Oni.docx
│ ├── Social Engineering Lab.docx
│ ├── Hands_On_Lab_Ethics_in_IT_and_Detecting_Phishing_E-Mails_Oni.docx
│ └── Installing WireShark.docx
└── screenshots/
└── [Lab screenshots]
- Understanding of the penetration testing methodology (reconnaissance → scanning → exploitation → reporting)
- Hands-on experience with industry-standard security tools
- Ability to identify, document, and recommend fixes for security vulnerabilities
- Experience scanning enterprise environments with diverse system types
Daniel Oni
M.S. Cybersecurity — Southern Methodist University
LinkedIn | GitHub
This repository documents hands-on security lab work. All testing was performed in controlled, authorized lab environments for educational purposes.