Audit report generated by RidgeBot

Meta Pen-test

Jul 28, 2020 at 11:00

Executive Summary

Total number of targets: 2

Task Name Start Time End Time Total Time Status
Meta Pen-test Jul 27, 2020 at 17:26 Jul 28, 2020 at 11:00 17.0 hours and 34.0 minutes Success

Total Health Score Policy: Minimum Score 60

Critical
Excellent
60
6

In this task, we have tested 1 IPs and 1 web servers, the Total Health Score of the target system is 6, this score is based on 100 scale.It is a comprehensive evaluation based on multiple factors such as percentage of vulnerability, attack surface, encrypted traffic etc. This test system is considered as in a "risky" condition with the score of 6.The vulnerability found on each asset can be found in "Asset Detail".

RidgeBot successfully performed 11 exploits. These 11 exploited risks are critical and require immediate attention. It means a real hacker can easily achieve the same result. In the "Exploit Details", we provided information on how RidgeBot attacked - path, techniques and actions etc for security team to replicate and fix the issue.

Among 11 exploits, 82% "Credentials" was compromised; 18 "shell" access was gained

Exploit Results by Type

Risk Weighted Assessment

Verified Exploits

Exploited

11

Vulnerability

Vulnerabilities

High

365

Low

15

Medium

114

Total number of targets: 2
Number of active assets: 1
Number of active Domains: 1
Number of attack surface(s): 820
Understanding the health and risk charts

In addition, RidgeBot found 365 high vulnerabilities, 114 medium and 15 low vulnerabilities. These vulnerabilities are possible risks, it might be exploitable, however it may take bigger risk or larger efforts for a hacker. It shall be attended to achieve a comprehensive defense system. Please refer to the "Vulnerability Details" for more information and remediation suggestion.

Configuration at a glance

System Template Customized Template Plugins Selected Scan Type Scraping Mode Attack Mode
Full Scan N/A 59728 Host and Web Crawling Targeted
Plugin Type OS Type Severity Risk
  • Development Framework (259)
  • Database (4108)
  • IOT (439)
  • Web Application (46)
  • Host (45454)
  • Virtualization (341)
  • Web Server/Middleware (3166)
  • Network Devices (3983)
  • CMS (1756)
  • Big Data Platform (177)
  • Windows (2593)
  • All (23986)
  • Other (3983)
  • MacOS (174)
  • Linux (28992)
  • Info (4624)
  • High (17421)
  • Medium (13867)
  • Low (23816)
  • Service Crash (116)
  • None (59349)
  • Data Impacted (208)
  • System Crash (55)

Asset Details

IP OS Type EXPLOITED HIGH MEDIUM LOW
192.168.105.200 11 11 12 2
Domain IP EXPLOITED HIGH MEDIUM LOW
http://192.168.105.200 0 354 102 13

Type

11 Critical Business Risks

Vulnerability Details

365 High Vulnerabilities

114 Medium Vulnerabilities

15 Low Vulnerabilities