This project focuses on simulating a real-world cybersecurity scenario through three main phases: attacking, analyzing, and defending a vulnerable system. In Phase 1, we set up a vulnerable virtual machine (Metasploitable3) and successfully compromised a selected service using Metasploit and a custom script. In Phase 2, we analyzed the attack using a SIEM tool (Splunk) by integrating logs from victim environment to visualize and understand the attack patterns. Finally, in Phase 3, we proposed and implemented a defense mechanism to protect the targeted service, demonstrating its effectiveness by comparing the system's security before and after the defense was applied.
Note: This project was developed solely for educational purposes as part of the ICS344 course at KFUPM