This whitepaper explores the creation of a command-line interface (CLI) tool designed to automate the discovery of software vulnerabilities by mapping installed software to entries in the National Vulnerability Database (NVD). Developed using the Rapid Application Development (RAD) methodology, the tool was iteratively tested and optimized for performance, achieving a 53% decrease in runtime and significantly improving accuracy through refined search logic. The project emphasizes clean code, modular design, and scalability, allowing contributions from other developers and adaptability to multiple operating systems. With an A+ grade awarded, this work addresses the growing threat of unpatched vulnerabilities and highlights real-world applications in both personal and enterprise-level security.
This paper presents a comprehensive analysis of the infamous WannaCry ransomware, which caused global disruption by encrypting files and demanding ransom payments from victims. Using a structured methodology inspired by industry best practices, the investigation reverse engineered the malware to uncover its infection process, persistence mechanisms, and communication with command and control servers via TOR. The analysis combined static and dynamic techniques within a secure virtual environment, revealing how WannaCry exploited unpatched systems and spread rapidly across networks. The findings highlight the critical importance of timely software updates, least-privilege configurations, and robust backup strategies in defending against ransomware. The project also discusses the evolution of malware, the challenges of modern cyber defense, and recommendations for future research in malware analysis and mitigation.
This report details a comprehensive penetration test of the Astley Car Rental web application, commissioned to identify and mitigate security risks that could impact customer safety. Following the industry-standard OWASP Web Application Methodology, the assessment simulated real-world attack scenarios to uncover vulnerabilities such as SQL injection, stored cross-site scripting, and lack of traffic encryption. These weaknesses exposed sensitive user data and allowed unauthorized access to protected areas, highlighting the importance of proactive security testing. The report provides actionable recommendations for remediation, helping Astley Car Rental strengthen their application and protect both their reputation and their users. The findings emphasize the critical need for regular security assessments as web applications continue to be a primary target for cyber threats in an increasingly digital world.