June 14, 2025

Vulnerability Management Lab

This project simulates a vulnerability management workflow in a local Windows environment using open-source tools and manual patching

🛠️ Overview

Vulnerability Management Lab is a hands-on project that simulates a real-world vulnerability management workflow within a Windows domain environment. Utilizing open-source tools and manual patching techniques, this lab demonstrates the process of identifying, prioritizing, remediating, and validating vulnerabilities.

Alt text

🔗 Github Repository

View the full project on Github

🔍 Key Objectives

  • Simulate a realistic Windows domain environment with common vulnerabilities
  • Perform authenticated scans using Nessus
  • Apply manual patches and validate remediation
  • Document the entire vulnerability management lifecycle

🔐 Lab Highlights

  • Deployment of three virtual machines:
    • DC: Windows Server 2016 configured as a Domain Controller
    • CLIENT01: Windows 10 client machine
    • CLIENT02: Windows 10 client machine
  • Networked environment with domain configuration
  • Use of Nessus for vulnerability scanning
  • Manual patching using Windows Update and PowerShell
  • Documentation of scan results and remediation steps

🔄 Workflow Summary

  1. Deploy and configure VMs
  2. Perform initial vulnerability scans with Nessus
  3. Analyze and prioritize identified vulnerabilities
  4. Apply patches manually
  5. Rescan to confirm remediation

🧰 Tools & Technologies

  • Virtualization: VMware / VirtualBox
  • Operating Systems: Windows Server 2016, Windows 10, Ubuntu
  • Vulnerability Scanning: Nessus Essentials
  • Patching & Remediation: Windows Update, PowerShell
  • Documentation: Scan results, Screenshots

⚠️ Disclaimer

This project is intended for educational purposes only. All activities should be conducted in a controlled and isolated environment.

Table of Contents