Penetration Testing (Cybersecurity)

An offensive security internship where you practise ethical hacking workflows end-to-end, with an emphasis on documentation and safe methodology.

12 weeks

12 projects

$700starting at

Program Overview

The TechPeak Lab Penetration Testing (Cybersecurity) internship is structured around scoped, time-boxed engagements. Over 12 weeks you will:\n\n- Plan and execute recon and enumeration on realistic targets.\n- Exploit common misconfigurations and vulnerabilities safely.\n- Chain findings into meaningful attack paths.\n- Produce professional pentest reports with clear remediation advice.\n\nBy the end you'll have a set of red-team style reports and repos that demonstrate structured, responsible offensive security skills.

Skills You'll Gain

Reconnaissance & enumeration

Web application testing

Network & infrastructure testing

Exploitation fundamentals

Post-exploitation & lateral movement basics

Reporting & remediation guidance

Tools & Technologies

Kali Linux

Nmap

Burp Suite

Metasploit

OWASP ZAP

Custom scripts (Python/Bash)

Internship Structure

This 12-week internship is structured around hands-on project work. Each week builds upon the previous, introducing new concepts and challenges that mirror real industry scenarios.

You'll work independently on projects, receive structured feedback, and have the opportunity to refine your work based on instructor guidance.

Projects

Week 1 project preview

Vulnerability Assessment of a Web Application

Your first penetration testing project puts you in front of a deliberately vulnerable web app. The goal is not just to find issues, but to communicate them clearly the way a professional consultant would.

Requirements

- Set up or access a safe, intentionally vulnerable web application (e.g., DVWA, Juice Shop, or similar lab). - Perform reconnaissance and vulnerability scanning using tools such as Nmap, Nikto, and OWASP ZAP. - Manually validate at least a subset of identified findings to avoid pure “tool dump” reports. - Prioritize vulnerabilities based on impact and likelihood, not just tool severity scores. - Document clear remediation recommendations that a development team could actually implement.

Deliverables

- Professional-style vulnerability assessment report that includes an executive summary, methodology, detailed findings, and remediation steps. - Appendix with raw scan results (or excerpts) from Nmap, Nikto, OWASP ZAP, etc. - Screenshots demonstrating at least a few key vulnerabilities (e.g., SQL injection PoC, XSS, insecure authentication). - Threat model overview describing what an attacker could achieve by chaining the most critical issues.

Week 1

Vulnerability Assessment of a Web Application

Enroll to access full projects, weekly briefs, and GitHub submission workflows.

Later weeks

Week 2