In the penetration testing of the target server, Humbleify, the project consisted of exploiting vulnerabilities that account for significant risks to the company’s data security. Upon utilizing different testing methods, such as exploiting vulnerable services, and cracking passwords, I was able to gain unauthorized access to the target server. The projects’s findings consist of sensitive information stored within Humbleify’s database, including sensitive customer and employee data. Additionally, I was also able to use a user account to increase the level of access to different users and eventually gained privileges to the root user which allowed to gain unrestricted access to the password files and data. This assessment was helpful in discovering the weaknesses of Humbleify’s sever. There is a lack of strong security measures such as weak passwords, allowing us to easily retrieve the sensitive data. Also, the ability to easily change user passwords without strong authentication and retrieve plaintext password hashes provided the need to implement stronger security measures. These vulnerabilities compromise the confidentiality of Humbleify’s customer and employee data and can cause reputational damage if there was a data breach.