Abstract: Nowadays, it is common to hear about security breaches in all parts of the world, whose intensity may be big or small or it may take place in public or in private sector. Because of world wide web, all are connected. And that means systems are exposed to vulnerability. In order to reduce the risk of security breach, the application has to be rigorously tested before it can be accessed by malicious users through the internet. And here arises the role of the penetration tester to check for any vulnerabilities in the application or system. All the security testing’s are done in the virtual lab which is built by using virtual box which avoids the need to buy racks of computers and other networking equipment’s to perform testing. Virtual lab makes sure no testing activities reach world wide web which prevents testing activities accidentally becoming illegal activities. This is an important consideration in ethical penetration testing or pen test. The goal of penetration testing is to better protect the resources which are at the disposal. This study focuses on the vulnerability analysis phase of the penetration testing. The experiment is carried out using different tools like Nikto, Vega, Nmap and DNSenum in Kali Linux platform wherein vulnerabilities are identified and the results are displayed.