Beruflich Dokumente
Kultur Dokumente
Penetration Testing
Sohail Inayat
Outline
• Introduction
• Literature Review
• Problem Statement and Objectives
• Proposed System
• Timeline
• References
Introduction
• Simulated cyber attack against your computer system
to check for exploitable vulnerabilities.
• Pen test evaluate procedural and operational
controls as well as technological controls.
• PCI Data Security Standard's requires organizations
to perform application and penetration tests at least
once a year.
Penetration testing stages
• Planning and reconnaissance
• Scanning
• Gaining Access
• Maintaining access
• Analysis
Literature Review
S.No Authors Paper Name
1 Hessa Mohammed Zaher Al A study on penetration testing process
Shebli , Babak D. Beheshti and tools
2 Xue Qiu, Shuguang Wang, Qiong An automated method of penetration
Jia testing
3 Pengfei Shi, Futong Qin The Penetration Testing Framework for
Large-Scale Network Based on Network
Fingerprint
4 Yugansh Khera, Deepansh Kumar, Analysis and Impact of Vulnerability
Nidhi Garg Assessment and Penetration Testing
5 Norah Ahmed Almubairik, Gary Automated penetration testing based on
Wills a threat model
Problem Statement
• Investigate Penetration testing tools and techniques.
• Design and setup an Isolated Network laboratory to
perform penetration testing
• Investigate and identify a suitable Penetration testing
Methodology
• Utilize penetration testing to understand analyze and
security issues
Proposed System
Timeline
References
1N. A. Almubairik and G. Wills, "Automated penetration testing based on a threat model," 2016 11th
International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, 2016
[2] H. M. Z. A. Shebli and B. D. Beheshti, "A study on penetration testing process and tools," 2018 IEEE
Long Island Systems, Applications and Technology Conference (LISAT), Farmingdale, NY, 2018
[3] Y. Khera, D. Kumar, Sujay and N. Garg, "Analysis and Impact of Vulnerability Assessment and
Penetration Testing," 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel
Computing (COMITCon), Faridabad, India, 2019.
[4] P. Shi, F. Qin, R. Cheng and K. Zhu, "The Penetration Testing Framework for Large-Scale Network
Based on Network Fingerprint," 2019 International Conference on Communications, Information System
and Computer Engineering (CISCE), Haikou, China, 2019,
[5] Xue Qiu, Shuguang Wang, Qiong Jia, Chunhe Xia and Qingxin Xia, "An automated method of
penetration testing," 2014 IEEE Computers, Communications and IT Applications Conference, Beijing