AUTOMATED PENETRATION TESTING Penetration testing is used to search for vulnerabilities that might exist in a system. The testing usually involves simulating different types of attacks on the target system. This type of testing provides an organized and controlled way to identify security shortcomings. The resources and time required for comprehensive testing can make penetration testing cost intensive. Consequently, such tests are usually only performed during important milestones. In this project we have automated the penetration testing process for several protocol-based attacks. Our automated penetration testing application covers several attacks based on HTTP, SIP and TCP/IP. The objective of this work is to offer a fast, reliable and automated testing tool, which is also easier to use than existing tools. I would like to thank Dr. Mark Stamp, for giving me an opportunity to work on this research project under his guidance. I would also like to thank him for his patience and suggestions without which this research project would not have been possible. I would also like to thank Dr. Martin for their guidance and suggestions while working on this project.
[1]
Mark Merkow,et al.
Information Security: Principles and Practices
,
2005
.
[2]
Katharina Weiss.
Open Source Security Tools
,
2016
.
[3]
Bogdan M. Wilamowski,et al.
The Transmission Control Protocol
,
2005,
The Industrial Information Technology Handbook.
[4]
V. Saravanan,et al.
Defending Denial of Service: State Overload Attacks
,
2010
.
[5]
Mihai Doinea.
Open Source Security Tools
,
2010
.
[6]
Mark Stamp,et al.
Information security - principles and practice
,
2005
.