|
|
Analyzer of web application
Vašíček, Tomáš ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This work focuses on the identification of technologies in web applications. The main goal is to develop a software tool for basic analysis of web applications that aims to identify the application's operating system, web server, and programming language. This work further aims to allow the developed tool to be integrated into the Penterep platform as an extension module. The theoretical part of this work is an introduction into the area of web application analysis with emphasis on describing and manually demonstrating the existing identification methods. The practical part presents the design, implementation and testing of the developed tool. This part also includes a description of an experimental environment that was built using the Docker platform.
|
|
|
Virtualization of virtualization software
Holovová, Simona ; Ilgner, Petr (referee) ; Lieskovan, Tomáš (advisor)
The bachelor thesis deals with virtualization. The main goal is to compare selected virtualization platforms and describe their functioning. The theoretical part describes the theoretical basis for virtualization, its fundamentals as well as various types and security threats. The practical part contains the description and the way of performing the tests as well as the used tool. Subsequently, the results obtained are interpreted and compared. The thesis is further dealing with nested virtualization and measuring its effectiveness.
|
|
|
Tool for Quick Flight Search
Muránsky, Matúš ; Lieskovan, Tomáš (referee) ; Číka, Petr (advisor)
The thesis deals with the design and development of a tool for easy search of flight connections for Pelikantravel.com s.r.o. The aim of this work is to develop a tool that will allow operation in a limited Internet connection and will support user feedback. The first part of the thesis describes the analysis of suitable technologies and platforms for the resulting tool. The practical part deals with the issue of user experience and with the related user interface design. In this section, the basic functionality of the tool is described according to the use case analysis. Furthermore, the work describes in detail the implementation of the whole tool and in the end is devoted to testing the resulting tool.
|
|
|
Software library of basic symmetric and asymmetric primitives of modern cryptography on embedded platforms
Miška, Matěj ; Mlýnek, Petr (referee) ; Lieskovan, Tomáš (advisor)
This master thesis deals with a search of cryptographic primitives for embedded systems, which are tested on Raspberry Pi platforms and the results compared in the subsequent practical part. The content of the research is an explanation of the use of cryptography in information systems, an example of a protocol using cryptography in the energy sector, the selection of cryptographic primitives based on recommendations from security institutions, a description of Raspberry Pi embedded platforms and an introduction of cryptographic libraries providing tools to perform cryptographic operations. The theoretical part of the thesis results in an overview of the information needed to create a test tool. The subsequent practical part deals with the theoretical design of the required tool, the determination of the functions that the tool must have and the way of performing the testing. This is followed by a description of the choice of the programming language and development environment suitable for this work, together with a description of the internal structure of the developed application. The testing parameters are mainly the computational, memory and time requirements of the cryptographic primitives on the system. The paper concludes with methods of running and controlling the application, possible presentation of the measured results, the actual results of testing the selected embedded platforms and a discussion of these results.
|
|
|
Virtualization of energy infrastructure
Hraboš, Šimon ; Stodůlka, Tomáš (referee) ; Lieskovan, Tomáš (advisor)
This work describes the virtualization process, virtualization tools and virtualization automation. The work also deals with the description of energy infrastructure, KYPO cyber range platform and DLMS/COSEM protocol used in energy. The practical part deals with the virtualization of energy infrastructure using OpenStack and KYPO cyber range platforms. A virtual environment was created using Vagrant application. The OpenStack and KYPO cyber range platforms were subsequently installed in this environment. Next, a sandbox definition was created. The sandbox definition creates a scenario with an energy infrastructure using KYPO platform. The functionality of the energy infrastructure was verified using the Gurux DLMS library.
|
|
|
Analysis of cryptographic operations on various processor architectures
Kubík, Hynek ; Gerlich, Tomáš (referee) ; Lieskovan, Tomáš (advisor)
Bachelor’s thesis analyzes cryptographic operations and algorithms on different server processor architectures. The thesis in its theoretical part deals with the analysis of individual cryptographic algorithms, processor architecture, computing cluster and HPC. An application is made for the analysis, which, depending on the input parameters, selected architectures and configuration selected by the user, performs the measurement of the performance of individual operations.The results from performance measurements and various cryptographic operations and architectures and with various input application parameters are subsequently years in the form of graphs.
|
|
|
Identification and authentication technologies
Miklánková, Zuzana ; Lieskovan, Tomáš (referee) ; Dzurenda, Petr (advisor)
The bachelor thesis deals with the analysis of currently available RFID technologies and smart cards. Summarized are types of identification and authentication radio or contact systems. The practical part compares measured RFID functional outputs and describes the implementation of multi-attribute authentication system using RFID technology and smart cards. For example, the authentication system can provide employees with access to the building, necessarily demonstrated by both the smart card and RFID tags.The system also includes user privacy elements, where identity of the user cannot be detected by captured communication.
|
|
|
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
|
|
Cybersecurity game in OpenStack platform
Huška, Luděk ; Lieskovan, Tomáš (referee) ; Stodůlka, Tomáš (advisor)
The bachelor thesis is about creation of the cybernetic game on the OpenStack platform. The work starts with an explanation of necessary knowledge like: Informational cybernetic and computer security, security threats, and testing of the overall security. In the practical part, there is created a cyber game that focus on exploitation and basic security vulnerabilities. The next part involves analysis ongoing complexity of hardware resources like RAM, CPU, disc, etc. In the end, there is a guideline for a lab exercise, which is made for students and professors or teachers both separated.
|
|
|
Integration of tools for vulnerability scanning
Štangler, Jan ; Gerlich, Tomáš (referee) ; Lieskovan, Tomáš (advisor)
The bachelor thesis is focused on the field of penetration testing, in which it offers a comprehensive tool for automated scanning of vulnerabilities with selected tools. There are described the basic techniques of penetration tests, web vulnerabilities by OWASP Top 10, examples of vulnerability attacks and defense against them. An important point is the list of useful tools in manual and semi-automated penetration tests. The main goal is to design architecture and implementation of Vixen, which integrates selected tools for penetration testing.
|
guest ::
