|
|
Security testing of IPv6 family protocols and related vulnerabilities
Vopálka, Matěj ; Phan, Viet Anh (referee) ; Jeřábek, Jan (advisor)
This thesis discusses the Internet Protocol version 6 (IPv6), especially the secure deployment of the protocol. The thesis deals with the shortcomings of IPv4 protocol and reason of development of IPv6 protocol. It covers topics like IPv6 addressing, structure of frames, the initial types of IPv6 extension headers. Additionally, the thesis explores related protocols to IPv6, such as NDP, SLAAC, adn DHCPv6. The thesis provides an introduction to penetration testing, describes the basic types of hackers and gives a general overview of information security attacks. The practical part is devoted to the development of an application for automatic vulnerability testing of IPv6 networks Penvuhu6. The tool is developed in Python programming language using Scapy library. Penvuhu6 has been tested in an emulated network environment with the GNS3 program. Three test scenarios were developed for the tool focusing on testing the passage of repetitive and misaligned headers, overlapping fragments, and Router advertisement and DHCPv6 advertisement messages. Penvuhu6 was tested on an emulated RouterOS device with basic and restrictive configurations.
|
|
|
Tools for application server penetration testing
Vašíček, Tomáš ; Šeda, Pavel (referee) ; Martinásek, Zdeněk (advisor)
This thesis explores the field of penetration testing of application protocols. The thesis introduces the application protocols FTP, SSH, SMTP, POP3 and IMAP and explores their possible vulnerabilities. Information about vulnerabilities is obtained from publicly available collections such as HackTricks and The Hacker Recipes, but also by studying the RFC documents of each protocol. Based on the vulnerabilities found, penetration testing checklists are constructed to provide guidance through the process of testing a given protocol. The main contribution of the work is the development of a modular automated tool ptapptest and another auxiliary tool ptntlmauth, which are used for penetration testing of the mentioned application protocols. Finally, the thesis concludes by testing the ptapptest tool on application servers discovered using the Shodan search engine.
|
|
|
Support tool for initial phase of penetration testing
Žáček, Dominik ; Gerlich, Tomáš (referee) ; Sikora, Pavel (advisor)
This thesis deals with the development of an advanced tool designed to make team penetration testing more efficient. The tool works by automatically assigning tasks to penetration testers based on skills and historical performance. The theoretical part of the thesis analyzes in detail various methods for solving the assignment problem, in particular the Hungarian method and linear programming. The theoretical part continues with the design of a two-step algorithm for task assignment. Then, the principle of the neural networks underlying the second step of the assignment is described in detail. Unique methods for generating two datasets have also been developed as part of the work. An interface for task assignment has been implemented and metrics to determine the quality of the assignment have been proposed. The result is a tool that significantly streamlines the assignment of tasks to penetration testers and increases the overall efficiency of penetration testing teams.
|
|
|
Tools for Wi-Fi and IPv4 penetration testing
Jančík, David ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The master thesis deals with the design and implementation of support tools and methodologies for security penetration testing of Wi-Fi networks and IPv4 network infrastructure. The theoretical part covers penetration testing itself, approaches, phases, and types. It also describes the development of Wi-Fi networks and their security protocols. Various penetration tools for Wi-Fi networks and types of attacks are introduced. In the last theoretical part, a basic overview of IPv4 and tools for IPv4 scanning is provided. Initially, in the practical part, a proprietary methodology for Wi-Fi networks and IPv4 and tools for penetration testing are proposed. The Python programming language is defined, along with the output of various tools for the Penterep platform. A review of tools from the theoretical part is conducted to select suitable tools for new support tools. The implementation of penetration tools is based on the design diagram created. The conclusion summarizes the results achieved and suggestions for further expansion of tools for Wi-Fi and IPv4. The result of this thesis is the implementation of support tools and the design diagram for Wi-Fi networks and IPv4.
|
|
|
Design and Creation of Proxy for Penetration Testing
Válka, Michal ; Bláha, Lukáš (referee) ; Dydowicz, Petr (advisor)
This bachelor’s thesis is aimed at design and development of proxy for penetration testing. The thesis is divided into three main parts and begins with a theoretical part, which is focused on fundamental technologies and principles on which the application is based. The second part is focused on comparison of currently available solutions. The third part contains the creation of the proxy itself. The last chapter contains a summary of this thesis and the benefits of the developed product for penetration testing.
|
|
|
Application for illustrating the structure of the tested environment
Kuřina, Petr ; Holasová, Eva (referee) ; Kuchař, Karel (advisor)
This bachelor work deals with the creation of an application for the representation of the structures of the tested environment. The theoretical part describes the tools that are processed in the practical part, they are mainly the JavaScript programming language, Vue.js framework and penetration testing in general. The practical part presents the results of network topology testing was performed by Nmap tool. The aim of the practical part is to create an application that will clearly explain the results of testing to the user.
|
|
|
The Tool for Penetration Tests of Web Applications
Dobeš, Michal ; Malinka, Kamil (referee) ; Barabas, Maroš (advisor)
The thesis discusses the issues of penetration testing of web applications, focusing on the Cross-Site Scripting (XSS) and SQL Injection (SQLI) vulnerabilities. The technology behind web applications is described and motivation for penetration testing is given. The thesis then presents the most common vulnerabilities according to OWASP Top 10. It lists the principles, impact and remediation recommendations for the Cross-Site Scripting and SQL Injection vulnerabilities. A penetration testing tool has been developed as a part of this thesis. The tool is extendable via modules. Modules for detection of Cross-Site Scripting and SQL Injection vulnerabilities have been developed. The tool has been compared to existing tools, including the commercial tool Burp Suite.
|
|
|
Cyber attacks on operating systems
Holasová, Eva ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on cybernetic attacks towards operating systems. In the thesis, there are discussed base security functions of operating systems Windows, Linux and macOS; followed by described cybernetic attacks and its differences. The chapter Malware describes the most harmful software. Next chapter is about common awareness of cybernetic attacks, in which terms antivirus, firewall and IDS/IPS (Intrusion Detection System/Intrusion Prevention System) systems are defined. Following chapter brings scenario of ethics of hacking on operating system of personal computer, server and web server by using penetration tests. The thesis is finished by doing ethics hacking and evaluations. The goal of this thesis is to summarize the problem of cybernetic attacks, methods and tools whose goal is to break the security of the system, the use some of these method to do ethics hacking in virtualized environment.
|
|
|
Penetration Testing of an Open-Source Software
Hrozek, Jakub ; Rogalewicz, Adam (referee) ; Smrčka, Aleš (advisor)
This thesis discusses the design and implementation of integrated penetration testing system. In the first two chapters, the reader is introduced to the topic of penetration testing. The basic techniques and classification of tests are described as well as some of the most widely used methodologies. It also discusses the need to automate the testing process. The fifth and sixth chapter discuss specification and detailed design of integrated penetration testing tool. Its implementation and the problems that had arisen during the process are the theme of chapter seven. The last part of the thesis describes practical experiments done with the tool and gives the reader some advice on securing computer networks.
|
|
|
Open data gathering and how to use it in cybersecurity
Gašparová, Marta ; Malina, Lukáš (referee) ; Paučo, Daniel (advisor)
This thesis deals with Data Gathering from Open Sources which can be used in Cyber Security; an analysis of the OSINT tools; a creation of a Data Gathering Tool itself. The theoretical part of the thesis explores Data Gathering within the framework of Ethical Hacking and in which phase of Penetration Testing the Data Extraction is crucial. Following the analysis of the OSINT tools the Practical part of the thesis examines the Created Tool itself which was written in Python programming language. Via API interface the Tool allows interaction with other OSINT tools such as Censys, crt.sh or DNSDumpster. After entering the IP address or domain of the target company the Tool is able to search for basic information such as location, DNS names and running services. Based on the target URL the Tool is able to show both present and absent HTTP security headers on the given website and also based on the entered domain it can search for SSL/TLS certificates, subdomains and emails of the target company.
|
guest ::
