National Repository of Grey Literature 9 records found  Search took 0.00 seconds. 
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
Dynamic Analysis of Application Security Using OpenVAS
Zálešák, Tomáš ; Ryšavý, Ondřej (referee) ; Zemčík, Pavel (advisor)
This bachelor thesis covers the topic of dynamic analysis of application security and its automation. OpenVAS scanner is used to detect vulnerabilities and Atlassian Bamboo for automation. The problem is solved using the infrastructure of three virtual machines, the first with the Greenbone Vulnerability Management framework, which includes OpenVAS scanner, the second with Atlassian Bamboo, and the third for the installation of the scanned system. VirtualBox is used as a virtualization platform. The created solution is fully automated, enables automatic detection of new vulnerabilities and suppression of false detections. The functionality of the solution was verified by regularly scanning the vulnerabilities of the Ubuntu 18.04 system with the Rocket.Chat application deployed.
Security Analysis of Smart Home Devices
Grofčík, Peter ; Kmeť, Martin (referee) ; Matoušek, Petr (advisor)
Main purpose of my bachelor thesis is to analyze security of smart home devices and afterwards to test and confirm exposed vulnerabilities on these devices. The first section describes MioSMART kit devices used for analysis including ways, how to access them. The next section describes communication of smart home devices including protocols, that are used for it. In the next chapter, free tools are introduced to identify vulnerabilities in IoT communications. The next section contains description of network attacks that were carried, based on detected vulnerabilities to damage the functionality of smart home devices. Part of this chapter is dedicated to the description of monitoring options for ongoing attacks on smart home devices.
Analýza dat z automatických bezpečnostních scannerů
VODSTRČIL, Pavel
This bachelor thesis deals with the examination and processing of reports from automatic vulnerability scanners. In the beginning of the theoretical part there is a brief introduction to scanning. Further are analyzed individual outputs from scanners (reports), description of items. The next part is followed by familiarization with Common Vulnerability Scoring System, which is used in the practical part for evaluation. At the end of the first part are listed some functions of the created application. The beginning of the practical part is devoted to database design and selected framework for creation. The following is an introduction to the functions of the application and the possibility of displaying the results.
Dynamic Analysis of Application Security Using OpenVAS
Zálešák, Tomáš ; Ryšavý, Ondřej (referee) ; Zemčík, Pavel (advisor)
This bachelor thesis covers the topic of dynamic analysis of application security and its automation. OpenVAS scanner is used to detect vulnerabilities and Atlassian Bamboo for automation. The problem is solved using the infrastructure of three virtual machines, the first with the Greenbone Vulnerability Management framework, which includes OpenVAS scanner, the second with Atlassian Bamboo, and the third for the installation of the scanned system. VirtualBox is used as a virtualization platform. The created solution is fully automated, enables automatic detection of new vulnerabilities and suppression of false detections. The functionality of the solution was verified by regularly scanning the vulnerabilities of the Ubuntu 18.04 system with the Rocket.Chat application deployed.
Security Analysis of Smart Home Devices
Grofčík, Peter ; Kmeť, Martin (referee) ; Matoušek, Petr (advisor)
Main purpose of my bachelor thesis is to analyze security of smart home devices and afterwards to test and confirm exposed vulnerabilities on these devices. The first section describes MioSMART kit devices used for analysis including ways, how to access them. The next section describes communication of smart home devices including protocols, that are used for it. In the next chapter, free tools are introduced to identify vulnerabilities in IoT communications. The next section contains description of network attacks that were carried, based on detected vulnerabilities to damage the functionality of smart home devices. Part of this chapter is dedicated to the description of monitoring options for ongoing attacks on smart home devices.
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
Vulnerability assesment tools
Charvát, Michal ; Veber, Jaromír (advisor) ; Klíma, Tomáš (referee)
This bachelor thesis is focused on a specific area of information systems security, which is called vulnerability assesment. Vulnerability assesment is executed with special tools called vulnerability scanners. In the the beginning of the first part I will introdukce the area of information systems security and its breaf history, the basic terms of vulnerability assesment and related topics, such as penetration testing. In the following part few test will be executed using some of the chosen available and free tools and then analyze its results. The main criteria will be the number and criticality of the given vulnerabilities. Finally the user-friedly aspect of each tool will be evalueted, which could be a little subjective matter.
Vulnerability Management in the Corporate IT Infrastructure
Hronek, Tomáš ; Veber, Jaromír (advisor) ; Klíma, Tomáš (referee)
The present thesis deals with the area of vulnerability management and its relation to information security. Its main purpose is to set the topic of vulnerability management in context of company information security and to explain its relationship to related disciplines. In the practical part, selected vulnerability assessment tools are compared and methodology is applied to determine the criticality of the vulnerabilities identified in relation to the provided IT services. The objectives were achieved by literature review, personal consultations with employees responsible for information security at J&T Bank and by comparing the results of several tools for assessing vulnerability (Nessus, Retina, OpenVAS, Nexpose, Tripwire). To date, there has not been published a thesis devoted exclusively to the topic of vulnerability management. This thesis is the first one to provide comparable results of vulnerability scanning of the same targets. Equally valuable is the application of Common Vulnerability Scoring System to determine the criticality of the vulnerabilities identified in relation to delivered IT services.

Interested in being notified about new results for this query?
Subscribe to the RSS feed.