|
|
Analyzer of web application
Vašíček, Tomáš ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This work focuses on the identification of technologies in web applications. The main goal is to develop a software tool for basic analysis of web applications that aims to identify the application's operating system, web server, and programming language. This work further aims to allow the developed tool to be integrated into the Penterep platform as an extension module. The theoretical part of this work is an introduction into the area of web application analysis with emphasis on describing and manually demonstrating the existing identification methods. The practical part presents the design, implementation and testing of the developed tool. This part also includes a description of an experimental environment that was built using the Docker platform.
|
|
|
Web platform to support penetration testing
Lazarov, Willi ; Kuchař, Karel (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis deals with the design, development, and implementation of a web platform to support penetration testing. The theoretical part of the thesis is devoted to the description of penetration testing and vulnerability severity assessment. Next, the technologies used in the development of the final solution are described. The practical part describes the gradual solution of partial requirements of the web platform. The individual chapters summarize the problem, design, and implementation of the solution. The practical part starts with the design of a highly scalable model that addresses the main problem of the assignment of this thesis. Next, the design of the platform, its embedding in the proposed model, and the development of a modular web application. Furthermore, the actual development of the application part is described, specifically, its connection with the relational database, tools for automated penetration testing, and the report generator. In the next chapter, the testing of the platform in a production environment is described. The last chapter compares relevant tools for penetration testing. The result of the work is a web platform with the main purpose of increasing the effect of penetration testing to such an extent that the time, complexity, and work required to successfully complete the entire test will be considerably lower than using currently relevant available tools.
|
|
|
Tool to support DoS testing
Kamenář, Filip ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The master thesis deals with denial of service attacks and their implementation in own application, called ptdos, that allows testing of web applications using the implemented attacks. Ptdos is also capable of monitoring the progress of testing as well as its evaluation. In the theoretical part of the thesis, the basic concepts are defined, the classification of attacks into categories is described and the individual attacks are discussed in detail in order to explain how the denial of service should occur in the context of an attack. The practical part of the thesis describes the design of the ptdos application architecture and its subsequent development, including a description of the implementation of all the selected attacks. The last part of the thesis is the testing of the application, which includes the creation of a test network and the analysis of all implemented attacks using different scenarios.
|
|
|
PTDOS:Tool to support DoS testing
Kamenář, Filip ; Martinásek, Zdeněk
Nowadays, cyber attacks are a common part of our lives. Targets of attacks are various, such as obtaining sensitive data, network infiltration, system sabotage or denial of service (DoS). This paper deals with the attacks that target denial of service. The main goal is the custom design and development of the ptdos application, which allows testing of the resilience of network infrastructure and web servers against these types of cyber attacks. The application will be freely available and will contain various types of attacks (both flood and logic) to sufficiently test the system. The purpose of the work is to create a quality and simple tool to enhance cyber security.
|
|
|
Web platform to support penetration testing
Lazarov, Willi ; Kuchař, Karel (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis deals with the design, development, and implementation of a web platform to support penetration testing. The theoretical part of the thesis is devoted to the description of penetration testing and vulnerability severity assessment. Next, the technologies used in the development of the final solution are described. The practical part describes the gradual solution of partial requirements of the web platform. The individual chapters summarize the problem, design, and implementation of the solution. The practical part starts with the design of a highly scalable model that addresses the main problem of the assignment of this thesis. Next, the design of the platform, its embedding in the proposed model, and the development of a modular web application. Furthermore, the actual development of the application part is described, specifically, its connection with the relational database, tools for automated penetration testing, and the report generator. In the next chapter, the testing of the platform in a production environment is described. The last chapter compares relevant tools for penetration testing. The result of the work is a web platform with the main purpose of increasing the effect of penetration testing to such an extent that the time, complexity, and work required to successfully complete the entire test will be considerably lower than using currently relevant available tools.
|
|
|
Analyzer of web application
Vašíček, Tomáš ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This work focuses on the identification of technologies in web applications. The main goal is to develop a software tool for basic analysis of web applications that aims to identify the application's operating system, web server, and programming language. This work further aims to allow the developed tool to be integrated into the Penterep platform as an extension module. The theoretical part of this work is an introduction into the area of web application analysis with emphasis on describing and manually demonstrating the existing identification methods. The practical part presents the design, implementation and testing of the developed tool. This part also includes a description of an experimental environment that was built using the Docker platform.
|
|
|
Tool to support DoS testing
Kamenář, Filip ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The master thesis deals with denial of service attacks and their implementation in own application, called ptdos, that allows testing of web applications using the implemented attacks. Ptdos is also capable of monitoring the progress of testing as well as its evaluation. In the theoretical part of the thesis, the basic concepts are defined, the classification of attacks into categories is described and the individual attacks are discussed in detail in order to explain how the denial of service should occur in the context of an attack. The practical part of the thesis describes the design of the ptdos application architecture and its subsequent development, including a description of the implementation of all the selected attacks. The last part of the thesis is the testing of the application, which includes the creation of a test network and the analysis of all implemented attacks using different scenarios.
|
guest ::
