|
|
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
|
|
|
Cyber attacks on operating systems
Holasová, Eva ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on cybernetic attacks towards operating systems. In the thesis, there are discussed base security functions of operating systems Windows, Linux and macOS; followed by described cybernetic attacks and its differences. The chapter Malware describes the most harmful software. Next chapter is about common awareness of cybernetic attacks, in which terms antivirus, firewall and IDS/IPS (Intrusion Detection System/Intrusion Prevention System) systems are defined. Following chapter brings scenario of ethics of hacking on operating system of personal computer, server and web server by using penetration tests. The thesis is finished by doing ethics hacking and evaluations. The goal of this thesis is to summarize the problem of cybernetic attacks, methods and tools whose goal is to break the security of the system, the use some of these method to do ethics hacking in virtualized environment.
|
|
|
Penetration test of camera system
Slaný, Radek ; Martinásek, Zdeněk (referee) ; Paučo, Daniel (advisor)
This bachelor thesis is dedicated to penetration testing of camera system ADEROS. Virtualized testing enviroment was created for purposes of penetration testing. This enviroment was reachable via VPN. In the first part of the practical part was performed scanning of the camera system. In the second part of the practical part was selected a methodology according to results from the first part. In this part is also described process of the penetration testing of the camera system as well as process of stress testing of the web interface. In third part of practical part were results of penetration testing processed into report. Main goal of this thesis is realization of penetration and stress testing, processing the results into clear report and recommendation to remediate found vulnerabilities.
|
|
|
Penetration test of camera system
Slaný, Radek ; Martinásek, Zdeněk (referee) ; Paučo, Daniel (advisor)
This bachelor thesis is dedicated to penetration testing of camera system ADEROS. Virtualized testing enviroment was created for purposes of penetration testing. This enviroment was reachable via VPN. In the first part of the practical part was performed scanning of the camera system. In the second part of the practical part was selected a methodology according to results from the first part. In this part is also described process of the penetration testing of the camera system as well as process of stress testing of the web interface. In third part of practical part were results of penetration testing processed into report. Main goal of this thesis is realization of penetration and stress testing, processing the results into clear report and recommendation to remediate found vulnerabilities.
|
|
|
Cyber attacks on operating systems
Holasová, Eva ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on cybernetic attacks towards operating systems. In the thesis, there are discussed base security functions of operating systems Windows, Linux and macOS; followed by described cybernetic attacks and its differences. The chapter Malware describes the most harmful software. Next chapter is about common awareness of cybernetic attacks, in which terms antivirus, firewall and IDS/IPS (Intrusion Detection System/Intrusion Prevention System) systems are defined. Following chapter brings scenario of ethics of hacking on operating system of personal computer, server and web server by using penetration tests. The thesis is finished by doing ethics hacking and evaluations. The goal of this thesis is to summarize the problem of cybernetic attacks, methods and tools whose goal is to break the security of the system, the use some of these method to do ethics hacking in virtualized environment.
|
|
|
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
|
guest ::
