|
|
Open data gathering and how to use it in cybersecurity
Gašparová, Marta ; Malina, Lukáš (referee) ; Paučo, Daniel (advisor)
This thesis deals with Data Gathering from Open Sources which can be used in Cyber Security; an analysis of the OSINT tools; a creation of a Data Gathering Tool itself. The theoretical part of the thesis explores Data Gathering within the framework of Ethical Hacking and in which phase of Penetration Testing the Data Extraction is crucial. Following the analysis of the OSINT tools the Practical part of the thesis examines the Created Tool itself which was written in Python programming language. Via API interface the Tool allows interaction with other OSINT tools such as Censys, crt.sh or DNSDumpster. After entering the IP address or domain of the target company the Tool is able to search for basic information such as location, DNS names and running services. Based on the target URL the Tool is able to show both present and absent HTTP security headers on the given website and also based on the entered domain it can search for SSL/TLS certificates, subdomains and emails of the target company.
|
|
|
Gathering information about industrial equipment using a search engine
Danko, Krištof ; Fujdiak, Radek (referee) ; Pospíšil, Ondřej (advisor)
The work is focused on operating technologies, specificaly on the security of PLC (programmable logic controller), and obtaining information using device search engines. The types and parts of industrial networks, which are the main segment of operational technologies, and the search engines such as Shodan, Censy, BinaryEdge, and Zoomeye are described. These search engines are compared based on available information and industry protocols Siemens S7, Modbus, Ethernet / IP, and DNP3. In addition to comparing search engines, this work aims to create an application that can download results from the Shodan search engine via the Shodan API and store them in a database. Another point of work is the connection of own PLC, to determine the time of PLC appearing in search engines.
|
|
|
Dataset for Classification of Network Devices Using Machine Learning
Eis, Pavel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Automatic classification of devices in computer network can be used for detection of anomalies in a network and also it enables application of security policies per device type. The key to creating a device classifier is a quality data set, the public availability of which is low and the creation of a new data set is difficult. The aim of this work is to create a tool, that will enable automated annotation of the data set of network devices and to create a classifier of network devices that uses only basic data from network flows. The result of this work is a modular tool providing automated annotation of network devices using system ADiCT of Cesnet's association, search engines Shodan and Censys, information from PassiveDNS, TOR, WhoIs, geolocation database and information from blacklists. Based on the annotated data set are created several classifiers that classify network devices according to the services they use. The results of the work not only significantly simplify the process of creating new data sets of network devices, but also show a non-invasive approach to the classification of network devices.
|
|
|
Security verification tool for industrial and energy equipments
Sagindykova, Anel ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
Cílem této práce je analyzovat různé vyhledávače a vybrat ty nejvhodnější pro vytvoření nástroje k testování průmyslových a energetických zařízení z pohledu bezpečnosti. Bylo provedeno porovnání mezi Shodan, ZoomEye, Nexpose, Censys a BinaryEdge. Tyto vyhledávače byly porovnávány podle různých kritérií, například výkonnosti a jejich dalších veřejně dostupných informací. Jako nejvhodnější byly vybrány Shodan a ZoomEye a pomocí těchto vyhledavačů byla vytvořena webová aplikace. Tato aplikace je schopna načítat výsledky vyhledávání ze serverů pomocí jejich rozhraní API a je schopna je ukládat do databáze. Součástí práce je popis průmyslových a energetických protokolů, sítí a jejich bezpečnostních prvků. V rámci práce byl také popis několika nejznámějších útoků na tyto sítě. Posledním cílem práce je provést testování a evaluaci realizovaného nástroje na minimálně dvou zařízeních.
|
|
|
Open data gathering and how to use it in cybersecurity
Gašparová, Marta ; Malina, Lukáš (referee) ; Paučo, Daniel (advisor)
This thesis deals with Data Gathering from Open Sources which can be used in Cyber Security; an analysis of the OSINT tools; a creation of a Data Gathering Tool itself. The theoretical part of the thesis explores Data Gathering within the framework of Ethical Hacking and in which phase of Penetration Testing the Data Extraction is crucial. Following the analysis of the OSINT tools the Practical part of the thesis examines the Created Tool itself which was written in Python programming language. Via API interface the Tool allows interaction with other OSINT tools such as Censys, crt.sh or DNSDumpster. After entering the IP address or domain of the target company the Tool is able to search for basic information such as location, DNS names and running services. Based on the target URL the Tool is able to show both present and absent HTTP security headers on the given website and also based on the entered domain it can search for SSL/TLS certificates, subdomains and emails of the target company.
|
|
|
Dataset for Classification of Network Devices Using Machine Learning
Eis, Pavel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Automatic classification of devices in computer network can be used for detection of anomalies in a network and also it enables application of security policies per device type. The key to creating a device classifier is a quality data set, the public availability of which is low and the creation of a new data set is difficult. The aim of this work is to create a tool, that will enable automated annotation of the data set of network devices and to create a classifier of network devices that uses only basic data from network flows. The result of this work is a modular tool providing automated annotation of network devices using system ADiCT of Cesnet's association, search engines Shodan and Censys, information from PassiveDNS, TOR, WhoIs, geolocation database and information from blacklists. Based on the annotated data set are created several classifiers that classify network devices according to the services they use. The results of the work not only significantly simplify the process of creating new data sets of network devices, but also show a non-invasive approach to the classification of network devices.
|
|
|
Gathering information about industrial equipment using a search engine
Danko, Krištof ; Fujdiak, Radek (referee) ; Pospíšil, Ondřej (advisor)
The work is focused on operating technologies, specificaly on the security of PLC (programmable logic controller), and obtaining information using device search engines. The types and parts of industrial networks, which are the main segment of operational technologies, and the search engines such as Shodan, Censy, BinaryEdge, and Zoomeye are described. These search engines are compared based on available information and industry protocols Siemens S7, Modbus, Ethernet / IP, and DNP3. In addition to comparing search engines, this work aims to create an application that can download results from the Shodan search engine via the Shodan API and store them in a database. Another point of work is the connection of own PLC, to determine the time of PLC appearing in search engines.
|
guest ::
