|
|
Cyber game for the OpenStack platform
Píš, Patrik ; Holasová, Eva (referee) ; Martinásek, Zdeněk (advisor)
This bachelor's thesis presents matters of penetration testing and ethical hacking with primary focus on binary exploitation. The main goal of this bachelor's thesis was to design and implement a cyber game which focuses on combining various exploitation techniques and presenting them in educative and engaging way. The theoretical part of this thesis concentrates on penetration testing methodology and provides a detailed analysis of a given vulnerability's mechanics and technologies that were crucial for the game's development. Practical part of this thesis consists of a detailed description of the game's design and implementation to OpenStack and cyber arena platforms. Additionally, the practical part of this thesis focuses on development of vulnerable applications, methodology and steps necessary for their successful exploitation. Due to the character of cyber game, a few protection mechanisms were necessary to deploy, and their description takes place in practical part of this bachelor's thesis as well.
|
|
|
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
|
|
|
Cyber attacks on operating systems
Holasová, Eva ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on cybernetic attacks towards operating systems. In the thesis, there are discussed base security functions of operating systems Windows, Linux and macOS; followed by described cybernetic attacks and its differences. The chapter Malware describes the most harmful software. Next chapter is about common awareness of cybernetic attacks, in which terms antivirus, firewall and IDS/IPS (Intrusion Detection System/Intrusion Prevention System) systems are defined. Following chapter brings scenario of ethics of hacking on operating system of personal computer, server and web server by using penetration tests. The thesis is finished by doing ethics hacking and evaluations. The goal of this thesis is to summarize the problem of cybernetic attacks, methods and tools whose goal is to break the security of the system, the use some of these method to do ethics hacking in virtualized environment.
|
|
|
Penetration test of camera system
Slaný, Radek ; Martinásek, Zdeněk (referee) ; Paučo, Daniel (advisor)
This bachelor thesis is dedicated to penetration testing of camera system ADEROS. Virtualized testing enviroment was created for purposes of penetration testing. This enviroment was reachable via VPN. In the first part of the practical part was performed scanning of the camera system. In the second part of the practical part was selected a methodology according to results from the first part. In this part is also described process of the penetration testing of the camera system as well as process of stress testing of the web interface. In third part of practical part were results of penetration testing processed into report. Main goal of this thesis is realization of penetration and stress testing, processing the results into clear report and recommendation to remediate found vulnerabilities.
|
|
|
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
|
|
Ethical Hacking and Cyber Security in Nigeria Telecommunication Industry: Issues and Solution
Akinyemi, Adetunji Akinfemiwa ; Střítecký, Vít (advisor) ; Špelda, Petr (referee)
Ethical hacking and cyber security are crucial topics in today's increasingly digital world. The Nigerian telecommunication industry is no exception and must take measures to secure its information systems. This study examined the issues and solutions related to ethical hacking and cyber security in the Nigerian telecommunication industry. A descriptive and inferential study design was adopted in this study. Data was collected from a primary source using a self- administered questionnaire. The study involved 62 participants from the Nigerian telecommunication industry. The study's findings revealed that the Nigerian telecommunication industry faces various issues related to ethical hacking and cyber security, such as lack of technical expertise, insufficient budget allocation, and inadequate cyber security policies. However, the industry addresses these issues by investing in employee cyber security training and certification, increasing budget allocation, and implementing strict cyber security policies and guidelines. In conclusion, the Nigerian telecommunication industry recognizes the importance of ethical hacking and cyber security and is addressing its challenges. The study highlights the need for the industry to continue investing in cybersecurity measures and to stay updated with the latest...
|
|
|
Cyber game for the OpenStack platform
Píš, Patrik ; Holasová, Eva (referee) ; Martinásek, Zdeněk (advisor)
This bachelor's thesis presents matters of penetration testing and ethical hacking with primary focus on binary exploitation. The main goal of this bachelor's thesis was to design and implement a cyber game which focuses on combining various exploitation techniques and presenting them in educative and engaging way. The theoretical part of this thesis concentrates on penetration testing methodology and provides a detailed analysis of a given vulnerability's mechanics and technologies that were crucial for the game's development. Practical part of this thesis consists of a detailed description of the game's design and implementation to OpenStack and cyber arena platforms. Additionally, the practical part of this thesis focuses on development of vulnerable applications, methodology and steps necessary for their successful exploitation. Due to the character of cyber game, a few protection mechanisms were necessary to deploy, and their description takes place in practical part of this bachelor's thesis as well.
|
|
|
Penetration test of camera system
Slaný, Radek ; Martinásek, Zdeněk (referee) ; Paučo, Daniel (advisor)
This bachelor thesis is dedicated to penetration testing of camera system ADEROS. Virtualized testing enviroment was created for purposes of penetration testing. This enviroment was reachable via VPN. In the first part of the practical part was performed scanning of the camera system. In the second part of the practical part was selected a methodology according to results from the first part. In this part is also described process of the penetration testing of the camera system as well as process of stress testing of the web interface. In third part of practical part were results of penetration testing processed into report. Main goal of this thesis is realization of penetration and stress testing, processing the results into clear report and recommendation to remediate found vulnerabilities.
|
|
|
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
|
|
Cyber attacks on operating systems
Holasová, Eva ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on cybernetic attacks towards operating systems. In the thesis, there are discussed base security functions of operating systems Windows, Linux and macOS; followed by described cybernetic attacks and its differences. The chapter Malware describes the most harmful software. Next chapter is about common awareness of cybernetic attacks, in which terms antivirus, firewall and IDS/IPS (Intrusion Detection System/Intrusion Prevention System) systems are defined. Following chapter brings scenario of ethics of hacking on operating system of personal computer, server and web server by using penetration tests. The thesis is finished by doing ethics hacking and evaluations. The goal of this thesis is to summarize the problem of cybernetic attacks, methods and tools whose goal is to break the security of the system, the use some of these method to do ethics hacking in virtualized environment.
|
guest ::
