|
|
Design and Creation of Proxy for Penetration Testing
Válka, Michal ; Bláha, Lukáš (referee) ; Dydowicz, Petr (advisor)
This bachelor’s thesis is aimed at design and development of proxy for penetration testing. The thesis is divided into three main parts and begins with a theoretical part, which is focused on fundamental technologies and principles on which the application is based. The second part is focused on comparison of currently available solutions. The third part contains the creation of the proxy itself. The last chapter contains a summary of this thesis and the benefits of the developed product for penetration testing.
|
|
|
Legal Aspects of Fighting Cybercrime
Dostál, Otto ; Vlček,, Martin (referee) ; Šárek, Milan (referee) ; Hajný, Jan (advisor)
The thesis deals with the topic of computer crime. Foremost, it demonstrates on an example of the operation of a medical image information processing system some selected aspects of this issue. It shows that it is always necessary to monitor the current state of the technical knowledge at the time, but also the need of addressing the issue within the corresponding legal limits. The thesis presents criminal law reality as a complex system. The links between different parts of the system are examined, and possible shortcomings are considered. The legal instruments and legal limits of the procedures that can be used against cybercrime are evaluated. The thesis focuses especially on the issue of obtaining evidence under the Czech Criminal Procedure Code. It presents a proposal on how to understand individual procedural legal institutes and for what purposes and how to use them. Consequently it suggests legal procedures for specific selected practical situations.
|
|
|
MCUXpresso Web application security
Mittaš, Tomáš ; Heriban, Pavel (referee) ; Roupec, Jan (advisor)
This thesis deals with testing of the security of web application MCUXpresso Web SDK Builder using ethical hacking techniques and tools. At the beginning, the history of ethical hacking and structure of web applications are briefly mentioned. The thesis then analyses the application itself from the user’s point of view, its parts before logging in and after logging in and the operation of this application. The following is a list of the most common vulnerabilities and weaknesses found in web applications to understand any vulnerabilities found. Furthemore, the thesis deals with the techniques and tools of web application security and compares them. The penultimate chapter deals with the use of Analysis and vulnerability scanning technique on the application MCUXpresso Web SDK Builder. Finally, an application security test plan is designed, while part of this plan is automated.
|
|
|
Analysis of security and authentication of wireless networks
Kulíř, Tomáš ; Jeřábek, Jan (referee) ; Szőcs, Juraj (advisor)
This master's thesis deals with wireless networks, mainly about the WiFi. It deals with summary of individual security mechanism both theoretically and using them in real hardware. Mainly it is interested in the security of the individual mechanisms and their weaknesses, which cause rupture of security. At each chapter the ideas and methods, that the attackers are trying for infiltration of wireless networks and decrypt encryption WEP, WPA or WPA2, are outlined. The principle of the authentication of the WiFi by the authentication server and its options, which is connected with directory service LDAP, is also explained in this thesis. The penultimate chapter deals with the summary of security mechanisms and references that should be adhered by design of the WiFi for the provision of the high security. The ending of the master's thesis is devoted to social engineering and its most famous representatives.
|
|
|
Application for monitoring and controlling the security of large LAN and WAN computer networks
Maloušek, Zdeněk ; Polívka, Michal (referee) ; Novotný, Vít (advisor)
Computer networks are used in much wider extent than 20 years ago. People use the computer mainly for communication, entertainment and data storage. Information is often stored only in electronic devices and that is why the security of the data is so important. The objective of my thesis is to describe network security problems and their solutions. First chapter deals with the network security, security checks and attacks. It describes procedures used in practise. First part deals with traffic scanning and filtering at various layers of the TCP/IP model. Second part presents the types of proxy and its pros and cons. Network Address Translation (NAT) is a favourite technique of managing IP addresses of inside and outside network which helps to improve the security and lower the costs paid for IP addresses. NAT description, IPSec, VPN and basic attacks are described in this section. The second chapter of the thesis presents set of Perl scripts for network security checking. The purpose of the project is not to check the whole network security. It is designed for contemporary needs of IBM Global Services Delivery Centrum Brno. The first script checks running applications on target object. The aim is to detect services that are not necessary to run or that are not updated. The second one checks the security of the Cisco device configuration. There is a list of rules that has to be kept. The third script inspects the Nokia firewall configuration which is on the border of IBM network. If some of the rule is broken, it shows the command that has to be proceeded at the particular device. The output of the first and the second script is an HTML file. The third script uses the command line for the final report. The last part of this chapter gives advice to configure Cisco devices. It is a list of security recommendations that can be used by configuring e.g. routers. The appendix presents two laboratory exercises. The aim is to give students an opportunity to learn something about programs and technologies which are used in practise by IT experts to check the weaknesses of their networks.
|
|
|
Advanced proxy for penetration testing
Válka, Michal ; Vilém,, Šlesinger (referee) ; Sedlák, Petr (advisor)
This master’s thesis focuses on improving the open-source proxy tool for penetration testing of thick clients. The thesis is divided into three main chapters, the first of which is focused on the theoretical background on which the thesis is based. The second chapter describes the analysis of the current state and defines user requirements, which must be met. The third chapter deals with increasing the quality and expanding the functionality based on user requirements. At the same time, a testing methodology is created and a vulnerable application is developed as a teaching material for the methodology. The chapter concludes with a summary of the economic costs and benefits of the application for the penetration testing process.
|
|
|
Quantum key distribution
Klíčník, Ondřej ; Burda, Karel (referee) ; Münster, Petr (advisor)
This thesis is indirectly related to the bachelor thesis Quantum key distribution over optical fiber infrastructure. Unlike the previous paper, the focus will be mainly on the practical application of the QKD (Quantum key distribution) system Clavis3. For this reason, physical phenomena related to practically used QKD protocols are briefly explained in the theoretical part. These are mostly based on phase coding. In particular, special attention is paid to the Coherent one-way protocol (COW) implemented in Clavis3 devices. This protocol is also compared with practical implementations of the BB84 protocol. Furthermore, the principles of other advanced QKD techniques are outlined and the phenomena in the optical fiber that may affect the quantum channel are discussed. A separate chapter is also devoted to standardization and topologies of QKD networks. Last but not least, the thesis addresses the topic of attacks against practical implementations of QKD protocols. In the practical part, measurements aimed at practical deployment of Clavis3 devices in a common communication network are performed. These include the possibility of combining a quantum channel into a single fiber together with classical channels using Wavelength-division multiplexing (WDM) and the analysis of the effect of Raman noise on the maximum communication distance. At the same time, the robustness of the system against polarization changes and fiber manipulation is verified. Finally, the performance of the system using three-state and four-state versions of the COW protocol is compared and the eavesdropping simulation module is tested.
|
|
|
Advanced proxy for penetration testing
Válka, Michal ; Vilém,, Šlesinger (referee) ; Sedlák, Petr (advisor)
This master’s thesis focuses on improving the open-source proxy tool for penetration testing of thick clients. The thesis is divided into three main chapters, the first of which is focused on the theoretical background on which the thesis is based. The second chapter describes the analysis of the current state and defines user requirements, which must be met. The third chapter deals with increasing the quality and expanding the functionality based on user requirements. At the same time, a testing methodology is created and a vulnerable application is developed as a teaching material for the methodology. The chapter concludes with a summary of the economic costs and benefits of the application for the penetration testing process.
|
|
|
MCUXpresso Web application security
Mittaš, Tomáš ; Heriban, Pavel (referee) ; Roupec, Jan (advisor)
This thesis deals with testing of the security of web application MCUXpresso Web SDK Builder using ethical hacking techniques and tools. At the beginning, the history of ethical hacking and structure of web applications are briefly mentioned. The thesis then analyses the application itself from the user’s point of view, its parts before logging in and after logging in and the operation of this application. The following is a list of the most common vulnerabilities and weaknesses found in web applications to understand any vulnerabilities found. Furthemore, the thesis deals with the techniques and tools of web application security and compares them. The penultimate chapter deals with the use of Analysis and vulnerability scanning technique on the application MCUXpresso Web SDK Builder. Finally, an application security test plan is designed, while part of this plan is automated.
|
|
|
Cyber crime
Bartůněk, Jan ; Gřivna, Tomáš (advisor) ; Herczeg, Jiří (referee)
Development of information technology is one of the most dynamic parts of today's global society. Along with the coming of new technologies it generates new types of crime, eventually existing types of criminal activities in this area are moving from the real world to cyberspace. This rapid development of cyber crime enforces corresponding changes in the legislation related to cyberspace. In the Czech Republic the most fundamental changes in cyber crime law have been made along with the new Criminal Code. The new code has modified some areas, that were not mentioned by previous criminal code, refined or amended previous terminology related to cyberspace and added institutes required by international commitments, especially by the Convention on Cybercrime. The purpose of this diploma thesis on "Cyber crime" is to outline the issues of cyber-crime, point out some troubling topics, which are currently present in cyberspace, and outline possible future development of criminal law in cyberspace. In the beginning of the thesis there is a short summary of cyberspace and cyber crime history, that is followed by definitions of selected basic concepts of cyberspace and cyber crime. In the following chapters, there is a summary of current Czech legislation of selected areas and there some examples of such...
|
guest ::
