Arjun, C V (2017) Penetration Testing: Vulnerability Analysis in a Virtual Environment. In: International Conference on Innovative Research in Engineering and Science, 16/07/2017, Asian Institute of Technology Conference Center, T.

PDF 963.pdf - Published Version Restricted to Registered users only Download (1MB) | Request a copy

Abstract

Nowadays it is common to hear about security breaches in all parts of the world, whose intensity may be big or small or it may take place in public or in private sector. Because of World Wide Web, all are connected. And that means systems are exposed to vulnerability. In order to reduce the risk of security breach, the application has to be rigorously tested before it can be accessed by malicious users through the internet. And here arises the role of the penetration tester to check for any vulnerabilities in the application or system. All the security testing’s are done in the virtual lab which is built by using Virtual Box, which avoids the need to buy racks of computers and other networking equipment’s to perform testing. Virtual lab makes sure no testing activities reach World Wide Web, which prevents testing activities accidentally becoming illegal activities. This is an important consideration in ethical penetration testing, or pen test. The goal of penetration testing is to better protect the resources which are at the disposal. This paper focuses on the vulnerability analysis phase of the penetration testing. The experiment is carried out using different tools like nikto, vega, nmap and dnsenum in Kali Linux platform wherein vulnerabilities are identified and the results are displayed

Actions (login required)

View Item