Containerization of a Pentesting platform
In today's technology-driven landscape, organizations increasingly store vast amounts of sensitive personal and confidential data, making them vulnerable targets for cybercriminals seeking to exploit system security weaknesses. Simply complying with security standards and regulations is not eno...
| Autor: | |
|---|---|
| Tipo de recurso: | tesis de maestría |
| Fecha de publicación: | 2024 |
| País: | España |
| Institución: | Universitat Politècnica de Catalunya (UPC) |
| Repositorio: | UPCommons. Portal del coneixement obert de la UPC |
| Idioma: | inglés |
| OAI Identifier: | oai:upcommons.upc.edu:2117/410522 |
| Acceso en línea: | https://hdl.handle.net/2117/410522 |
| Access Level: | acceso abierto |
| Palabra clave: | Computer security penetration testing cybersecurity HuntDown vulnerability scanning tools secure digital environment Seguretat informàtica Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica |
| Sumario: | In today's technology-driven landscape, organizations increasingly store vast amounts of sensitive personal and confidential data, making them vulnerable targets for cybercriminals seeking to exploit system security weaknesses. Simply complying with security standards and regulations is not enough, as we cannot guarantee absolute immunity from vulnerabilities in our systems. The growing demand for cybersecurity talent underscores the need for effective vulnerability scanning tools, which are often complex and require expert knowledge, limiting their accessibility. To address these challenges, HuntDown (HD) has emerged as an ethical hacking tool that provides an accessible solution for security auditing. Nonetheless, HuntDown still requires improvements to match the efficiency of existing vulnerability scanners. This thesis project aims to help refine the HuntDown application deployment process and streamline attack instantiation methods. This research focuses on key aspects such as automation, cloud deployment, and containerization methods to improve HuntDown's performance. To validate the effectiveness of these enhancements, a simple pentest is performed against a vulnerable web application that serves as a benchmark for evaluating HuntDown's performance. The methodologies employed, technologies used, and practical validation performed in this thesis highlight its success and relevance in the dynamic landscape of cybersecurity and penetration testing. The insights gained from this research pave the way for future innovation and advancement in the field, driving progress toward a more secure digital environment. |
|---|