Agentless Automation Model for Post Exploitation Penetration Testing

被引:3
|
作者
Maddala, Saraswati [1 ]
Patil, Sonali [1 ]
机构
[1] KJ Somaiya Coll Engn, Dept Informat Technol, Mumbai, Maharashtra, India
来源
INTELLIGENT COMPUTING, INFORMATION AND CONTROL SYSTEMS, ICICCS 2019 | 2020年 / 1039卷
关键词
Post exploitation; Agentless; Penetration testing; Exploit;
D O I
10.1007/978-3-030-30465-2_59
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
In a world where even the most mundane of tasks requires the intervention of the cyberspace, it is particularly important to be aware of the risks and vulnerabilities that come with cyberspace. This has led to the development of a field better referred to as vulnerability assessment and penetration testing (VAPT). There are multiple parts to perform penetration testing, in this paper we will be focusing on the Post Exploitation part. Post exploitation outlines the activities to perform in order to breach the security of a target system by leveraging a discovered exploit. In this paper we propose an agentless model for the automation of post exploitation activities, where agentless means that no third party software is required to be installed on the target machine.
引用
收藏
页码:529 / 539
页数:11
相关论文
共 50 条
  • [1] Automation of post-exploitation
    Irani, Mohammad Tabatabai
    Weippl, Edgar R.
    INTERNATIONAL JOURNAL OF WEB INFORMATION SYSTEMS, 2009, 5 (04) : 518 - 536
  • [2] Ontology-based Automation of Penetration Testing
    Chu, Ge
    Lisitsa, Alexei
    ICISSP: PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2020, : 713 - 720
  • [3] Penetration Testing for Internet of Things and Its Automation
    Chu, Ge
    Lisitsa, Alexei
    IEEE 20TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS / IEEE 16TH INTERNATIONAL CONFERENCE ON SMART CITY / IEEE 4TH INTERNATIONAL CONFERENCE ON DATA SCIENCE AND SYSTEMS (HPCC/SMARTCITY/DSS), 2018, : 1479 - 1484
  • [4] HackSim: An automation of penetration testing for remote buffer overflow vulnerabilities
    Kwon, OH
    Lee, SM
    Lee, H
    Kim, J
    Kim, SC
    Nam, GW
    Park, JG
    INFORMATION NETWORKING: CONVERGENCE IN BROADBAND AND MOBILE NETWORKING, 2005, 3391 : 652 - 661
  • [5] Penetration Testing Automation Assessment Method Based on Rule Tree
    Zhao, Jianming
    Shang, Wenli
    Wan, Ming
    Zeng, Peng
    2015 IEEE INTERNATIONAL CONFERENCE ON CYBER TECHNOLOGY IN AUTOMATION, CONTROL, AND INTELLIGENT SYSTEMS (CYBER), 2015, : 1829 - 1833
  • [6] Automation of Post-exploitation (Focused on MS-Windows Targets)
    Irani, Mohammad Tabatabai
    Weippl, Edgar R.
    SECURITY TECHNOLOGY, PROCEEDINGS, 2009, 58 : 250 - 257
  • [7] Poster: Agent-based (BDI) modeling for automation of penetration testing
    Chu, Ge
    Lisitsa, Alexei
    2018 16TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST), 2018, : 327 - 328
  • [8] Testing a model of exploration and exploitation as innovation strategies
    Emmanuelle Fauchart
    Max Keilbach
    Small Business Economics, 2009, 33 : 257 - 272
  • [9] Testing a model of exploration and exploitation as innovation strategies
    Fauchart, Emmanuelle
    Keilbach, Max
    SMALL BUSINESS ECONOMICS, 2009, 33 (03) : 257 - 272
  • [10] Agentless Insurance Model Based on Modern Artificial Intelligence
    Sinha, Krishanu Prabha
    Sookhak, Mehdi
    Wu, Shaoen
    2021 IEEE 22ND INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2021), 2021, : 49 - 56
12345