NORMA eResearch @NCI Library

Comparative Analysis of the Automated Penetration Testing Tools

Shah, Mandar Prashant (2020) Comparative Analysis of the Automated Penetration Testing Tools. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (919kB) | Preview

Abstract

The requirement of performing security audit is growing day by day as the cyber threat is increasing. One of the key components in this process of securing the network is to perform penetration test of the network and web applications. With this growing need there is also a growing need of standardisation/benchmarking in the processes followed and tools used by penetration testers. In this research based thesis we look at the modern day automated web penetration testing tools and compare them with industry known OWASP Benchmark for vulnerabilities. We also address the lack of literature for framework which evaluates scanners with 360-degree view. To evaluate scanner, we performed two case studies with 4 scanners.

Our research shows that, scanners with web proxy and configured crawling perform better as compared to point and shoot scanners. It was also observed that scanners with active maintenance life cycle performed better. The conclusion drawn from this research is, to detect multiple vulnerabilities more than one automated scanning tools should be used. This gives more reliable results.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Caoimhe Ní Mhaicín
Date Deposited: 02 Apr 2020 14:15
Last Modified: 02 Apr 2020 14:15
URI: https://norma.ncirl.ie/id/eprint/4165

Actions (login required)

View Item View Item