1 |
Evaluating the Security and Resilience of Typical off the Shelf CoAP IoT Devices : Assessing CoAP and Wi-Fi vulnerabilitiesMüller, Wolfgang January 2022 (has links)
Syftet med denna studie har varit att utvärdera säkerheten och motståndskraften hos CoAP-protokollet som används av ett multinationellt företag för kommunikationen mellan en gateway och appen för kontroll av smarta produkter. Utvärderingen började med att koppla gatewayn till nätverket och installera operativsystemet Kali Linux på datorn. För att utvärdera säkerheten och motståndskraften hos CoAP-protokollet genomfördes en serie DoS-attacker med olika intervall, antal paket och paketstorlek. Antalet paket som skickas visas av programvaran som genomför DoS-attacken, och tiden mäts med ett tidskommando i Kali Linux som mäter hur lång tid ett givet kommando tar att köra. Resultaten visar att appen kopplas bort från företagets gateway efter att ha blivit attackerad med 59 UDP-paket innehållande 0 byte data. Attacken kan delas upp i två mindre attacker på 30 och 29 packet med ett 10-timmars uppehåll mellan attackerna, utan att det påverkar det totala antalet paket som behövs för en lyckad DoS attack mot gatewayn. Appen kan inte återansluta till gatewayen efter att ha blivit attackerad med 59 paket. Gatewayn måste startas om genom att kopplas bort från elförsörjningen för att återhämta sig. / The purpose of this study has been to evaluate the security and resilience of the CoAP protocol used by multinational company for communication between the gateway and app. The evaluation began with setting up the gateway to the network and installing the required software to the computer. To evaluate the security and resilience of the CoAP protocol, a series of DoS attacks with different intervals, amount of packets and packet size were performed. The amount of packets sent are shown by the software that performs the DoS attack, while time is measured with the time command in Kali Linux that measures how long a given command takes to run. The results show that the app gets disconnected from the company’s gateway after being attacked with 59 UDP packets containing 0 bytes data. The attack can be split into two smaller attacks with a 10 hour window between them, without any change of amount of packets required for the gateway getting disconnected from the network. The app can’t reconnect to the gateway after being attacked with 59 packets, the gateway has to be disconnected from the power outlet to recover.
|
2 |
Securing cyberspace : development and evaluation of a novel research toolsetBolgan, Samuela January 2018 (has links)
Cybersecurity is an issue of great concern today; data breaches are becoming more frequent and are causing huge economic losses in almost all the industry sectors. The majority of them are caused by malicious or criminal attacks perpetrated by individuals also known as “hackers”. Although the mainstream portrait of hackers nowadays brings to mind the idea of cybercriminals, not all hackers are malicious ones. The word hacker in its original sense only describes a computer enthusiast and a skilled programmer who was eager to learn how computers work. The key to distinguish a good or a bad hacker lies only in the specific intent and the permission to hack. Recently many companies are indeed hiring hackers to test their systems and protect them from the malicious attacks. The strength of good hackers is that they possess the same skills as malicious ones but they use them to enhance security. At the present stage, the process of hiring candidates for internet security positions for the majority of organizations, and business corporations relies mainly on interviews, while few of them advertise some sort of hacking challenges to be solved by potential applicants in order to evaluate upfront their skills and abilities. Moreover, an in-depth review of the literature has revealed that, so far, no systematic investigation has been carried out on the cognitive skills that characterise ethical hackers, experts who are professionally trained to protect systems’ security. The present PhD thesis offers a contribution that starts filling this gap in the literature with an exploratory investigation on the cognitive skills related with hacking expertise on a behavioural level. Findings show that hackers possess stronger systemizing traits as compared to the general population, and suggest a role of the ability to systemize on hacking performance. Moreover, performance on hacking-related tasks is shown to be related with mental rotation abilities and a field independent cognitive style. These findings have both theoretical and practical applications that are extensively discussed; together with possible future directions.
|
3 |
A Study On API Security PentestingAsemi, Hadi 01 October 2023 (has links) (PDF)
Application Programming Interfaces (APIs) are essential in the digital realm as the bridge enabling seamless communication and collaboration between diverse software applications. Their significance lies in simplifying the integration of different systems, allowing them to work together effortlessly and share data. APIs are used in various applications, for example, healthcare, banks, authentication, etc. Ensuring the security of APIs is critical to ensure data security, privacy, and more. Therefore, the security of APIs is not only urgent but mandatory for pentesting APIs at every stage of development and to catch vulnerabilities early. The primary purpose of this research is to provide guidelines to help apply existing tools for reconnaissance and authentication pentesting. To achieve this goal, we first introduce the basics of API and OWASP's Top 10 API security vulnerabilities. Secondly, we propose deployable scripts developed for Ubuntu Debian Systems to install pentesting tools automatically. These scripts allow future students to participate in API security courses and conduct API security pentesting. API security pentesting, regarding reconnaissance and authentication, is discussed based on the configured system. For reconnaissance, passive and active approaches are introduced with different tools for authentication, including password-based authentication brute-forcing, one-time password (OTP) brute-forcing, and JSON web token brute force.
|
4 |
Comparative analysis of automated scanning and manual penetration testing for enhanced cybersecurityRane, Nikhil, Qureshi, Amna 16 August 2024 (has links)
Yes / Web platform security has become a significant concern in the current cyber world. Adversaries constantly advance their skills and technologies to bypass modern cyber defence techniques to lure website vulnerabilities. In the cyber world, finding and mitigating vulnerabilities on the website is essential to avoid any damage to the organization. Two key techniques - vulnerability assessment and penetration testing - play a crucial role in identifying and mitigating these weaknesses. While vulnerability assessment scans the platform, revealing potential flaws, penetration testing goes a step further, simulating real-world attack scenarios to assess their true exploitability and possible damage. This paper compares automated scanning and manual penetration testing to evaluate the effectiveness of these techniques in uncovering vulnerabilities. The experimental results confirm that manual penetration testing is more effective than automated testing in terms of accuracy. Additionally, practical studies highlight the importance of a penetration tester's skills and experience in identifying and exploiting security weaknesses. Automated tools may also generate false positive results.
|
5 |
Comparing the relative efficacy of phishing emails / Jämförelse av phishing emails relativa effektivitetLingaas Türk, Jakob January 2020 (has links)
This study aimed to examine if there was a difference in how likely a victim is to click on a phishing email’s links based on the content of the email, the tone and language used and the structure of the code. This likelihood also includes the email’s ability to bypass spam filters. Method: The method used to examine this was a simulated phishing attack. Six different phishing templates were created and sent out via the Gophish framework to target groups of students (from Halmstad University), from a randomized pool of 20.000 users. The phishing emails contained a link to a landing page (hosted via a virtual machine) which tracked user status. The templates were: Covid19 Pre-Attempt, Spotify Friendly CSS, Spotify Friendly Button, Spotify Aggressive CSS, Spotify Aggressive Button, Student Union. Results: Covid19 Pre-Attempt: 72.6% initial spam filter evasion, 45.8% spam filter evasion, 4% emails opened and 100% links clicked. Spotify Friendly CSS: 50% initial spam filter evasion, 38% spam filter evasion, 26.3% emails opened and 0% links clicked. Spotify Friendly Button: 59% initial spam filter evasion, 28.8% spam filter evasion, 5.8% emails opened and 0 %links clicked. Spotify Aggressive CSS: 50% initial spam filter evasion, 38% spam filter evasion, 10.5% emails opened, and 100% links clicked. Spotify Aggressive Button: 16% initial spam filter evasion, 25% spam filter evasion, 0% emails opened and 0% emails clicked. Student Union: 40% initial spam filter evasion, 75% spam filter evasion, 33.3% emails opened and 100% links clicked. Conclusion: Differently structured emails have different capabilities for bypassing spam filters and for deceiving users. Language and tone appears to affect phishing email efficacy; the results suggest that an aggressive and authoritative tone heightens a phishing email’s ability to deceive users, but seems to not affect its ability to bypass spam filters to a similar degree. Authenticity appears to affect email efficacy; the results showed a difference in deception efficacy if an email was structured like that of a genuine sender. Appealing to emotions such as stress and fear appears to increase the phishing email’s efficacy in deceiving a user. / Syftet med denna studie var att undersöka om det fanns en skillnad i hur troligt det är att ett offer klickar på länkarna till ett phishing-e-postmeddelande, baserat på innehållet i e-postmeddelandet, tonen och språket som används och kodens struktur. Denna sannolikhet inkluderar även e-postens förmåga att kringgå skräppostfilter. Metod: Metoden som användes var en simulerad phishing-attack. Sex olika phishing-mallar skapades och skickades ut via Gophish-ramverket till målgruppen bestående av studenter (från Halmstads universitet), från en slumpmässig pool med 20 000 användare. Phishing-e-postmeddelandena innehöll en länk till en målsida (hostad via en virtuell maskin) som spårade användarstatus. Mallarna var: Covid19 Pre-Attempt, Spotify Friendly CSS, Spotify Friendly Button, Spotify Aggressive CSS, Spotify Aggressive Button, Student Union. Resultat: Covid19 förförsök: 72,6% kringgick det primära spamfiltret, 45,8% kringgick det sekundära spamfiltret, 4% e-postmeddelanden öppnade och 100% länkar klickade Spotify Friendly CSS: 50% kringgick det primära spamfiltret, 38% kringgick det sekundära spamfiltret, 26,3% e-postmeddelanden öppnade och 0% länkar klickade. Spotify Friendly Button: 59% kringgick det primära spamfiltret, 28,8% kringgick det sekundära spamfiltret, 5.8% e-postmeddelanden öppnade och 0% länkar klickade. Spotify Aggressive CSS: 50% kringgick det primära spamfiltret, 38% kringgick det sekundära spamfiltret, 10,5% e-post öppnade och 100% länkar klickade. Spotify Aggressive Button: 16% kringgick det primära spamfiltret, 25% kringgick det sekundära spamfiltret, 0% e-postmeddelanden öppnade och 0% e-postmeddelanden klickade. Studentkåren: 40% kringgick det primära spamfiltret, 75% kringgick det sekundära spamfiltret, 33,3% e-postmeddelanden öppnade och 100% länkar klickade. Slutsats: Olika strukturerade e-postmeddelanden har olika funktioner för att kringgå skräppostfilter och för att lura användare. Språk och ton tycks påverka effektiviteten för epost-phishing. Resultaten tyder på att en aggressiv och auktoritär ton ökar phishing-epostmeddelandets förmåga att lura användare, men verkar inte påverka dess förmåga att kringgå skräppostfilter i motsvarande grad. Autenticitet verkar påverka e-postens effektivitet, då resultaten visade en skillnad i effektivitet om ett e-postmeddelande var strukturerat som en äkta avsändare. Att adressera känslor som stress och rädsla verkar öka phishing-e-postens effektivitet när det gäller att lura en användare.
|
6 |
Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities / Penetrationstestning för den oerfarne etiska hackaren : En gedigen grundmetodologi för detektering och mitigering av sårbarheter i webbapplikationerOttosson, Henrik, Lindquist, Per January 2018 (has links)
Having a proper method of defense against attacks is crucial for web applications to ensure the safety of both the application itself and its users. Penetration testing (or ethical hacking) has long been one of the primary methods to detect vulnerabilities against such attacks, but is costly and requires considerable ability and knowledge. As this expertise remains largely individual and undocumented, the industry remains based on expertise. A lack of comprehensive methodologies at levels that are accessible to inexperienced ethical hackers is clearly observable. While attempts at automating the process have yielded some results, automated tools are often specific to certain types of flaws, and lack contextual flexibility. A clear, simple and comprehensive methodology using automatic vulnerability scanners complemented by manual methods is therefore necessary to get a basic level of security across the entirety of a web application. This master's thesis describes the construction of such a methodology. In order to define the requirements of the methodology, a literature study was performed to identify the types of vulnerabilities most critical to web applications, and the applicability of automated tools for each of them. These tools were tested against various existing applications, both intentionally vulnerable ones, and ones that were intended to be secure. The methodology was constructed as a four-step process: Manual Review, Testing, Risk Analysis, and Reporting. Further, the testing step was defined as an iterative process in three parts: Tool/Method Selection, Vulnerability Testing, and Verification. In order to verify the sufficiency of the methodology, it was subject to Peer-review and Field experiments. / Att ha en gedigen metodologi för att försvara mot attacker är avgörande för att upprätthålla säkerheten i webbapplikationer, både vad gäller applikationen själv och dess användare. Penetrationstestning (eller etisk hacking) har länge varit en av de främsta metoderna för att upptäcka sårbarheter mot sådana attacker, men det är kostsamt och kräver stor personlig förmåga och kunskap. Eftersom denna expertis förblir i stor utsträckning individuell och odokumenterad, fortsätter industrin vara baserad på expertis. En brist på omfattande metodiker på nivåer som är tillgängliga för oerfarna etiska hackare är tydligt observerbar. Även om försök att automatisera processen har givit visst resultat är automatiserade verktyg ofta specifika för vissa typer av sårbarheter och lider av bristande flexibilitet. En tydlig, enkel och övergripande metodik som använder sig av automatiska sårbarhetsverktyg och kompletterande manuella metoder är därför nödvändig för att få till en grundläggande och heltäckande säkerhetsnivå. Denna masteruppsats beskriver konstruktionen av en sådan metodik. För att definiera metodologin genomfördes en litteraturstudie för att identifiera de typer av sårbarheter som är mest kritiska för webbapplikationer, samt tillämpligheten av automatiserade verktyg för var och en av dessa sårbarhetstyper. Verktygen i fråga testades mot olika befintliga applikationer, både mot avsiktligt sårbara, och sådana som var utvecklade med syfte att vara säkra. Metodiken konstruerades som en fyrstegsprocess: manuell granskning, sårbarhetstestning, riskanalys och rapportering. Vidare definierades sårbarhetstestningen som en iterativ process i tre delar: val av verkyg och metoder, sårbarhetsprovning och sårbarhetsverifiering. För att verifiera metodens tillräcklighet användes metoder såsom peer-review och fältexperiment.
|
7 |
Technoethics and Organizing: Exploring Ethical Hacking within a Canadian UniversityAbu-Shaqra, Baha January 2015 (has links)
Ethical hacking is one important information security risk management strategy business and academic organizations use to protect their information assets from the growing threat of hackers. Most published books on ethical hacking have focused on its technical applications in risk assessment practices. This thesis addressed a gap within the organizational communication literature on ethical hacking. Taking a qualitative exploratory case study approach, the thesis paired technoethical inquiry theory with Karl Weick’s sensemaking model to explore ethical hacking in a Canadian university. In-depth interviews with key stakeholder groups and a document review were conducted. Guided by the Technoethical Inquiry Decision-making Grid (TEI-DMG), a qualitative framework for use in technological assessment, findings pointed to the need to expand the communicative and social considerations involved in decision making about ethical hacking practices. Guided by Weick’s theory, findings pointed to security awareness training for increasing sensemaking opportunities and reducing equivocality in the information environment.
|
8 |
Bezpečnostní cvičení pro etický hacking / Security exercises for ethical hackingPaučo, Daniel January 2020 (has links)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
9 |
Assessing the security of a Garmin Smartwatch through Ethical hacking / Bedömning av säkerheten i en Garmin Smartklocka genom Etiskt hackandeManfredh, Lucas January 2022 (has links)
A smartwatch is a device used to track personal data related to health, training, sleep, and diet. The smartwatch industry has seen a steady growth in recent years and is expected to continue to grow. Today many people see the use of their smartwatch as an essential part of their daily routine. Thus, more data is being collected by the smartwatch which raises concerns regarding security and privacy regarding the data collected and distributed by smartwatches. In a worst case scenario, an adversary could perform attacks that would allow them to access personal health records, track the owner, or cause the smartwatch to malfunction either temporarily or permanently. This thesis assesses the security and privacy aspects of the Garmin Vivoactive 4 smartwatch, primarily focusing on the Bluetooth protocol. This was done by first studying research done on security and privacy vulnerabilities of the Bluetooth protocol followed by performing penetration tests targeting the vulnerabilities of the smartwatch. The results of the penetration tests shows that while the Garmin Vivoactive 4 is mostly protected against security flaws, it has multiple vulnerabilities in regards to privacy. / En smartklocka är en enhet som används för att monitorera personlig data relaterad till hälsa, träning, sömn och diet. Smartklocks-branschen har de senaste åren sätt en stadig ökning och förväntas fortsätta öka. I dagsläget är det många som ser användningen av sin smartklocka som en viktig del av deras dagliga rutin. Det leder till att mer och mer data sparas och hanteras av dessa smartklockor vilket i sig leder till oro gällande säkerhet och integritet i dessa klockor. I ett värsta fall skulle en attack genomföras vilket leder till att personlig data kan kommas åt av oanhöriga, alternativt andra problem som att spåra smartklockans användare eller att få smartklocka att temporärt eller permanent sluta fungera. Målet med den här uppsatsen är att analysera säkerheten och integriteten i en Garmin Vivoactive 4 smartklocka med primärt fokus på Bluetooth protokollet. Detta görs genom att först studera forskning angående penetrationstester mot Bluetooth protokollet i smartklockor och att sedan utföra egna tester specifikt på Vivoactive 4. Resultatet visar att samtidigt som den inte har några större säkerhetsbrister finns det brist när det kommer till integriteten.
|
10 |
A Study on Ethical Hacking in Cybersecurity Education Within the United StatesChew, Jordan 01 March 2024 (has links) (PDF)
As the field of computer security continues to grow, it becomes increasingly important to educate the next generation of security professionals. However, much of the current education landscape primarily focuses on teaching defensive skills. Teaching offensive security, otherwise known as ethical hacking, is an important component in the education of all students who hope to contribute to the field of cybersecurity. Doing so requires a careful consideration of what ethical, legal, and practical issues arise from teaching students skills that can be used to cause harm. In this thesis, we first examine the current state of cybersecurity education in the United States through a holistic view of funding, certifications, and course offerings. We then offer a framework to navigate the ethical and legal issues of teaching offensive security, as well as serve as a technical reference of useful tools for configuring and conducting a course in ethical hacking. Together, these contributions can be a baseline for educators looking to create courses on ethical hacking topics.
|
Page generated in 0.0875 seconds