Abstract
In a world where even the most mundane of tasks requires the intervention of the cyberspace, it is particularly important to be aware of the risks and vulnerabilities that come with cyberspace. This has led to the development of a field better referred to as vulnerability assessment and penetration testing (VAPT). There are multiple parts to perform penetration testing, in this paper we will be focusing on the Post Exploitation part. Post exploitation outlines the activities to perform in order to breach the security of a target system by leveraging a discovered exploit. In this paper we propose an agentless model for the automation of post exploitation activities, where agentless means that no third party software is required to be installed on the target machine.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Goel, J.N., Asghar, M.H., Kumar, V., Pandey, S.K.: Ensemble based approach to increase vulnerability assessment and penetration testing accuracy. In: 2016 International Conference on Innovation and Challenges in Cyber Security (ICICCS-INBUSH) (2016)
Almubairik, N.A., Wills, G.: Automated penetration testing based on a threat model. In: 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST) (2016)
Stefinko, Y., Piskozub, A., Banakh, R.: Manual and automated penetration testing. Benefits and drawbacks. Modern tendency. In: 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), Lviv, pp. 488–491 (2016)
(lSC)2 Government Advisory Council Executive Writers Bureau: Penetration testing: Pros and cons of attacking your own network (2013). https://llgcn.comlarticles/2013/02/04/pros-cons-penetration-testing.aspx
Almubairik, N.A., Wills, G.: Automated penetration testing based on a threat model. In: 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, pp. 413–414 (2016)
Chen, C., Zhang, Z., Lee, S., Shieh, S.: Penetration testing in the IoT age. Computer 51(4), 82–85 (2018)
Shebli, H.M.Z.A., Beheshti, B.D.: A study on penetration testing process and tools. In: 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT), Farmingdale, NY, pp. 1–7 (2018)
Chu, G., Lisitsa, A.: Poster: agent-based (BDI) modeling for automation of penetration testing. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), Belfast, pp. 1–2 (2018)
Tetskyi, A., Kharchenko, V., Uzun, D.: Neural networks based choice of tools for penetration testing of web applications. In: 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT), Kiev, pp. 402–405 (2018)
Zitta, T., et al.: Penetration testing of intrusion detection and prevention system in low-performance embedded IoT device. In: 2018 18th International Conference on Mechatronics - Mechatronika (ME), Brno, Czech Republic, pp. 1–5 (2018)
Yevdokymenko, M., Mohamed, E., Onwuakpa, P.: Ethical hacking and penetration testing using raspberry PI. In: 2017 4th International Scientific-Practical Conference Problems of Infocommunications. Science and Technology (PIC S&T), Kharkov, pp. 179–181 (2017)
Shinde, P.S., Ardhapurkar, S.B.: Cyber security analysis using vulnerability assessment and penetration testing. In: 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave), Coimbatore, pp. 1–5 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Maddala, S., Patil, S. (2020). Agentless Automation Model for Post Exploitation Penetration Testing. In: Pandian, A., Ntalianis, K., Palanisamy, R. (eds) Intelligent Computing, Information and Control Systems. ICICCS 2019. Advances in Intelligent Systems and Computing, vol 1039. Springer, Cham. https://doi.org/10.1007/978-3-030-30465-2_59
Download citation
DOI: https://doi.org/10.1007/978-3-030-30465-2_59
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30464-5
Online ISBN: 978-3-030-30465-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)