Abstract
OnlineKALI is a Web framework for vulnerability assessment which allows you to quickly do a security audit of your own websites and network infrastructures from a remote location without having to set up external pen-testing operating system and with very high-speed network capability and processing power. It allows you to scan, enumerate the security loopholes, and vulnerability with full customization of the open-source tools. It uses a chroot or Docker environment to launch an attack without affecting the main system. It uses the features of Django, PostgreSQL, Jinja2, and python to be secure as far as possible. This paper is basically to take a maximum of open-source tools of Kali Linux and put into the cloud so that all can work without any hardware or network issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bacudio, A.G., Yuan, X., Bill Chu, B.-T., Jones, M.: An overview of penetration testing. Int. J. Netw. Secur. Appl. (IJNSA) 3(6) (2011). http://airccse.org/journal/nsa/1111nsa02.pdf
Bishop, M., Frincke, D.A.: Achieving Learning Objectives Through E-Voting Case Studies. http://ieeexplore.ieee.org/document/4085594/
Web Application Vulnerability Scanner Evaluation Project (Vulnerability Scanner Evaluation Project) (2012). http://code.google.com/p/wavsep/
Gordon Lyon. Top 125 Network Security Tools [EB] (2011). http://sectools.org/
Chroot Concept. https://en.wikipedia.org/wiki/Chroot
Ethical hacking and network defense: choose your best network vulnerability scanning tool. In: 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA). http://ieeexplore.ieee.org/document/7929663/
de Jimenez, R.E.L.: Pentesting on web applications. In: 2016 IEEE 36th Central American and Panama Convention (CONCAPAN XXXVI). http://ieeexplore.ieee.org/document/7942364/
Shay-Chen The Web Application Vulnerability Scanner Evaluation Project [EB] (2012). http://www.sectoolmarket.com/
Yevdokymenko, M., Mohamed, E., Arinze, P.O.: Ethical hacking and penetration testing using Rasberry PI. In: 2017 4th International Scientific-Practical Conference Problems of Info-communications, Science and Technology (PIC S&T). http://ieeexplore.ieee.org/document/8246375/
PgBouncer. https://pgbouncer.github.io/
Django Server hosted in DigitalOcean. https://www.digitalocean.com/
Nginx Web Server Security and Hardening Guide. https://geekflare.com/nginx-webserver-security-hardening-guide/
Kali Linux Operating System (Specially designed for Pentesting). https://www.kali.org/
Web Application Vulnerability Scanner Evaluation Project (Vulnerability Scanner Evaluation Project) (2012). http://code.google.com/p/wavsep/
Offensive Security. https://www.offensive-security.com/
Open Source tools list which is inbuilt in Kali Linux. https://tools.kali.org/tools-listing
Ngnix. https://nginx.org/en/
Django. https://www.djangoproject.com/
PostgresSQL. https://www.postgresql.org/
Acknowledgements
This research is supported by HackCieux. We are thankful to our colleagues who provided expertise that greatly assisted the research, although they may not agree with all of the interpretations provided in this paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Dholey, P., Shaw, A.K. (2019). OnlineKALI: Online Vulnerability Scanner. In: Chakraborty, M., Chakrabarti, S., Balas, V., Mandal, J. (eds) Proceedings of International Ethical Hacking Conference 2018. Advances in Intelligent Systems and Computing, vol 811. Springer, Singapore. https://doi.org/10.1007/978-981-13-1544-2_3
Download citation
DOI: https://doi.org/10.1007/978-981-13-1544-2_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1543-5
Online ISBN: 978-981-13-1544-2
eBook Packages: EngineeringEngineering (R0)