Volume -I , Issue -XII, August 2015

NETWORK VULNERABILITY DETECTION REPORTING SYSTEM WITH RECOMMENDATIONS & APPROPRIATE RESOLUTION

Uday Gobbur , Suhas Raut

Attacks against computer systems and the data contained within these systems are becoming increasingly frequent and evermore sophisticated. Organizations wishing to ensure security of their systems may look towards adopting appropriate measures to protect themselves against potential security breaches. One such measure is to hire the services of penetration testers to find vulnerabilities present in the organization’s network, and provide recommendations as to how best to resolve such risks. In this paper we discuss role of the modern pen-tester and summarize current standards and professional qualifications and also further identify issues arising from pen-testers, thereby suggesting how to resolve loopholes in target system and generate report in printable format.

Web application threats, Network application security, exploitation process and reporting.

1. http://www.softwaretestinghelp.com/penetration-testing-guide/
2. http://www.networkworld.com/article/2193965/tech-primers/top-10vulnerabilities inside-the-network.html
3. VulnerabilityAnalysishttp://www.penteststandard.org/index.php/Vulnerability_Analysis.
4. http://www.sans.org/reading-room/whitepapers/auditing/67.php
5. Seven Phrase Penetration Testing Model,ParvinAmi Assist. Professor B.K. Mehta IT Center, PalanpurBanaskantha, Gujarat -385001, India ,AshikaliHasan Chief Technical OfficerXeniar Technology Pvt Ltd Ahmadabad, Gujarat-380015, India,Volume 59– No.5, December 2012.
6. Laura Chappell’s session TUT233,“Cyber Crime at Packet Level”, at Novell BrainShare 2001.
7. Improving penetration testing through static and dynamic analysis, William G. J. Halfond, Shauvik Roy Choudhary and Alessandro Orso,Softw. Test. Verif. Reliab.(2011) Published online in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/stvr.450
8. http://www.netragard.com/penetration-testing- definition
9. Penetration Testing, Stephen Northcutt, Jerry Shenk, Dave Shackleford, TimRosenberg, RaulSiles,andSteveMancini,http://www.sans.org/reading_room/analysis_program/PenetrationTesting_June06.pdf accessed on 1st march 2013.
10. TheArtofWritingPenetrationTestReports, http://resources.infosecinstitute.com/writing- penetration-testing-reports accessed on 1st March 2013