Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)

Penetration Testing Analysis with Standardized Report Generation

Authors
Kousik Barik, A Abirami, Saptarshi Das, Karabi Konar, Archita Banerjee
Corresponding Author
Kousik Barik
Available Online 13 September 2021.
DOI
10.2991/ahis.k.210913.045How to use a DOI?
Keywords
Penetration testing, Penetration testing report, Automated testing, Web application security
Abstract

Penetration testing is a mirrored cyber-attack defined for identifying vulnerabilities and flaws in a computer system/Network/Web application— the organization appoints experts to conduct the test and present the details for deeper interpretation. One of the critical components of securing the network is to perform penetration tests of the network and web applications. In this paper, the industry-known OWASP (Open Web Application Security Project) vulnerability tool and three vulnerable web applications in a lab setup are explored and presented with a detailed analysis. Further, three penetration test reports are selected, and comprehensive analysis and reports are generated from the proposed setup. After the observation, it’s understood that there is a lack of standardization format of the penetration testing reports. Therefore, this paper presents a format that will cater to the understanding of domain knowledge experts, decision-making bodies, and board members of the top executives of an organization for making further decisions on improving the robustness of their network and web applications.

Copyright
© 2021, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)
Series
Atlantis Highlights in Computer Sciences
Publication Date
13 September 2021
ISBN
978-94-6239-428-5
ISSN
2589-4900
DOI
10.2991/ahis.k.210913.045How to use a DOI?
Copyright
© 2021, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Kousik Barik
AU  - A Abirami
AU  - Saptarshi Das
AU  - Karabi Konar
AU  - Archita Banerjee
PY  - 2021
DA  - 2021/09/13
TI  - Penetration Testing Analysis with Standardized Report Generation
BT  - Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)
PB  - Atlantis Press
SP  - 365
EP  - 372
SN  - 2589-4900
UR  - https://doi.org/10.2991/ahis.k.210913.045
DO  - 10.2991/ahis.k.210913.045
ID  - Barik2021
ER  -