HackSim: An automation of penetration testing for remote buffer overflow vulnerabilities
SCIE
SCOPUS
- Title
- HackSim: An automation of penetration testing for remote buffer overflow vulnerabilities
- Authors
- Kwon, OH; Lee, SM; Lee, H; Kim, J; Kim, SC; Nam, GW; Park, JG
- Date Issued
- 2005-01
- Publisher
- SPRINGER-VERLAG BERLIN
- Abstract
- We propose an extensible exploit framework for automation of penetration testing (or pen-testing) without loss of safety and describe possible methods for sanitizing unreliable code in each part of the framework. The proposed framework plays a key role in implementing HackSim a pen-testing tool that remotely exploits known buffer-overflow vulnerabilities. Implementing our enhanced version of HackSim for Solaris and Windows systems, we show the advantages of our sanitized pen-testing tool in terms of safety compared with existing pen-testing tools and exploit frameworks. This work is stepping toward a systematic approach for substituting difficult parts of the labor-intensive pen-testing process.
- URI
- https://oasis.postech.ac.kr/handle/2014.oak/24679
- DOI
- 10.1007/978-3-540-30582-8_68
- ISSN
- 0302-9743
- Article Type
- Article
- Citation
- LECTURE NOTES IN COMPUTER SCIENCE, vol. 3391, page. 652 - 661, 2005-01
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.