Penterep: Comprehensive Penetration Testing with Adaptable Interactive Checklists

Simple item page
dc.contributor.authorLazarov, Willics
dc.contributor.authorŠeda, Pavelcs
dc.contributor.authorMartinásek, Zdeněkcs
dc.contributor.authorKümmel, Romancs
dc.coverage.issue7cs
dc.coverage.volume154cs
dc.date.accessioned2025-04-11T07:56:03Z
dc.date.available2025-04-11T07:56:03Z
dc.date.issued2025-03-17cs
dc.description.abstractIn the contemporary landscape of cybersecurity, the importance of effective penetration testing is underscored by NIS2, emphasizing the need to assess and demonstrate cyber resilience. This paper introduces an innovative approach to penetration testing that employs interactive checklists, supporting both manual and automated tests, as demonstrated within the Penterep environment. These checklists, functioning as a quantifiable measure of test completeness, guide pentesters through methodological testing, addressing the inherent challenges of the security testing domain. While some may perceive a limitation in the dependency on predefined checklists, the results from a presented case study underscore the criticality of methodological testing. The study reveals that relying solely on fully automated tools would be inadequate to identify all vulnerabilities and flaws without the inclusion of manual tests. Our innovative approach complements established methodologies, such as PTES, OWASP, and NIST, providing crucial support to penetration testers and ensuring a comprehensive testing process. Implemented within the Penterep environment, our approach is designed with deployment flexibility (both on-premises and cloud-based), setting it apart through an overview comparison with existing tools aligned with state-of-the-art penetration testing approaches. This flexible and scalable approach effectively bridges the gap between manual and automated testing, meeting the increasing demands for effectiveness and adaptability in penetration testing.en
dc.formattextcs
dc.format.extent1-16cs
dc.format.mimetypeapplication/pdfcs
dc.identifier.citationCOMPUTERS & SECURITY. 2025, vol. 154, issue 7, p. 1-16.en
dc.identifier.doi10.1016/j.cose.2025.104399cs
dc.identifier.issn1872-6208cs
dc.identifier.orcid0000-0001-6820-8391cs
dc.identifier.orcid0000-0002-6689-1980cs
dc.identifier.orcid0000-0002-6504-5619cs
dc.identifier.other197057cs
dc.identifier.researcheridAHC-2481-2022cs
dc.identifier.researcheridAAY-3211-2021cs
dc.identifier.researcheridH-8896-2018cs
dc.identifier.scopus58316001100cs
dc.identifier.scopus56955391700cs
dc.identifier.scopus54416101900cs
dc.identifier.urihttps://hdl.handle.net/11012/250881
dc.language.isoencs
dc.publisherElseviercs
dc.relation.ispartofCOMPUTERS & SECURITYcs
dc.relation.urihttps://www.sciencedirect.com/science/article/pii/S0167404825000884cs
dc.rightsCreative Commons Attribution-NonCommercial 4.0 Internationalcs
dc.rights.accessopenAccesscs
dc.rights.sherpahttp://www.sherpa.ac.uk/romeo/issn/1872-6208/cs
dc.rights.urihttp://creativecommons.org/licenses/by-nc/4.0/cs
dc.subjectChecklistsen
dc.subjectCybersecurityen
dc.subjectEthical hackingen
dc.subjectMethodologyen
dc.subjectPenetration testingen
dc.subjectReportingen
dc.subjectVulnerability assessmenten
dc.titlePenterep: Comprehensive Penetration Testing with Adaptable Interactive Checklistsen
dc.type.driverarticleen
dc.type.statusPeer-revieweden
dc.type.versionpublishedVersionen
eprints.grantNumberinfo:eu-repo/grantAgreement/MV0/VK/VK01030019cs
sync.item.dbidVAV-197057en
sync.item.dbtypeVAVen
sync.item.insts2025.04.11 09:56:03en
sync.item.modts2025.04.11 09:33:31en
thesis.grantorVysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií. Ústav telekomunikacícs
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
1s2.0S0167404825000884main.pdf
Size:
2.03 MB
Format:
Adobe Portable Document Format
Description:
file 1s2.0S0167404825000884main.pdf
Download
Collections
Ústav telekomunikací