Call for Paper April 2023

VAPT & Exploits, along with Classification of Exploits

International Journal of Computer Science and Engineering
© 2022 by SSRG - IJCSE Journal
Volume 9 Issue 3
Year of Publication : 2022
Authors : Sheetakshi Shukla, Tasneem Bano Rehman
10.14445/23488387/IJCSE-V9I3P101

pdf
How to Cite?

Sheetakshi Shukla, Tasneem Bano Rehman, "VAPT & Exploits, along with Classification of Exploits," SSRG International Journal of Computer Science and Engineering , vol. 9,  no. 3, pp. 1-4, 2022. Crossref, https://doi.org/10.14445/23488387/IJCSE-V9I3P101

Abstract:

Vulnerability assessment and penetration testing is a process done at every level in cyber security due to regular attacks and the problems created by the attackers, either for personal or professional reasons. On the other hand, Exploits are the main asset of Vulnerabilities. This paper aims to classify the exploits based on their existence. Also, this paper tries to give a fair judgment to review Vulnerability Assessment and Penetration Testing with Exploits. Along with some awareness and prevention techniques. A study on preventive and defensive measures could be taken from the view of any Penetration Tester. Detailed Classification of Exploits and their existence is the main aspect of this paper.

Keywords:

Classification of Exploits, Exploits, Penetration Testing, Vulnerability Assessment, Zero-Day Attacks, Zero-Day Exploits.

References:

[1] Vikash Kumar, Ditipriya Sinha, “A Robust Intelligent Zero Day Cyber Attack Detection Technique,” Complex & Intelligent Systems, vol. 7, no. 5, pp. 2211-2234, 2021.
[2] Andrew Johnson, Rami J.Haddad, “Evading Signature Based Antivirus Software using Reverse Exploit Shell-Code,” In IEEE Southeastcon, pp. 1-6, 2021.
[3] Ajjarapu Kusuma Priyanka, Siddemsetty Sai Smruthi, “Web Applicationvulnerabilities: Exploitation and Prevention,” In International Conference on Electrotechnical Complexes and Systems, pp. 1-5, 2020.
[4] Olufogorehan Tunde-Onadele, Jingzhu He, Ting Dai, Xiaohui Gu, “A Study on Container Vulnerability Exploit Detection,” In IEEE International Conference of Cloud Engineering, pp. 121-127, 2019.
[5] Xin Zhou, Jianmin Pang, “Expdf Exploit Detection Method Using Machine Learning,” International Journal of Computational Intelligence Systems, in Atlantis Press SAR, vol. 12, no. 2, pp. 1019 – 1028, 2019.
[6] Yugansh Khera, Deepansh Kumar, Sujay, Nidhi Garg, “Analysis and Impact of Vulnerability Assessment and Penetration Testing,” In IEEE COMITcon, pp. 525-530, 2019.
[7] Jukka Ruohonen, “Classifying Web Exploits with Topic Modelling,” In International Workshop on Database and Expert Systems Applications, IEEE, pp. 93-97, 2017.
[8] Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley, “Your Exploit is Mine- Automatic Shellcode Transplant for Remote Exploits,” In IEEE Symposium on Security and Privacy, pp. 824-839, 2017.
[9] Richard Ciancioso, Danvers Budhwa, Thaierhayajneh, “A Framework for Zero-Day Exploit Detection and Containment,” IEEE 3rd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress, pp. 1-6, 2017.
[10] Prashant S. Shinde, Prof. Shrikant B. Ardhapurkar, “Cyber Security Analysis Using Vulnerability Assessment and Penetration Testing,” In IEEE Sponsored World Conference on Futuristic Trends in Research and Innovation for Social Welfare, pp. 1-5, 2016.
[11] Ivan Nikolaev, Martin Grill, Veronica Valeros, “Exploit Kit Website Detection Using HTTP Proxy Logs,” In IEEE ACM International Conference Proceeding Series, pp. 120-125, 2016.
[12] Phongphunkijsanayothin, Rattikorn Hewett, “Exploit Based Analysis Attack Models,” IEEE 12th International Symposium on Network Computing and Applications, pp. 1-4, 2013.
[13] Deshen Fu, Feiyue Shi, “Buffer Overflow Exploit and Defensive Techniques,” In IEEE 4th International Conference on Multimedia and Security, pp. 87-90. 2012.
[14] EC-COUNCIL, CEH-Ethical Hacking and Countermeasures, vol. 1
[15] David Kennedy, Jim O'Gorman, Devon Kearns, and Mati Aharoni, Metasploit- A Complete Penetration Testing Guide, pp. 1-332, 2011.
[16] The Offensive Security, 2020. Available [Online], Https://Www.Offensive-Security.Com/Metasploit-Unleashed/Completing-Exploit/
[17] Improving Vulnerability Remediation Through Better Exploit Prediction, 2020. Available [Online] Https://Academic.Oup.Com/Cybersecurity/Article/6/1/Tyaa015/5905457
[18] 2020. Available [Online] Https://Www.Avast.Com/C-Exploits#Gref
[19] Graphology of Exploits, 2020. Available [Online] Https://Research.Checkpoint.Com/2020/Graphology-Of-An-Exploit-Volodya/