Seven Phrase Penetration Testing Model

Parvin Ami; Ashikali Hasan

Call for Paper

February Edition

IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2025

Submit your paper

Know more

The week's pick

HYBRID ANN AND FIREWORKS ALGORITHM FOR REAL-TIME SOFTWARE RELIABILITY PREDICTION

Ivy Botchway Felix Larbi Aryeh Boniface Kayode Alese

Random Articles

Using Feature Extraction for Human Footprints Recognition

February

2013

Modeling of PV Module Performance under Influence of Surrounding and Essential Factors Variation using Matlab Simulink

November

2015

Enabling Effective Personalized Learning: Determinants for Knowledge based Web Information Retrieval Systems

April

2015

Intrusion Detection using Supervised Learning with Feature Set Reduction

November

2011

Reseach Article

Seven Phrase Penetration Testing Model

by Parvin Ami, Ashikali Hasan

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 59 - Number 5

Year of Publication: 2012

Authors: Parvin Ami, Ashikali Hasan

10.5120/9543-3991

Parvin Ami, Ashikali Hasan . Seven Phrase Penetration Testing Model. International Journal of Computer Applications. 59, 5 ( December 2012), 16-20. DOI=10.5120/9543-3991

@article{ 10.5120/9543-3991,

author = { Parvin Ami, Ashikali Hasan },

title = { Seven Phrase Penetration Testing Model },

journal = { International Journal of Computer Applications },

issue_date = { December 2012 },

volume = { 59 },

number = { 5 },

month = { December },

year = { 2012 },

issn = { 0975-8887 },

pages = { 16-20 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume59/number5/9543-3991/ },

doi = { 10.5120/9543-3991 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T21:05:20.046649+05:30

%A Parvin Ami

%A Ashikali Hasan

%T Seven Phrase Penetration Testing Model

%J International Journal of Computer Applications

%@ 0975-8887

%V 59

%N 5

%P 16-20

%D 2012

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Generally most companies are using simple way to test a system is done by primary analysis and formal methods, Based on the observation that most security flaws are triggered due to a flawed interaction with the environment. Herein the model describes a sophisticated approach for testing almost all type of web applications and database integration system for possible security flaws. This approach is to be developed a dynamic model which have the capacity to bind the complex and lengthy procedure of penetration testing process. The proposed model is prepared using seven different Phases called as Seven Phase Penetration Testing Model (SPPT-Model). It simplifies the complex penetration testing procedure and allows penetration tester to evaluate accurately what faults to be exist in the target system. The dynamic model of penetration testing can be implementing freely and efficiently on almost all type of applications. This scheme can be used to classify informatics, analytical, complex, logical, well-known and common security flaws of huge or small application. As per the analysis it is classified that the model can be helpful to revealed 80% of the security flaws in the system.

References

Andrey Petukhov, Dmitry Kozlov, Detecting Security Vulnerabilities in Web Applications Using Dynamic Analysis with Penetration Testing, https://www. owasp. org/images/3/3e/OWASP-AppSecEU08-Petukhov. pdf accessed on 22/11/2012
Boris Beizer, Black-Box Testing: Techniques for Functional Testing of Software and Systems, Edition illustrated, Wiley, 1995, ISBN 978-0471120940
Ashikali M. Hasan - Hackers Eye With CD(English Edition), Computer World, ISBN 978-9380010977
Scott Loveland, Michael Shannon, Geoffrey Miller, Richard Prewitt, Jr. , and Software Testing Techniques: Finding the Defects That Matter, Programming Series, Editor, and Scott Loveland Edition illustrated, Cengage Learning, 2004, ISBN 978-1584503460.
Software Testing: Principles and Practice, Srinivasan Desikan, Gopalaswamy Ramesh, Pearson Education India, 2006 ISBN 978-8177581218.
Professional Penetration Testing: Creating and Operating a Formal Hacking Lab, Thomas Wilhelm, Syngress, 2009, ISBN 978-1597494250.
Ashikali M. Hasan - Hacking An Introduction Computer World, ISBN 978-9380010984
Patrick Engebretson, The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, Syngress Basics Series Syngress Media The Basics,illustrated,Elsevier, 2011 ISBN 978-1597496551.
Hacking Exposed Web App, Authors Joel Scambray, Mike Shema, Joel Scambray, Tata McGraw-Hill Education, 2006, ISBN 9780070619807.
Harris, Gray Hat Hacking 2E, Tata McGraw-Hill Education, 2008 ISBN 9780070248649
Web Applications (Hacking Exposed) by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X
Hacking Exposed 6, McClure, Tata McGraw-Hill Education, 2009, ISBN 0070147183, 9780070147188
The Unified Modeling Language – A User Guide
Stephen Northcutt, Jerry Shenk,Dave Shackleford,Tim Rosenberg, Raul Siles, and Steve Mancini, SANS ANALYST Program june 2006

Index Terms

Computer Science

Information Sciences

Keywords

Penetration Testing System Security Data Analysis Vulnerability and countermeasures System Analysis and Testing advisory on language flexibility Seven Phrase Penetration Testing Model