Browsing by Author "Mateus Rendon, Erick Steven"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
Item Análisis de pruebas de penetración en sistemas y servicios web(Universidad Santiago de Cali, 2024) Mateus Rendon, Erick Steven; Chaves Cárdenas, Dalessandro; González Mejía, Erick Santiago; Rojas Montes, Javier Salvador (Director)IT services face various risks, mainly from cyber attacks. Web penetration testing determines whether a web system is vulnerable to attacks using tools and techniques that are usually used by penetration specialists who are dedicated to identifying vulnerabilities in these. Case studies are presented in order to expose an adequate management of cybersecurity, using specialized tools such as Nessus, which includes a practical case of a university where this tool is used to evaluate the security of its websites, and also Metasploit, which together with the Kali Linux operating system addresses a practical case where IoT devices are completely compromised. The review was prepared using the PRISMA methodology, selecting 70 articles and of which 26 articles were used. This methodology guarantees the quality and reliability of the sources. Web penetration testing evaluated vulnerabilities using black, white and gray box approaches, using manual and/or automated techniques. Web penetration testing consists of a 5-phase methodology: planning, scanning, exploitation, maintaining access and generating reports. In conclusion, it was found that the combination of penetration testing approaches (black, white and grey box), together with the use of emerging technologies such as artificial intelligence, not only optimizes vulnerability detection, but also strengthens system security. The incorporation of automated tools and advanced attack simulation allows organizations to mitigate potential impacts and protect their systems more efficiently.