PERFORMANCE EVALUATION OF PENETRATION TESTING TOOLS IN DIVERSE COMPUTER SYSTEM SECURITY SCENARIOS

Abstrak

This study aims to scrutinize various tools and techniques employed in vulnerability assessment, to furnish a comprehensive guide regarding the efficacy of computer system penetration testing tools, and to offer a post-exploitation analysis approach to aid security professionals in selecting security tools. The increasing interconnectivity and complexity of computer systems in this ever-evolving digital age have led to the growing sophistication of cyber threats such as hacking, malware, and data theft. To counter these threats, penetration testing has become the primary method for securing computer systems. However, in diverse environments, efficient and adaptive penetration testing tools are needed. The selection of the right tools, with a focus on their efficiency in detecting vulnerabilities and providing mitigation solutions, is a paramount and highly crucial consideration. Additionally, post-exploitation analysis to develop more effective protection strategies after a successful attack is also becoming increasingly important. This research contributes to the fields of Communication Networks and System Security, offering insights into the challenges of selecting the right tools for penetration testers and underscoring the importance of vulnerability assessment in securing computer systems. The research approach employed comprises static analysis and manual analysis, encompassing techniques such as fingerprinting, vulnerability scanning, fuzzing, Nmap scanning, and the utilization of a database search tool called search-sploit. The results of this study indicate that the tools and techniques employed in this research can assist in identifying and mitigating vulnerabilities in computer systems. However, due to certain limitations, the research findings may not apply to diverse scenarios.