Please use this identifier to cite or link to this item:
Title: Penetration testing: auditoría profesional
Author: Núñez Alcalá, Carlos
Serra-Ruiz, Jordi  
Esteban Grifoll, Juan Ramón
Abstract: The following document presents the required methodology to perform a professional penetration testing audit. Its goal is to find vulnerabilities within the information systems and solve them before they are found by third parties. Therefore, this type of audit should be considered by any company that wants to guarantee the integrity of their information systems. Due to this audit s intrusive nature, some legal aspects have been considered to make sure that all work is done within the law. At the same time, it is necessary that an adequate working contract is prepared containing the assignment´s scope. To ease the understanding of the audit, every required phase for the execution of the assignment has been explained in detail. Also, a list with the most used tools by penetration testers has been included. After the scope and working tools have been described, the project continues with the creation of a virtual lab. In the lab there are several vulnerable machines that will serve as an example to show all the phases from the audit and to experiment with some of the tools. With this approach, it is intended to simulate an audit within a small company. Lastly, the report is the final product that is delivered to the client. It includes the results of the audit together with some recommendations to solve the vulnerabilities that have been found.
Keywords: penetration test
Type: info:eu-repo/semantics/bachelorThesis
Issue Date: Jun-2021
Publication license:
Appears in Collections:Trabajos finales de carrera, trabajos de investigación, etc.

Files in This Item:
File Description SizeFormat 


Presentación del TFG159,47 MBMP4View/Open
carlosnTFG0621memoria.pdfMemoria del TFG3,64 MBAdobe PDFThumbnail
carlosnTFG0621anexo.pdfAnexo del TFG4,55 MBAdobe PDFThumbnail