المؤلفون: Jaime Andrés Restrepo-Gómez, Luis Carlos Correa-Ortiz

المصدر: Ciencia e Ingeniería Neogranadina, Vol 34, Iss 1 (2024)

مصطلحات موضوعية: Bug-Bounty, pruebas de penetración (pentesting), modelos de seguridad de la información., investigadores en seguridad, Engineering (General). Civil engineering (General), TA1-2040, Science

وصف الملف: electronic resource

Relation: https://revistas.unimilitar.edu.co/index.php/rcin/article/view/7059; https://doaj.org/toc/0124-8170; https://doaj.org/toc/1909-7735

URL الوصول: https://doaj.org/article/09a5f24de1d0406aa4f618d0e934bfa7

المؤلفون: Derry Pratama, Naufal Suryanto, Andro Aprila Adiputra, Thi-Thu-Huong Le, Ahmada Yusril Kadiptya, Muhammad Iqbal, Howon Kim

المصدر: Sensors, Vol 24, Iss 21, p 6878 (2024)

مصطلحات موضوعية: penetration testing, large language model, pentesting LLM, AI penetration testing assistant, domain specific LLM, LLM evaluation, Chemical technology, TP1-1185

وصف الملف: electronic resource

Relation: https://www.mdpi.com/1424-8220/24/21/6878; https://doaj.org/toc/1424-8220

URL الوصول: https://doaj.org/article/1cdfe13c0a4b4c7799ca564c992d86c5

المؤلفون: Restrepo-Gómez, Jaime Andrés, Correa-Ortiz, Luis Carlos

المصدر: Ciencia e Ingenieria Neogranadina; Vol. 34 No. 1 (2024); 11-22 ; Ciencia e Ingeniería Neogranadina; Vol. 34 Núm. 1 (2024); 11-22 ; Ciencia e Ingeniería Neogranadina; v. 34 n. 1 (2024); 11-22 ; 1909-7735 ; 0124-8170

مصطلحات موضوعية: Bug-Bounty, Penetration Testing (Pentesting), Information Security, Security Researchers, pruebas de penetración (pentesting), modelos de seguridad de la información, investigadores en seguridad, testes de penetração (pentesting), segurança da informação, pesquisadores de segurança

وصف الملف: application/pdf

Relation: https://revistas.unimilitar.edu.co/index.php/rcin/article/view/7059/5888; S. Shah y B. M. Mehtre, “An overview of vulnerability assessment and penetration testing techniques”, Journal of Computer Virology and Hacking Techniques, vol. 11, no. 1, pp. 27-49, 2014.; U. Ravindran y R. V. Potukuchi, “A review on Web application vulnerability assessment and penetration testing”, Review of Computer Engineering Studies, vol. 9, no. 1, pp. 1-22, 2022.; L. Irwin, “Top 5 cyber security risks for businesses,” IT Governance UK Blog, 19 de jul. de 2022, [en línea], disponible en: https://www.itgovernance.co.uk/blog/top-5-cyber-security-risks-for-businesses. [Consultado: 19-Nov-2022].; Colombia Digital, 5 amenazas de ciberseguridad que en 2022 atacarán en Colombia, Corporación Colombia Digital, 26-ene-2022, [en línea], disponible en: https://colombiadigital.net/opinion/5-amenazas-de-ciberseguridad-que-en-2022-atacaran-en-colombia. [Consultado: 19-Nov-2022].; A. Mohan y D. G. Swaminathan, “Analysis of vulnerability assessment with penetration testing”, SSRN Electronic Journal, 2022.; S. Basu, “Difference between vulnerability assessment and penetration testing”, Astra Security Blog, 28-mar-2022, [en línea], disponible en: https://www.getastra.com/blog/security-audit/vulnerability-assessment-vs-penetration-testing/. [Consultado: 20-Nov-2022].; M. Finifter, D. Akhawe y D. Wagner, “An Empirical Study of Vulnerability Rewards Programs”, in 22nd USENIX Security Symposium (USENIX Security 13), Washington DC, USA, pp. 273-288, 2013.; D. R. McKinnel, T. Dargahi, A. Dehghantanha y K. K. R. Choo, “A systematic literature review and meta-analysis on artificial intelligence in penetration testing and Vulnerability Assessment”, Computers &; Electrical Engineering, vol. 75, pp. 175-188, 2019.; T. Wilhelm, Professional penetration testing creating and learning in a hacking lab, 2nd ed. Amsterdam: Syngress, an imprint of Elsevier, 2013.; L. Allen y K. Cardwell, Advanced penetration testing for highly secured environments: Employ the most advanced Pentesting techniques and tools to build highly secured systems and environments. Birmingham, UK; Packt Publishing, 2016.; I. Soria-Guzmán (Ed.), F. Briones-Medina, E. Cabañes-Martínez, A. Miranda-Díaz, J.M. Serralde-Ruiz y G. Wolf-Izsaevich, Ética hacker, seguridad y vigilancia. CDMX: Universidad del Claustro de Sor Juana, 2016.; M. G. Jaatun, D. S. Cruzes, K. Bernsmed, I. A. Tøndel y L. Røstad, “Software security maturity in public organisations”, Lecture Notes in Computer Science, pp.120-138, 2015.; H. Fryer y E. Simperl, “Web science challenges in researching Bug Bounties,” in: Proceedings of the 2017 ACM on Web Science Conference, Troy, New York, USA, 2017.; S. Ditlea, “Rewriting the Bible in 0’s and 1’s”, Technology review, vol. 102, no. 5, pp. 66-70, 1999.; Google, “Hacking Google, Episode 4, Bug-Bounty”, YouTube, 3-oct-2022, [en línea], disponible en: https://www.youtube.com/watchv=IoXiXlCNoXg [Consultado: 27-Nov-2022].; Hunter & Ready Inc., “VRTX poster, catalog number 102782474”, Computer History Museum, 1983, [en línea], disponible en: https://www.computerhistory.org/collections/catalog/102782474 [Consultado: 29-Nov-2022].; J. Wachs, “Making markets for information security: the role of online platforms in Bug-Bounty programs”, arXiv preprint arXiv:2204. 06905, 2022.; J. O’Hare y L. A. Shepherd, “Proposal of a Novel Bug-Bounty Implementation Using Gamification”, arXiv preprint arXiv:2009. 10158, 2020.; A. Laszka, M. Zhao, A. Malbari y J. Grossklags, “The rules of Engagement for Bug-Bounty programs”, Financial Cryptography and Data Security, pp. 138-159, 2018.; P. García-Pérez, Bug-Bounty: de profesión “cazarre-compensas”. Móstoles, Madrid: ZeroxWord Computing, 2021.; O. Espino, “Bug-Bounty Collection: More than $$$$$ USD in rewards by legally hacking big companies”. Independiente, 2022.; J. Restrepo, “Lo que nadie te dijo antes de dedicarte al Bug-Bounty”, HackTheBox & RedTeamRD. 2020, [en línea], disponible en: https://www.youtube.com/watch?v=4SwV1TnkwJA [Consultado: 29-Nov-2022].; A. Laszka, M. Zhao y J. Grossklags, “Banishing misaligned incentives for validating reports in bug-bounty platforms”, Computer Security - ESORICS 2016, Heraklion, Creta, Grecia, pp. 161-178, 2016.; T. Walshe y A. C. Simpson, “Coordinated vulnerability disclosure programmer effectiveness: Issues and recommendations”, Computers & Security,vol. 123, p. 102936, 2022. https://doi.org/10.1016/j.cose.2022.102936.; H. Hata, M. Guo y M. A. Babar, “Understanding the Heterogeneity of Contributors in Bug-Bounty Programs”, in Proceedings of the 11th ACM/IEEE International Symposium on Empirical Software Engineering; and Measurement, Toronto, Ontario, Canada, pp. 223-228, 2017.; J. Peñalba, “The Worst Bug-Bounty Ever”, Rooted CON, 22-Ago-2017, [en línea], disponible en: https://www.youtube.com/watch?v=pf1TZn1YnXA [Consultado: 29-Nov-2022].; HackerOne, “The 2020 Hacker Report”, [en línea], 2020, disponible en: https://www.hackerone.com/sites/default/files/2020-04/the-2020-hacker-report.pdf [Consultado: 03-Dic-2022].; O. Akgul et al., “Bug hunters’ perspectives on the challenges and benefits of the Bug-Bounty”, in: 32nd USENIX Security Symposium (USENIX Security), Anaheim, California, USA, vol. 2301, 2023. https://doi.org/10.48550/arXiv.2301.04781.; S. Atefi, A. Sivagnanam, A. Ayman, J. Grossklags y A. Laszka, “The benefits of Vulnerability Discovery and Bug-Bounty programs: Case studies of chromium and firefox”, in: Proceedings of the ACM Web Conference 2023, Austin, Texas, USA, 2023. https://doi.org/10.1145/3543507.3583352.; A. Kuehn y M. Mueller, “Analyzing Bug-Bounty Programs: An Institutional Perspective on the Economics of Software Vulnerabilities”, TPRC Conference Paper, disponible en: https://ssrn.com/abstract=2418812; O. Akgul, T. Eghtesad, A. Elazari, O. Gnawali, J. Grossklags, M. L. Mazurek, D. Votipka y A. Laszka, “Proposal of a Novel Bug-Bounty Implementation Using Gamification”, arXiv preprint arXiv:2301.04781; L. Breidenbach, P. Daian, F. Tramèr y A. Juels, “Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts”, in: 27th USENIX Security Symposium (USENIX Security 18), Baltimore, Maryland, USA, pp. 1335-1352, 2018.; F. M. Teichmann y S. R. Boticiu, “An overview of the benefits, challenges, and legal aspects of penetration testing and red teaming”, International Cybersecurity Law Review, 2023. https://doi.org/10.1365/s43439-023-00100-2.; R. Böhme y M. Félegyházi, “Optimal Information Security Investment with penetration testing”, Lecture Notes in Computer Science, pp. 21-37, 2010.; Cobalt, “The State of Pentesting 2022”, 2022, [en línea], disponible en: https://www.cobalt.io/hubfs/State_of_Pentesting_2022.pdf. [Consultado: 07-Mar-2023].; A. Aibekova y V. Selvarajah, “Offensive security: Study on penetration testing attacks, methods, and their types”, 2022 IEEE International Conference on Distributed Computing and Electrical Circuits and Elec-; tronics (ICDCECE), Ballari, Karnataka, India, 2022. https://doi.org/10.1109/icdcece53908.2022.9792772.; M. Styles y T. Tryfonas, “Using penetration testing feedback to cultivate an atmosphere of proactive security amongst end‐users”, Information Management & Computer Security, vol. 17, no. 1, pp. 44-52, 2009.; S. Raj y N. K. Walia, “A study on Metasploit Framework: A pen-testing tool”, 2020 International Conference on Computational Performance Evaluation (ComPE), Jul. 2020. https://doi.org/10.1109/compe49325.2020.9200028.; S. S. Malladi y H. C. Subramanian, “Bug-Bounty programs for cybersecurity: Practices, issues, and recommendations”, IEEE Software, vol. 37, no. 1, pp. 31-39, Jan. 2020. https://doi.org/10.1109/ms.2018.2880508.; https://revistas.unimilitar.edu.co/index.php/rcin/article/view/7059

الاتاحة: https://revistas.unimilitar.edu.co/index.php/rcin/article/view/7059

المؤلفون: Alcaraz, Cristina, Sánchez, José J., López, Javier, Varela Vaca, Ángel Jesús (Coordinador), Ceballos Guerrero, Rafael (Coordinador), Reina Quintero, Antonia María (Coordinador)

المساهمون: Varela Vaca, Ángel Jesús, Ceballos Guerrero, Rafael, Reina Quintero, Antonia María

مصطلحات موضوعية: Pentesting, Industria 5.0, Ciberseguridad

Relation: Jornadas Nacionales de Investigación en Ciberseguridad (JNIC) (9ª.2024. Sevilla) (2024), pp. 30-37.; Sevilla; https://idus.us.es/handle//11441/159385

الاتاحة: https://idus.us.es/handle//11441/159385

المؤلفون: Felipe Redondo, Ana Maria, Núñez Cárdenas, Felipe de Jesús

المصدر: Ciencia Huasteca Boletín Científico de la Escuela Superior de Huejutla; Vol 12 No 24 (2024): Ciencia Huasteca Boletín Científico de la Escuela Superior de Huejutla; 31-35 ; Ciencia Huasteca Boletín Científico de la Escuela Superior de Huejutla; Vol. 12 Núm. 24 (2024): Ciencia Huasteca Boletín Científico de la Escuela Superior de Huejutla; 31-35 ; 2007-493X ; 10.29057/esh.v12i24

مصطلحات موضوعية: Pentesting, tools, vulnerabilities, herramientas, vulnerabilidades

وصف الملف: application/pdf

Relation: https://repository.uaeh.edu.mx/revistas/index.php/huejutla/article/view/12763/11251; https://repository.uaeh.edu.mx/revistas/index.php/huejutla/article/view/12763

الاتاحة: https://repository.uaeh.edu.mx/revistas/index.php/huejutla/article/view/12763
https://doi.org/10.29057/esh.v12i24.12763

المؤلفون: Genevey-Metat, Christophe, Bachelot, Dorian, Gourmelen, Tudy, Quemat, Adrien, Satre, Pierre-Marie, Scotto, Loïc, Perrotolo, Di, Chaux, Maximilien, Delesques, Pierre, Gesny, Olivier

المساهمون: Université de Rennes (UR), SILICOM, Silicom, DGA Maîtrise de l'Information

المصدر: Conference on Artificial Intelligence for Defense ; https://hal.science/hal-04328468 ; Conference on Artificial Intelligence for Defense, DGA Maîtrise de l'Information, Nov 2023, Rennes, France

مصطلحات موضوعية: pentesting automation attack simulation zeroshot classification transformers large language model adaptability robustness explainability, pentesting automation, attack simulation, zeroshot classification, transformers, large language model, adaptability, robustness, explainability, [INFO]Computer Science [cs]

جغرافية الموضوع: Rennes, France

Relation: hal-04328468; https://hal.science/hal-04328468; https://hal.science/hal-04328468/document; https://hal.science/hal-04328468/file/paper5.pdf

الاتاحة: https://hal.science/hal-04328468
https://hal.science/hal-04328468/document
https://hal.science/hal-04328468/file/paper5.pdf

المؤلفون: Melnikovas, Aleksandras, Lugo, Ricardo G., Maennel, Kaie, Brilingaitė, Agnė, Sütterlin, Stefan, Juozapavičius, Aušrius

المصدر: European conference on cyber warfare and security: Proceedings of the 22nd European conference on cyber warfare and security., Reading : Academic Conferences International Limited, 2023, vol. 22, no. 1, p. 294-302. ; ISSN 2048-8602 ; eISSN 2048-8610

مصطلحات موضوعية: Military education, Pentesting, Kolb’s experiential learning cycle, Cybersecurity, Student attitude

وصف الملف: application/pdf

Relation: https://epublications.vu.lt/object/elaba:170095511/170095511.pdf; https://repository.vu.lt/VU:ELABAPDB170095511&prefLang=en_US

الاتاحة: https://repository.vu.lt/VU:ELABAPDB170095511&prefLang=en_US

المؤلفون: Caseiro, Bruno Jorge Silva

مصطلحات موضوعية: Red team, Penetration testing, Social engineering, Physical hacking, Physical pentesting, TIBER-EU

وصف الملف: application/pdf

الاتاحة: http://hdl.handle.net/10773/34993

المؤلفون: Hannu Turtiainen, Andrei Costin, Syed Khandker, Timo Hamalainen

المصدر: IEEE Access, Vol 10, Pp 21554-21562 (2022)

مصطلحات موضوعية: GDL-90, ADS-B, attacks, cybersecurity, pentesting, resiliency, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

وصف الملف: electronic resource

Relation: https://ieeexplore.ieee.org/document/9709804/; https://doaj.org/toc/2169-3536

URL الوصول: https://doaj.org/article/7d0c8533435f444994a728704d67e3cf

المؤلفون: Ankur Chowdhary, Kritshekhar Jha, Ming Zhao

المصدر: Sensors, Vol 23, Iss 8014, p 8014 (2023)

مصطلحات موضوعية: autonomous pentesting, Wireless Sensor Network (WSN), Internet of Things (IoT), Generative Adversarial Network (GAN), reinforcement learning, Web Application Firewall (WAF), Chemical technology, TP1-1185

Relation: https://www.mdpi.com/1424-8220/23/18/8014; https://doaj.org/toc/1424-8220; https://doaj.org/article/7dd5139b41224aa38e1609ba50c62624

الاتاحة: https://doi.org/10.3390/s23188014
https://doaj.org/article/7dd5139b41224aa38e1609ba50c62624

المؤلفون: Varela Vaca, Ángel Jesús, Martínez Gasca, Rafael, Carmona Fombella, José Antonio, Gómez López, María Teresa

المساهمون: Universidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticos, Universidad de Sevilla. TIC-258: Data-centric Computing Research Hub, Ministerio de Ciencia, Innovación y Universidades (MICINN). España, Junta de Andalucía

مصطلحات موضوعية: Cybersecurity, Feature model, Reasoning, Vulnerabilities, Vulnerable configuration, Testing, Pentesting

Relation: SPLC 2020: 24th ACM Conference on Systems and Software Product Line (2020).; RTI2018-094283-B-C33 (ECLIPSE); P20-01224 (COPERNICA); US-1381375 (METAMORFOSIS); New York, USA; https://idus.us.es/handle//11441/138257

الاتاحة: https://idus.us.es/handle//11441/138257

المؤلفون: Gómez, Julián, Olivero González, Miguel Ángel, García García, Julián Alberto, Escalona Cuaresma, María José

المساهمون: Universidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticos, Universidad de Sevilla. TIC021: Engineering and Science for Software Systems, Ministerio de Ciencia, Innovación y Universidades (MICINN). España, Junta de Andalucía

مصطلحات موضوعية: Audit, Cybersecurity, Odoo, Healthcare, Pentest, Pentesting, Security

Relation: WEBIST 2021: 17th International Conference on Web Information Systems and Technologies (2021), pp. 482-489.; PID2019-105455GB-C31; US-1251532; https://www.scitepress.org/Link.aspx?doi=10.5220/0010714500003058; Setúbal, Portugal; https://idus.us.es/handle//11441/135190

الاتاحة: https://idus.us.es/handle//11441/135190

المؤلفون: Vieira, T., Serrão, C.

مصطلحات موضوعية: Component, Web security, Finance sector, Pentesting, Penetration testing, Vulnerability, Risk analysis, CVSS, Domínio/Área Científica::Ciências Naturais::Ciências Físicas

Relation: UID/MULTI/0446/2013; http://hdl.handle.net/10071/25502

الاتاحة: http://hdl.handle.net/10071/25502
https://doi.org/10.1109/ICITST.2016.7856707

المؤلفون: Khandker, Syed, Turtiainen, Hannu, Costin, Andrei, Hämäläinen, Timo

مصطلحات موضوعية: ADS-B, 1090ES, UAT, EFB, 1090MHz, 978MHz, aviation, avionics, ATC, ATM, datalink, cybersecurity, vulnerabilities, pentesting, experimental platform, countermeasures, lennonjohto, lentoliikenne, verkkohyökkäykset, kyberturvallisuus, lennonvarmistus

وصف الملف: application/pdf; 2702-2719; fulltext

Relation: IEEE Transactions on Aerospace and Electronic Systems; 58; CONVID_103842967

الاتاحة: http://urn.fi/URN:NBN:fi:jyu-202202171534

المؤلفون: Turtiainen, Hannu, Costin, Andrei, Khandker, Syed, Hämäläinen, Timo

مصطلحات موضوعية: fuzzing, aerospace electronics, protocols, software, heart beat, aircraft, standards, GDL-90, ADS-B, attacks, cybersecurity, pentesting, resiliency, DoS, aviation, avionics, airtraffic, kyberturvallisuus, lennonjohto, testausmenetelmät, verkkohyökkäykset, lennonvarmistus, lentoliikenne

وصف الملف: application/pdf; 21554-21562; fulltext

Relation: IEEE Access; 10; 783287; 304970; info:eu-repo/grantAgreement/EC/H2020/783287/EU//ATM-Cybersec; European Commission; Research Council of Finland; Euroopan komissio; Suomen Akatemia; CONVID_104251707

الاتاحة: http://urn.fi/URN:NBN:fi:jyu-202202161529

المؤلفون: Ortiz Padilla, Gerardo Antonio, Flores Urgilés, Cristhian Humberto, Padilla Cruz, Irma Narcisa, Carrillo Zenteno, José Antonio

المصدر: Pro Sciences; Vol. 6 No. 42 (2022): marzo; 421-444 ; Pro Sciences: Revista de Producción, Ciencias e Investigación; Vol. 6 Núm. 42 (2022): marzo; 421-444 ; 2588-1000

مصطلحات موضوعية: hackeo ético, pentesting, sitio web, OWASP

وصف الملف: application/pdf

Relation: https://journalprosciences.com/index.php/ps/article/view/518/568; https://journalprosciences.com/index.php/ps/article/view/518

الاتاحة: https://journalprosciences.com/index.php/ps/article/view/518

المؤلفون: Brüsemeister, Patrick

Thesis Advisors: Hartmann, Andreas, Meissner, Roy, Hochschule für Technik, Wirtschaft und Kultur Leipzig

مصطلحات موضوعية: cybersecurity, pentesting, llm, ai, hacking

الاتاحة: https://htwk-leipzig.qucosa.de/id/qucosa%3A91316
https://htwk-leipzig.qucosa.de/api/qucosa%3A91316/attachment/ATT-0/

المؤلفون: Luque Tovar, Angela Lizeth, Bravo Builes, Cristian Bernardo

المساهمون: Cadena Muñoz, Ernesto

مصطلحات موضوعية: Pentesting, Inyección SQL, Kali Linux, Firewall de aplicaciones web, Ingeniería en Telecomunicaciones - Tesis y disertaciones académicas, Firewalls (Informática), SQL (Lenguaje de programación de computadores), Open Access (Programa para computador), Procesadores de palabras, SQL Injection, Web application firewall

وصف الملف: pdf; application/pdf; application/octet-stream

Relation: http://hdl.handle.net/11349/29053

الاتاحة: http://hdl.handle.net/11349/29053

المؤلفون: Archibald, Jacqueline M., Renaud, Karen

المصدر: Information & Computer Security, 2019, Vol. 27, Issue 4, pp. 575-600.

URL الوصول: http://www.emeraldinsight.com/doi/10.1108/ICS-01-2019-0019

المؤلفون: Aires Berbigão, Fábia Filipa

المساهمون: Silva, Rui Miguel, Repositório Comum

مصطلحات موضوعية: Intelligence; Pentesting; PTES; Structured Analytic Techniques; Threat Modeling

وصف الملف: application/pdf

الاتاحة: http://hdl.handle.net/10400.26/29834