Abstract:

Objective- Penetration testing helps to secure networks, and highlights the security issues. In this paper investigate different aspects of penetration testing including tools, attack methodologies, and defense strategies.  More specifically, we performed different penetration tests using a private networks, devices, and virtualized systems and tools. We predominately used tools within the Kali Linux suite. The attacks we performed included: Smartphone penetration testing, hacking phones Bluetooth, traffic sniffing, hacking WPA Protected Wi-Fi, Man-in the-Middle attack, spying (accessing a PC microphone), hacking phones Bluetooth, and hacking remote PC via IP and open ports using advanced port scanner. The results are then summarized and discussed.  The paper also outlined the detailed steps and methods while conducting these attacks.

Design/Methodology/Approach- There are many different tools that can be used for penetration testing. Several are available on the market that one can download and use for free. Many of them are even able to be customized; known as Open Source tools [2]. For example, the testing tool Kali Linux has its own built-in penetration tools; however, you can download and install additional tools to it. Most of these programs are being developed for Linux, with only a handful are being developed for Windows or Mac

Findings- The strategies that exist include antivirus, network cloaking, updating to the new system and using wpa2 encryption.

Limitations- All the strategies are easily bypassed including the wpa2 passwords.

Practical Implications- The strategies that are developed are easy to implement without much effort.

Originality/Value- This paper deals with various attacks on network and system by conducting penetration testing and will help to find the various vulnerabilities to develop strategies that can prevent these attacks thus improving the security of the system.

Keywords- Wi-Fi attack, Smartphone Hacking, Bluesnarfing, Packet Analyzer, Penetration Testing