The Hidden Network Penetrator Based on Port and Vulnerability Scan Testing Technique

The Hidden Network Penetrator Based on Port and Vulnerability Scan Testing Technique

연구 분야: Strategies

학회: 2024 3rd Edition of IEEE Delhi Section Flagship Conference (DELCON)

The research paper describes a tool designed for automated web scraping and web app penetration testing on illegal websites hosted on the dark web. The tool utilizes the Tor (The Onion Router) network for anonymity and performs various steps including establishing a connection, selecting search engines, entering search queries, extracting websites, and performing illegal content checks using regex. It also includes vulnerability scanning using tools like Nmap, Nikto, OWASP-ZAP and generates a penetration test report in txt, html and xml format. The tool has limitations such as dependency on high-speed internet, restrictions on the number of websites that can be extracted at once, and the need for manual testing in some cases. It is designed for Debian based Linux operating systems like Kali Linux, Ubuntu, Parrot OS, and BackBox. The tool can also run on distributions like fedora and ubuntu but it would require manual configuration on these distributions. The paper references several sources on penetration testing, scraping onion links, scanning onion links, and performing illegal content checks. Despite its few limitations, this tool has the potential to assist in breaching the systems exploiting their existing vulnerabilities on Tor network and mitigating the risks posed by illegal activities on the dark web