Bridging the Gap: A Survey and Classification of Research-Informed Ethical Hacking Tools

Paolo Modesti, Lewis Golightly, Louis Holmes, Chidimma Opara, Marco Moscini

Research output: Contribution to journalArticlepeer-review

33 Downloads (Pure)

Abstract

The majority of Ethical Hacking (EH) tools utilised in penetration testing are developed by practitioners within the industry or underground communities. Similarly, academic researchers have also contributed to developing security tools. However, there appears to be limited awareness among practitioners of academic contributions in this domain, creating a significant gap between industry and academia’s contributions to EH tools. This research paper aims to survey the current state of EH academic research, primarily focusing on research-informed security tools. We categorise these tools into process-based frameworks (such as PTES and Mitre ATT&CK) and knowledge-based frameworks (such as CyBOK and ACM CCS). This classification provides a comprehensive overview of novel, research-informed tools, considering their functionality and application areas. The analysis covers licensing, release dates, source code availability, development activity, and peer review status, providing valuable insights into the current state of research in this field.
Original languageEnglish
Pages (from-to)410-448
JournalJournal of Cybersecurity and Privacy
Volume4
Issue number3
DOIs
Publication statusPublished - 16 Jul 2024

Fingerprint

Dive into the research topics of 'Bridging the Gap: A Survey and Classification of Research-Informed Ethical Hacking Tools'. Together they form a unique fingerprint.

Cite this