Bridging the Gap: A Survey and Classification of Research-Informed Ethical Hacking Tools

July 19, 2024 · The Cartographer · 🏛 Journal of Cybersecurity and Privacy, Volume 4, Issue 3: pp 410-448, 2024

"No code URL or promise found in abstract"
"Title-pattern auto-detect: Bridging the Gap: A Survey and Classification of Research-Informed Ethical Hacking Tools"

Evidence collected by the PWNC Scanner

Authors Paolo Modesti, Lewis Golightly, Louis Holmes, Chidimma Opara, Marco Moscini arXiv ID 2407.14255 Category cs.CR: Cryptography & Security Citations 0 Venue Journal of Cybersecurity and Privacy, Volume 4, Issue 3: pp 410-448, 2024 Last Checked 4 days ago

Abstract

The majority of Ethical Hacking (EH) tools utilised in penetration testing are developed by practitioners within the industry or underground communities. Similarly, academic researchers have also contributed to developing security tools. However, there appears to be limited awareness among practitioners of academic contributions in this domain, creating a significant gap between industry and academia's contributions to EH tools. This research paper aims to survey the current state of EH academic research, primarily focusing on research-informed security tools. We categorise these tools into process-based frameworks (such as PTES and Mitre ATT\&CK) and knowledge-based frameworks (such as CyBOK and ACM CCS). This classification provides a comprehensive overview of novel, research-informed tools, considering their functionality and application areas. The analysis covers licensing, release dates, source code availability, development activity, and peer review status, providing valuable insights into the current state of research in this field.