SSRG International Journal of Computer Science and Engineering Volume 9 Issue 3, 1-4, March 2022

ISSN: 2348 – 8387 / https://doi.org/10.14445/23488387/IJCSE-V9I3P101 © 2022 Seventh Sense Research Group®

Original Article

VAPT & Exploits, along with Classification of

Exploits
Sheetakshi Shukla1, Tasneem Bano Rehman2
1
Student, School of Advanced Computing, Sage University Bhopal, M.P, India.
2
Associate Professor, School of Advanced Computing, Sage University Bhopal, M.P, India.

Received Date: 06 February 2022

Revised Date: 19 March 2022
Accepted Date: 26 March 2022

Abstract - Vulnerability assessment and penetration testing penetration test to complement the assessment's results.
is a process done at every level in cyber security due to Vulnerability assessments can be performed manually or
various attacks regularly and the problems created by the automatically. Manual assessments are generally
attackers either for their personal or professional reasons. performed by an individual who would use an automated
on the other hand, Exploits are the main asset of tool to collect information that can later be manually
Vulnerabilities. This paper aims to classify the exploits analyzed. However, manual assessments may become
based on their existence. Also, this paper tries to give a more time-consuming as the number of assessment
fair judgment to review Vulnerability Assessment and systems increases. Automatic assessments rely on tools to
Penetration Testing with Exploits. Along with some automatically scan and test the system for any
awareness and prevention techniques. A study on vulnerability. These tools analyze the information they
preventive and defensive measures could be taken from the collect to generate results and reports. This can be
view of any Penetration Tester. Detailed Classification of accomplished through a number of different methods,
Exploits and their existence is the main aspect of this including multiple static analysis techniques, such as
paper. source code analysis and syntax-based fuzzing, dynamic
analysis techniques such as binary instrumentation, and
Keywords - Classification of Exploits, Exploits, real-time tests. Defensive techniques include writing
Penetration Testing, Vulnerability Assessment, Zero-Day secure code, Performing Bound Checks, Runtime
Attacks, Zero-Day Exploits. Instrumentation, and static and dynamic code analysis.

I. INTRODUCTION II. LITERATURE REVIEWS

Any flaw, loophole, or misconfiguration during the Vikash Kumar is a “robust intelligent zero‑day
software's update or installation or any faulty coding patch cyber‑attack detection technique” by Vikash Kumar,
usually leads to the production of any Vulnerability. Detect Ditipriya Sinha. The authors had enlightened the entire
such Vulnerability is known as Vulnerability Assessment. working, detection, and prevention of Zero Attacks. They
Whereas on detection of such Vulnerability, a probable define some algorithms to satisfy the agenda of detecting
solution is deployed, and the problem is being fixed, such a the Zero-Day Exploits with the help of fingerprints and
process is known as Penetration Testing [11]. As far as the signatures of the earlier known and identified exploits.
Exploits are concerned, they can be introduced as a mere They propped a robust system to detect the Zero Attack
coding malfunction that may lead to serious situations Exploits with the help of the highly updated network traffic
detected by any attacker [1]. All such kinds of of the earlier discovered Exploits. Also, for this approach,
vulnerability detection are now usually done with the they preferred a stream of raw bytes capable enough to
advanced technology with the help of Machine Learning capture real-time traffic. The model is neither dependent
and Artificial Intelligence [4, 5, 6]. on network nor source and destination-specific
information. This model is the solution for earlier research
In this paper, the discussion is about VAPT and that was limited and less reliable for detecting Zero-Day
Exploits & there is detail about the Penetration Testing attacks. The case studies included in the proposal give a
process and Remote attack process. Further classification better vision of different variants of zero-day attacks like
of Exploits based on various aspects is a little contribution HVA(High Volume Attacks) and LVA(Low Volume
proposed, ending with the Research work and Conclusion. Attacks). Apart from this, various vulnerabilities based on
Vulnerability assessments and penetration tests are the DoS or Buffer Overflow are discussed in the proposal and
main ways to discover vulnerabilities in a system and the Case Studies.
mitigate them. Vulnerability assessments are typically
conducted regularly, either independently or as part of a

This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

 Sheetakshi Shukla & Tasneem Bano Rehman / IJCSE, 9(3), 1-4, 2022

Analysis and Impact of Vulnerability Assessment and Preventive measures that can be taken include:
Penetration Testing, by Yugansh Khera, Deepansh Kumar, • To be proactive. That means installing a good
Sujay, Nidhi. in this research, the authors depicted dangers antivirus and firewall.
to the trustworthiness and privacy of data and assets are • Monitoring your computer and checking that all the
expanded. To remain secure, associations perform VAPT programs on your computer are up-to-date with the
to check the security stance of the framework. As we have latest security patches.
gone through the writing study about VAPT techniques, it • One should also use strong passwords and change
is observed that there are different devices accessible for them often. It's also helpful to create different user
the recently developed weaknesses. This issue can be accounts for each program, so you don't have to
tended to by making instruments so adaptable that new share passwords for everything.
assault marks can be added for weaknesses. To make
VAPT results significant, it should focus on and clarify B. Penetration Testing
weaknesses with CVE numbers which can be purchased Penetration testing is a control system assessment that
from industry-standard references like public weakness mirrors an attack by a malicious individual. The goal of the
information base (NVD), normal weakness scoring test is to identify how vulnerable your systems are to
framework (CVSS), open-source weakness information potential security breaches. Information gathered from this
base (OSVDB), and so on, performing VAPT. Assailants type of assessment can be used to make necessary
are tracking down better approaches to sidestep security adjustments to increase your company's overall security.
instruments, so new weaknesses are developing which
should be tended to. Subsequently, existing apparatuses Penetration tests come in two different varieties:
should be added with instruments to distinguish and external and internal. External tests involve hackers or
evaluate. malicious individuals who attempt to access sensitive
III. PROPOSED WORK information outside of the company’s firewall (i.e.,
A. Remote Attacks customer data, credit card numbers). Internal tests involve
How can remote attacks happen? Remote attacks are people on staff who attempt to break through security
possible for several reasons. For example, a hacker could measures within the company's network (i.e., phishing
use a trojan horse or virus to infiltrate your computer from scams). Both types of tests provide feedback on how
an external. secure a system is but each has its advantages and
disadvantages in terms of effectiveness and cost-
Following is the block representation of steps included effectiveness. An external penetration test might be
in any remote attack. cheaper but less effective than an internal one because it
Footprinting doesn't assess as much of the organization's network
infrastructure as an internal test. Penetration testing is
Network Scanning typically done by a third-party entity that will be permitted
to test the system's security.
Port Scanning
The primary goal of penetration testing is to identify
Version Detection Scan any potential vulnerability on your website or network.
The information gathered from the test can be used to
OS Fingerprinting make adjustments to increase your company's overall
security. Continual assessment can help you protect your
Social Engineering business more effectively and efficiently than if you were
relying solely on one-time assessments. Pen tests are also
Vulnerability Scanning
cost-effective because they're generally much less
Configuring Exploit expensive than hiring a cyber security firm for continual
security checks. If one finds that Vulnerability has been
Attack identified during penetration testing, you have the
opportunity to take steps to fix the problem before
Maintaining Access with Trojans malicious actors exploit it. This enhances your company's
security, but it also demonstrates that you care about
Covering Tracks/Logs safeguarding customer data and information.
Fig. 1 Process of Remote Attack
Following is the explanation of the process included in
In Fig. 1, it is to be explained that once the process of any Penetration Testing done.
Reconnaissance is done, the major work to be done is all
on exploits; first of all, the configuration is done, then the
attack process is done, where the attacker finds a medium
whether remote or physical for the attack to be successful.
This exploits itself holds on to the Trojan too. It may be
hidden inside an image file or anything that lures the
attention of the target and forces the target to access them.

2
 Sheetakshi Shukla & Tasneem Bano Rehman / IJCSE, 9(3), 1-4, 2022

Based on Detection, Exploits can be divided into two

Pre-engagement Intelligence parts:
process Gathering
c) Known Exploits
The Exploit that has been already discovered by the
Vulnerability Penetration Tester and the solution to those Exploit have
Threat Modelling
Analysis also been found previously are known as Known Exploits.
If an attack has been done on a global or personal level, the
mode of attack and Vulnerability is detected. Hence it's
Post easier for the tester to resolve the problems caused by the
Exploitation Reporting
Exploitation attack.
Fig. 2 Process of Penetration Testing d) Zero-Day Exploits
The Exploits developed on the same day when any
In the previous section, it was the discussion from the new software or any OS or update is launched, known as
point of view of an attacker, but herein, the above figure is Zero-Day Exploits. These exploits are considered
discussed how Penetration Testing is done. So, exploits dangerous as it might take longer to detect the Shell-
have a defensive approach too, when it comes to terms of Coding of the Exploit that has been used for the attack,
Penetration testing. Testers need to find the vulnerabilities resulting in more time to find a probable solution to tackle
and launch the exploits when any vulnerability is found in any such attack.
any atmosphere. So that the security program is being
processed and the exploitation is being diagnosed with a Difference between Zero-Day Attacks & Exploits
suitable Security program. Post security, a report is being Zero-Day Attack Zero-Day Exploit
generated to update it for future references. Hackers could also discover A zero-day exploit is
software vulnerabilities, once hackers profit
C. Classification of Exploits
security firms or researchers, from a computer
Following is the classification of Exploits on Different
by the computer code vendors code security flaw to
measures.
themselves or users. If perform a cyber
Manual/Physical discovered by hackers, Any attack, which
Exploits exploit will be an unbroken security flaw is just
On the basis of
Vulnerabilities secret for as long as attainable illustrious to
Remote Exploits and can flow solely through hackers, which
the ranks of hackers till means computer
Exploits
computer code or security code developers
Known Exploits firms become alert to it or of don't have any clue
On the basis of the attacks targeting it. Some to its existence and
detection Unknown outline these sorts of attacks as don't have any patch
Exploits 'less than zero-day' attacks. to mend it.
Fig. 3 Classification of Exploits

The above tree representation is of the Classification Top Examples of Zero-Day attacks.
of the Exploits.
• LinkedIn (June 2021)
• Alibaba(November 2019)
Based on Vulnerabilities, Exploits can be divided into • Facebook(April 2019)
two parts • MarriottInternational(September 2018)
• Yahoo(August 2013)
a) Manual Exploits
Also called Physical Exploits, as the attack is done by As per the analysis, every minute, a new bug or
physical means like being loaded in a pen drive, any image Vulnerability or a loophole is detected by various hackers
or CD, or any video and sent to the target. or the penetration tester, so the possibility of a new exploit
b) Remote Exploits taking birth is directly proportional to the detection of
These exploits have to go through a long process, like Vulnerability. Below is a graphical representation of zero-
gaining the target's IP address, Port Forwarding, launching day attacks that happened over a decade
the Exploit, and then poisoning it on the Web.

3
 Sheetakshi Shukla & Tasneem Bano Rehman / IJCSE, 9(3), 1-4, 2022

[3] Ajjarapu Kusuma Priyanka, Siddemsetty Sai Smruthi, Web

70 Applicationvulnerabilities: Exploitation and Prevention, in
International Conference on Electrotechnical Complexes and
60 Systems, (2020) 1-5.
[4] Olufogorehan Tunde-Onadele, Jingzhu He, Ting Dai, Xiaohui Gu,
50 A Study on Container Vulnerability Exploit Detection, in IEEE
40 International Conference of Cloud Engineering, (2019) 121-127.
[5] Xin Zhou, Jianmin Pang, Expdf Exploit Detection Method Using
30 Machine Learning, in Atlantis Press SARL, 12(2) (2019) 1019 - 1028.
[6] Yugansh Khera, Deepansh Kumar, Sujay, Nidhi Garg, Analysis and
20 Impact of Vulnerability Assessment and Penetration Testing, in
IEEE COMITCON, (2019) 525-530.
10 [7] Jukka Ruohonen, Classifying Web Exploits with Topic Modelling,
0 in International Workshop on Database and Expert Systems
Applications, IEEE, (2017) 93-97.
[8] Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley,
Your Exploit Is Mine- Automatic Shellcode Transplant for Remote
Exploits, in IEEE Symposium on Security and Privacy, (2017) 824-
Fig. 4 Graphical Representation of zero-day Attacks in the past
839.
decade
[9] Richard Ciancioso, Danvers Budhwa, Thaierhayajneh, A
Framework for Zero-Day Exploit Detection and Containment, IEEE
IV. CONCLUSION AND FUTURE WORK 3rd Intl Conf on Big Data Intelligence and Computing and Cyber
The overall study was about Vulnerability Assessment Science and Technology Congress, (2017) 1-6.
and Penetration Testing and their direct and indirect [10] Prashant S. Shinde, Prof. Shrikant B. Ardhapurkar, Cyber Security
Analysis Using Vulnerability Assessment and Penetration Testing,
relations with Exploits. With the rising numbers of attacks, in IEEE Sponsored World Conference on Futuristic Trends in
either remote or manual, attackers are capable enough to Research and Innovation for Social Welfare, (2016) 1-5.
find new approaches for infection on various platforms. It [11] Ivan Nikolaev, Martin Grill, Veronica Valeros, Exploit Kit Website
is up to the Penetration Testers, the skills they also possess Detection Using HTTP Proxy Logs, in IEEE ACM International
Conference Proceeding Series, (2016) 120-125.
the awareness they spread among the users to make a safer [12] Phongphunkijsanayothin, Rattikorn Hewett, Exploit Based Analysis
browsing and Vulnerability-free environment in this world. Attack Models, IEEE 12th International Symposium on Network
Computing and Applications, (2013) 1-4.
Being a current issue in Cybercrime and Cyberspace, [13] Deshen Fu, Feiyue Shi, Buffer Overflow Exploit and Defensive
this research area has a wide ground related to newer Techniques, in IEEE 4th International Conference on Multimedia
approaches to the detection of Vulnerabilities and Exploit and Security, (2012) 87-90
[14] EC-COUNCIL, CEH-Ethical Hacking and Countermeasures ,1
with the help of Artificial Intelligence and Machine [15] David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni,
Learning. As far as the Zero Day Exploits are concerned, Metasploit- A Complete Penetration Testing Guide, (2011) 1-332.
one can have a deeper study and development of any such [16] 2020, The Offensive Security Available [Online],
algorithm which can give justice and help Testers instantly Https://Www.Offensive-Security.Com/Metasploit-
Unleashed/Completing-Exploit/
detect the mechanism and architecture of such attacks. [17] 2020, Improving Vulnerability Remediation Through Better Exploit
Prediction, Available [Online]
REFERENCES Https://Academic.Oup.Com/Cybersecurity/Article/6/1/Tyaa015/590
[1] Vikash Kumar, Ditipriya Sinha, A Robust Intelligent Zero Day 5457
Cyber Attack Detection Technique, Complex & Intelligent Systems, [18] (2020). Available [Online]
7(5) (2021) 2211-2234 Https://Www.Avast.Com/C-Exploits#Gref
[2] Andrew Johnson, Rami J.Haddad, Evading Signature Based [19] (2020), Graphology of Exploits, Available [Online]
Antivirus Software Using Reverse Exploit Shell-Code, in IEEE Https://Research.Checkpoint.Com/2020/Graphology-Of-An-
SOUTHEASTCON, (2021) 1-6. Exploit-Volodya/