Towards Lightweight Mobile Pentesting Tools to Quickly Assess Machine Security Levels

Authors

  • Iñigo Llaneza Aller Universidad de Oviedo, Estudiante. Mecalux Software Solutions, Ingeniero.
  • Jose Manuel Redondo López, Phd. Universidad de Oviedo, Profesor Contratado Doctor https://orcid.org/0000-0002-0939-0186
  • Luis Antonio Vinuesa Martínez, Phd. Universidad de Oviedo, Profesor Colaborador https://orcid.org/0000-0002-4992-8454

Keywords:

Mobile device, customization, pentesting, lightweight, reflection

Abstract

Maintaining an appropriate security level on computing device infrastructures requires periodic audits to check for potential vulnerabilities. To do this, appropriate security tools are needed. Sometimes these tools turn difficult to deploy or use in scenarios where the infrastructure location, resource availability or general status do not suit their resource needs or features. This paper describes Lightpen, a security audit tool able to perform a fully customizable suite of lightweight security tests from a mobile device. Lightpen allows users to perform pentesting tasks at any place, choosing only the type of tests that are judged as the most adequate for the type of infrastructure to be audited. This way, resource and time usage is optimized, enabling security audits whenever they are needed. The tool is also very modular, using reflection to add more types of scans easily, without modifying the application core.

Downloads

Download data is not yet available.

Author Biographies

Iñigo Llaneza Aller, Universidad de Oviedo, Estudiante. Mecalux Software Solutions, Ingeniero.

Graduado en Ingenier´ía Inform´ática del Software por la Universidad de Oviedo en 2017 y cursando el M´aster en Ingenier´ıa Web en la misma universidad. Actualmente contratado como Ingeniero Inform´atico en la empresa Mecalux Software Solutions (Gij´on) (Espa˜na).

inigo.jpg

Jose Manuel Redondo López, Phd., Universidad de Oviedo, Profesor Contratado Doctor

Profesor Contratado Doctor en el Departamento de Inform´atica de la Universidad de Oviedo, Espa˜na. Ingeniero T´ecnico en Informática (2000), Ingeniero en Inform´atica (2002) y Doctor en Inform´atica (2007). Sus l´ıneas de investigaci´on son: lenguajes din´amicos, reflexi´on computacional, compilaci´on JIT, m´aquinas virtuales y seguridad inform´atica.

redondo.jpg

Luis Antonio Vinuesa Martínez, Phd., Universidad de Oviedo, Profesor Colaborador

Profesor Colaborador en el Departamento de Inform´atica de la Universidad de Oviedo, Espa˜na. Ingeniero T´ecnico en Inform´atica (1994), Ingeniero en Inform´atica (1998) y Doctor en Inform´atica (2007). Sus l´ıneas de investigaci´on son: lenguajes din´amicos, reflexi´on computacional, compilaci´on JIT y orientaci´on a aspectos.

Downloads

Published

2019-12-02

How to Cite

Llaneza Aller, I., Redondo López, J. M., & Vinuesa Martínez, L. A. (2019). Towards Lightweight Mobile Pentesting Tools to Quickly Assess Machine Security Levels. IEEE Latin America Transactions, 17(7), 1116–1123. Retrieved from https://latamt.ieeer9.org/index.php/transactions/article/view/593

Issue

Vol. 17 No. 7 (2019): Ordinary Issue

Section

Articles