Tesi etd-05082024-104003 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
MANFREDONIA, GIANMARCO
URN
etd-05082024-104003
Titolo
Penetration Test of an Elevator Management Website
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
CYBERSECURITY
Relatori
relatore Prof. Perazzo, Pericle
correlatore Prof. Vallati, Carlo
tutor Ing. Tesconi, Mario
correlatore Prof. Vallati, Carlo
tutor Ing. Tesconi, Mario
Parole chiave
- Elevators
- Penetration Test
- Pentesting
- Vulnerability Assessment
Data inizio appello
30/05/2024
Consultabilità
Completa
Riassunto
The objective pursued during this thesis work at the company ADATEC srl, was to
assess the security of a web application designed by the company itself to remotely
control and monitor elevators. Specifically, through this app, a maintenance tech-
nician, equipped with appropriate credentials, can control installation parameters,
check the current status of elevators, and maintain a log of each activity and error,
as each elevator is equipped with an electronic board that communicates with the
server and database through the web application itself.
Our investigation will delve deeply into the vulnerabilities and weaknesses inherent
in the web application, employing rigorous vulnerability assessments and penetration testing methodologies. We aim to identify and scrutinize common vulnerabili-
ties that malicious actors could exploit to compromise the integrity of the platform.
Moreover, our study attempts to propose effective mitigation strategies and best
practices to remediate the identified vulnerabilities, improve the resilience of industrial management web platforms, and mitigate the looming threat posed by cyber
adversaries in the realm of elevator control systems, aspiring to enhance the overall
security posture of the web application, safeguard critical infrastructure, and fortify
defenses against cyber threats.
assess the security of a web application designed by the company itself to remotely
control and monitor elevators. Specifically, through this app, a maintenance tech-
nician, equipped with appropriate credentials, can control installation parameters,
check the current status of elevators, and maintain a log of each activity and error,
as each elevator is equipped with an electronic board that communicates with the
server and database through the web application itself.
Our investigation will delve deeply into the vulnerabilities and weaknesses inherent
in the web application, employing rigorous vulnerability assessments and penetration testing methodologies. We aim to identify and scrutinize common vulnerabili-
ties that malicious actors could exploit to compromise the integrity of the platform.
Moreover, our study attempts to propose effective mitigation strategies and best
practices to remediate the identified vulnerabilities, improve the resilience of industrial management web platforms, and mitigate the looming threat posed by cyber
adversaries in the realm of elevator control systems, aspiring to enhance the overall
security posture of the web application, safeguard critical infrastructure, and fortify
defenses against cyber threats.
File
Nome file | Dimensione |
---|---|
Tesi_Gia...donia.pdf | 3.40 Mb |
Contatta l’autore |