System and method for network penetration testing

Abstract

Embodiments relate to methods and systems for executing methods for penetration testing a network. The method involves receiving a first configuration file including network configuration information pertaining to defining a network, and defining log gathering procedures based on the network configuration information. The method involves locating a second configuration file including security module information pertaining to a security module, and defining a test case based on the security module information, the test case including a test data package. The method involves parsing data from the first and second configuration files to generate a data object. The method involves activating the security module to produce a vulnerability output. The method involves executing within the security module the test data package and the test case to identify a penetration vulnerability associated with the vulnerability output of the network. The method involves outputting the penetration vulnerability of the network.

CPC Classifications