Author: Laris Terneny
Supervisor: Jan Vykopal
Abstract: Penetration testing, which involves simulating controlled attacks, is crucial for identifying vulnerabilities within applications. This thesis compares various penetration testing guides, emphasizing the Open Web Application Security Project (OWASP) Web Security Testing Guide (WSTG), and carries out penetration testing on the INJECT exercise platform (IXP) based on this guide. The goal of the penetration testing is to evaluate the security of the IXP rather than identifying critical vulnerabilities. Seven vulnerabilities were discovered and reported to the developer team. Electronic attachment of the thesis contains the penetration testing report, which is the result of the penetration testing.