Automated Virtualization in Digital Forensic and Penetration Testing Work
Typ
Examensarbete på grundnivå
Program
Publicerad
2019
Författare
Andersson, Eric
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Virtualization technology has in recent years gained significant popularity in the information
technology industry, and despite its widespread use all areas of application
have not yet been discovered. This thesis is done by request of the company Secure-
Link where they want to build a centralized system for the automatic creation and
management of standardized virtual machines used in digital forensic and penetration
testing work. The aim of this work has been to, based on a given specification,
assemble and demonstrate a virtualization software suite for use in this system. The
produced solution is referred to as the virtualization stack and uses KVM/QEMU
as the hypervisor (the software that creates and runs virtual machines), libvirt to
configure the virtual machines, and Vagrant to manage entire virtual environments
using single commands. As part of the work virtual machine templates suitable
for both digital forensic work and penetration testing have been developed, and
workflow automation examples that use the virtualization stack to perform example
assignments have been created. The solution is shown to be scalable and modular
while allowing a high degree of automation. The presented solution can either be
used in its current state or implemented into a larger program that adds additional
functionality. The final product meets all the given system specifications except for
those relating to standards in digital forensic investigations. Suggestions for further
work is to build a front-end used to generate virtual environments according
to specifications made by the user instead of using static configuration files, and to
add features that meet more of the standards required in digital forensic work.
Beskrivning
Ämne/nyckelord
Virtualization , hypervisor , virtual machines , digital forensics , penetration testing