Abstract: A penetration test monitoring system includes an attacking host for performing a hacking exercise on a target website; a monitoring server electrically connected to the target website and the attacking host and including a virtual platform and an analysis platform, wherein the virtual platform provides a virtual account for the attacking host to perform the hacking exercise on the target website through the virtual platform after logging in, and the analysis platform is electrically connected to the virtual platform to record the hacking exercise executed by the attacking host; and a monitoring host electrically connected to the monitoring server and the attacking host for monitoring the attacking host. The monitoring server monitors and records the attack behavior of the attacking host, thereby preventing the attacker from arbitrarily implanting virus programs during the security test and improving the protection quality during security testing.

Abstract: A system for managing information security attack and defense planning includes a hacker end, an observer end, and a manager end. The hacker end conducts a real-word hacking exercise to hack a targeted website through a monitoring and control server. The observer end monitors the hacker end. The manager end provides an analysis platform communicatively connected to the monitoring and control server. The hacker end and the observer end generate a first independent report and a second independent report respectively according to logged information during the real-world hacking exercise and respectively transmit the first independent report and the second independent report to the analysis platform through the targeted institution for analysis, allowing the manager end to generate a summary report including flaws and vulnerabilities in information security and transmit the summary report to the targeted institution for the targeted institution to objectively and effectively assess the summary report.

Abstract: A penetration test monitoring system includes an attacking host for performing a hacking exercise on a target website; a monitoring server electrically connected to the target website and the attacking host and including a virtual platform and an analysis platform, wherein the virtual platform provides a virtual account for the attacking host to perform the hacking exercise on the target website through the virtual platform after logging in, and the analysis platform is electrically connected to the virtual platform to record the hacking exercise executed by the attacking host; and a monitoring host electrically connected to the monitoring server and the attacking host for monitoring the attacking host. The monitoring server monitors and records the attack behavior of the attacking host, thereby preventing the attacker from arbitrarily implanting virus programs during the security test and improving the protection quality during security testing.

Abstract: A system for managing information security attack and defense planning includes a hacker end, an observer end, and a manager end. The hacker end conducts a real-word hacking exercise to hack a targeted website through a monitoring and control server. The observer end monitors the hacker end. The manager end provides an analysis platform communicatively connected to the monitoring and control server. The hacker end and the observer end generate a first independent report and a second independent report respectively according to logged information during the real-world hacking exercise and respectively transmit the first independent report and the second independent report to the analysis platform through the targeted institution for analysis, allowing the manager end to generate a summary report including flaws and vulnerabilities in information security and transmit the summary report to the targeted institution for the targeted institution to objectively and effectively assess the summary report.