資訊技術時代的新趨勢，如：雲端運算、大數據、物聯網和人工智慧。企業被要求需建構許多與服務相關的服務資訊系統，以便在客戶和企業之間建立快速便捷的連結。本研究目的是透過分別由資訊安全攻擊方和防守方雙方的實際資訊安全攻防演練，瞭解企業外部服務資訊系統是否存在任何資訊安全漏洞，並提出建議立即修復，加強其安全防護能力，以及行使。採用的主要網站滲透測試工具，如：Hydra、NMAP、Burp Suite Professional等，同時希望新手資訊安全調查員能夠獲得一些關於網站漏洞的實務傳承經驗，以提昇其滲透技能。

New trends in the information technology era such as cloud, big data, Internet of Things, and artificial intelligence. Enterprises are not actively building many service-related services information systems to build a fast and convenient connection between customers and enterprises. This research intends to understand whether there is any unfunded vulnerability in the external service information system of the enterprise through the actual information security attack and defense drills and to immediately repair and strengthen its security protection capabilities, as well as the exercise of the information security offensive and defensive team. The major website penetration testing tools used are Hydra, NMAP, Burp Suite Professional. At the meantime, the novice investigators may gain some hands-on experience on website vulnerability for improving their penetration skills.