Web Application Security

This report focuses on vulnerabilities on web-applications and web-sites from Cross-Site Scripting attacks (XSS). The different types of XSS attacks are examined: DOM-based, active and passive attacks. The spread of XSS attacks across platforms government and financial institutions, transportation companies, hospitality and entertainment has been analyzed. Research and analysis of the security of corporate websites and their resistance to XSS attacks have been carried out. The basic guidelines for preventing valuable data theft and unauthorized access to websites and applications from XSS attacks are reviewed and systematized.

Obtaining the desired dataset is still a prime challenge faced by researchers while analysing Online Social Network (OSN) sites. Application Programming Interfaces (APIs) provided by OSN service providers for retrieving data impose several unavoidable restrictions which make it difficult to get a desirable dataset. In this paper, we present an iMacros technology-based data crawler called IMcrawler,capable of collecting every piece of information which is accessible through a browser from the Facebook website within the legal framework reauthorized by Facebook.The proposed crawler addresses most of the challenges allied with web data extraction approaches and most of the APIs provided by OSN service providers. Two broad sections have been extracted from Facebook user profiles, namely, Personal Information and Wall Activities. The collected data is pre-processed into two datasets and each data set is statistically analysed to draw semantic knowledge and understand the several behavior...

We propose a log-based analysis tool for evaluating web application computer system. A feature of the tool is an integration software log with infrastructure log. Software engineers alone can resolve system faults in the tool, even if the faults are complicated by both software problems and infrastructure problems. The tool consists of 5 steps: preparation software, preparation infrastructure, collecting logs, replaying the log data, and tracing the log data. The tool was applied to a simple web application system in a small-scale local area network. We confirmed usefulness of the tool when a software engineer detects faults of the system failures such as " 404 " and " no response " errors. In addition, the tool was partially applied to a real large-scale computer system with many web applications and large network environment. Using the replaying and the tracing in the tool, we found causes of a real authentication error. The causes were combined an infrastructure problem with a software problem. Even if the failure is caused by not only a software problem but also an infrastructure problem, we confirmed that software engineers alone could distinguish between a software problem and an infrastructure problem using the tool.

Today almost all organizations have improved their performance through allowing more information exchange within their organization as well as between their distributers, suppliers, and customers using web support. Databases are central to the modern websites as they provide necessary data as well as stores critical information such as user credentials, financial and payment information, company statistics etc. These websites have

Web Application Hacking and Security is a specialization certification that enables the cybersecurity workforce to learn, hack, test, and secure web applications from existing and emerging security threats in the industry verticals.

Read more & Get Certified.. https://bit.ly/3z4rlGQ

Abstract-- When an internet user interacts in web environment by surfing the Net, sending electronic mail messages and participating in online forums lot of data is generated which may have user’s private information. If this information is captured by third party tools and techniques; it may cause a breach in end user privacy. In the Web environment, end user privacy is one of the most controversial legal issues. In this paper issues related to information leakage through SQL injection attacks are presented and protection mechanisms are also discussed.

Fuzz testing (also known as fuzzing) is a blackbox testing technique for finding flaws in software by feeding random input into applications and monitoring for crashes.
Programs that generate fuzz data are called fuzzers and they generate input data that test engineers might not think of. There are two categories of fuzzers, unintelligent (UF) and intelligent (IF). The difference lies in the method of input data generation. UF has no prior knowledge of the input format while IF knows the format which enables it to specify semi-valid data for what its attempting to fuzz.
Sources like [21, 20] have indicated that user input in web applications are a huge problem. Fuzzing might prove to be a valuable method for finding flaws in these types of applications. However, the research that has been done on fuzzing web applications [6] have made use of UF. In this thesis we will introduce and evaluate an IF method based on validators.
Many modern web applications are developed using specialized web frame- works that make use of validators that validate incoming input before further actions are taken by the application.
Our hypothesis is that the data generated by a UF will often be evaluated as invalid by validators that are in place and will therefore have superficial code coverage. Intelligent fuzz data that is generated within validator constraints will have better code coverage and will therefore trigger more flaws.
In order evaluate the effectiveness of our IF method we have fuzzed a set of typical web applications using 3 different fuzzing methods: UF, our IF method and fuzzing with manually defined fuzz format specifications.
The results of this experiment indicate that our method of intelligent fuzzing performs marginally better while requiring more manual effort. This manual effort can be further automated, which would make it a valuable addition to fuzzing web applications.

Aplikasi web biasanya perlu menyimpan informasi yang sensitif seperti password, informasi kartu kredit, dan yang lain. Dikarenakan item-item tersebut bersifat sensitif item-item tersebut perlu dienkripsi untuk menghindari pengaksesan secara langsung

Data mining and knowledge discovery in databases have been attracting a significant amount of research, industry, and media attention of late. There is an urgent need for a new generation of computational theories and tools to assist researchers in extracting useful information from the rapidly growing volumes of digital data.

La web se ha convertido en una plataforma de distribución de aplicaciones de todo tipo. Negocios de variados tamaños y rubros disponen de aplicaciones web para captar clientes, administrar ventas, mantener registro de todos los movimientos en el negocio, entre otras cosas. Desde el 1995 con la Dot-com bubble, hasta el 2020 con la masiva aparición de tecnologías y herramientas web, el Internet no ha dejado de expandirse. Y así como el alcance ha crecido exponencialmente, también la seguridad informática se ha visto en gran demanda. Organizaciones que dedican fuerza laboral en materia de seguridad, empresas que arman negocios rentables al rededor de la seguridad web, han demostrado que la seguridad web es una disciplina evolutiva y requiere que todos los ingenieros web estén siempre a la vanguardia de las mejore prácticas en lo que a seguridad respecta. Las vulnerabilidades pueden ser cercanas al consumidor final, como es el caso de los Zoombombings, o también se pueden presentar en ambientes corporativos como es el caso del estudio de abogados Mosack Fonseca y los Panamá Papers. El presente documento tiene como final objetivo intro-ducir al lector en las consideraciones básicas a tomar sobre seguridad web en la actualidad.

Palabras clave: seguridad, web, owasp, xss, sesion hijacking, sql injection, broken authentication

Code Injection techniques in Application Security enables an attacker/ a malware artist or a hacker/ethical hacker/ penetration tester to leverage advantage of missing security controls over JavaScript Execution on top of the application layer in computer security.

Code Injection could be leveraged to cross site scripting of various types such as reflected (non-persistent), stored (persistent) or DOM Based XSS. In other cases it might end up being HTML client side manipulation attacks to phish victims & steal credentials or steal information which shouldn't be normally allowed by the application.

The paper goes in-depth into understanding how Client Side Injection techniques work & how Code Injection flaws in an application might lead an organization to it's knee using intelligent techniques to ex-filterate data. However, Code Injection(s) or their variants aren't server side attacks except for stored cross site scripting, these attacks enable attacker to steal data in large quantity with use of social engineering sciences.

Deep web content cannot be indexed by search engine such as Google, Yahoo and Bing and darknet is lies within the deep web. Dark web has been intentionally hidden and it is not accessible through standard browser. Deep web can be accessed by anyone who has The Onion Router (TOR) browser. TOR is a virtual and encrypted tunnel which allows people to hide their identity and network traffic, and allow them to use internet anonymously. Dark web is virtually online market for anything, including but not limited to drugs, weapons, credit card data, forged documents, hire services for murder, narcotics and indecent pornography etc,. Because of these reasons, it is difficult for law enforcement agencies or digital forensic professionals to pinpoint the origin of traffic, location or ownership of any computer or person on the dark net. There has been lot of buzz around Bitcoin, TOR network and darknet, because most of the darknet sites carried out transactions through anonymous digital currency, pear to peer, distributed and Bitcoin which is based on cryptography principal. In this research paper, I proposed darknet forensics techniques, which is a combination of TOR browser and Bitcoin wallet forensics. I am also proposed and discussed different technique to retrieve evidences from TOR browser and Bitcoin wallet, which helps digital forensics professional to perform darknet forensics.

Web penetration testing is a growing, fast-moving, and absolutely critical field in information security. This book executes modern web application attacks and utilises cutting-edge hacking techniques with an enhanced knowledge of web application security.

We will cover web hacking techniques so you can explore the attack vectors during penetration tests. The book encompasses the latest technologies such as OAuth 2.0, Web API testing methodologies and XML vectors used by hackers. Some lesser discussed attack vectors such as RPO (relative path overwrite), DOM clobbering, PHP Object Injection and etc. has been covered in this book.

We'll explain various old school techniques in depth such as XSS, CSRF, SQL Injection through the ever-dependable SQLMap and reconnaissance.

Websites nowadays provide APIs to allow integration with third party applications, thereby exposing a lot of attack surface, we cover testing of these APIs using real-life examples.

This pragmatic guide will be a great benefit and will help you prepare fully secure applications.

SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application’s database server (also commonly referred to as a Relational Database Management System – RDBMS). Since an SQL injection vulnerability could possibly affect any website or web application that makes use of an SQL-based database, the vulnerability is one of the oldest, most prevalent and most dangerous of web application vulnerabilities.
By leveraging SQL injection vulnerability, given the right circumstances, an attacker can use it to bypass a web application’s authentication and authorization mechanisms and retrieve the contents of an entire database. SQL injection can also be used to add, modify and delete records in a database, affecting data integrity.
To such an extent, SQL injection can provide an attacker with unauthorized access to sensitive data including, customer data, personally identifiable information (PII), trade secrets, intellectual property and other sensitive information.

Today web-based systems are very popular. These systems may have some inherent security vulnerabilities due to the languages they use. It is very important to identify these vulnerabilities for the development of quality and secure web applications. There are many commercial and open source applications that detect security vulnerabilities on the websites application level. However, developers are curious about which tools detected security vulnerabilities, and their performance rates. In this study, it is aimed to analyse the frequently used web vulnerability test tools with sample scenarios and compare these tools.

Abstract-Web application security is the hottest issue in the present scenario of e-business environment. Web application attacks can play havoc with the system within no time. More than 80% attacks are at application layer and almost 90% applications are vulnerable to these ...

Questo progetto tratta gli attacchi ad iniezione e, in particolare, approfondisce gli attacchi command injection e SQL injection. La scelta è nata in seguito a considerazioni legate al rischio di sicurezza. Nella prima parte definisco che cosa sia il rischio per un sistema informatico e che cosa sia il rischio per un’applicazione web secondo le indicazioni di OWASP, The Open Web Application Security Project. Questa organizzazione no profit pubblica ogni tre anni circa un rapporto sui maggiori rischi di sicurezza per le web application. Dopo aver elencato i 10 peggiori rischi di sicurezza stilati nel rapporto del 2017, ho osservato la costante presenza in prima posizione delle iniezioni come maggiore causa di pericolo per la sfruttabilità e il potenziale danno tecnico ed economico verso la struttura ospitante. Ad accentuare l’attenzione sul problema sono stati anche i dati pubblicati da Imperva relativi alla larga diffusione di queste falle nel web. Le superfici iniettabili sono estese poiché i vettori d’attacco sono molteplici: code injection, CRLF injection, cross-site scripting, email injection, host header injection, LDAP injection, command injection, SQL injection (SQLi), xpath injection. Tra queste differenti forme  mi sono concentrato sul command injection e sull’SQL injection, ovvero sui moduli vulnerabili disponibili nella piattaforma formativa di DVWA (Damn Vulnerable Web Application). Nella seconda parte dell’elaborato ho presentato un LAB basato, appunto, su DVWA. In una macchina virtuale ho installato due sistemi operativi distinti, Parrot Security OS e Debian, rappresentanti il primo la macchina Attacker e il secondo la macchina Victim. Su quest’ultima sono stati aggiunti Apache2, MariaDB, phpMyAdmin e DVWA necessari per la fase di white-box testing. Grazie a differenti livelli di sicurezza ho analizzato come proteggersi da attacchi command injection e SQL injection ai danni di una web application.

Serious weaknesses were discovered in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected WPA2-Wi-Fi networks. Depending on the handshake mechanism, it is also possible to inject and manipulate data. A solution is proposed to provide the secure handshake by capturing and analyzing the EAPOL packets to prevent nonce reuse which happens while reinstallation of Pairwise Trasient Key(PTK) which happens in case if there is an attack. Our patches blocks access to the victim system via rogue AP created by the KRACK and alerts the client about the suspicious activity and blocks the attacker from further attacking.

The web is absolutely necessary part of our lives. It is wide platform which is used for information sharing and service over internet. They are used for the financial, government, healthcare, education and many critical services. Everyday billions of user purchase items, transfer money, retrieve information and communicate over web with each other. Although the web is best friend of users because it provide anytime anywhere access to information and services at the same time. All things are created by human in the world so its reality that the things created by man are little bit problematic. So web applications are also created by human so it contains too many loopholes. The popularity of applications allure hackers towards them. Now a Days Securing and maintaining the websites against attack is very hard and challenging task. Finding loopholes in Web application, Computer system or network and exploiting them called hacking. New approaches for web attacks are invented day to day so the study of detect and prevent against web application attack and finding solution is important part in internet world. In this paper we introduced all web application based attack including two major attacks like XSS (Cross Site Scripting) and SQLI.

The web is absolutely necessary part of our lives. It is wide platform which is used for information sharing and service over internet. They are used for the financial, government, healthcare, education and many critical services. Everyday billions of user purchase items, transfer money, retrieve information and communicate over web with each other. Although the web is best friend of users because it provide anytime anywhere access to information and services at the same time. All things are created by human in the world so its reality that the things created by man are little bit problematic. So web applications are also created by human so it contains too many loopholes. The popularity of applications allure hackers towards them. Now a Days Securing and maintaining the websites against attack is very hard and challenging task. Finding loopholes in Web application, Computer system or network and exploiting them called hacking. New approaches for web attacks are invented day to day so the study of detect and prevent against web application attack and finding solution is important part in internet world. In this paper we introduced all web application based attack including two major attacks like XSS (Cross Site Scripting) and SQLI.

Abstract. Many companies are deploying their business on the Internet using web applications while the question of what is the risk to business operations of cyber-attacks remains unanswered. Risk awareness allows to identify and act upon the security risk of these applications. This paper analyzes different security frameworks commonly used by companies in order to evaluate the benefits of honeypots in responding to each framework's requirements and, consequently, mitigating the risk.

This paper talks about the nuisances of HTTP Parameter Pollution - a web application based attack used by penetration testers to pollute the parameters and use these same techniques for significant bypasses which could trigger or support other form of application attacks providing potential attack surface open to malicious users.