Comparing the Effectiveness of Penetration Testing and Static Code Analysis
|
|
- Alfred Gordon
- 8 years ago
- Views:
Transcription
1 Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL Injection Vulnerabilities in Web Services PRDC 2009 Nuno Antunes, University of Coimbra Portugal
2 Web Services n Web services are becoming a strategic component in a wide range of organizations n Components that can be remotely invoked n Well defined interface n Web services are extremely exposed to attacks n Any existing vulnerability will most probably be uncovered/exploited n Both providers and consumers need to assess services security 2
3 Web Services Environment 3
4 SQL Injection vulnerabilities ' OR 1=1 -- public String auth(string login, String pass) throw SQLException { String sql = "SELECT * FROM users WHERE "+ "username='" + login + "' AND "+ "password='" + pass + "'"; } "SELECT ResultSet * FROM rs = users statement.executequery(sql); WHERE username='' OR 1=1 -- ' AND ( ) password='' ; ' OR ''=' public void delete(string str) throw SQLException{ String sql = "DELETE FROM table "WHERE id='" + str + "'"; statement.executeupdate(sql); } "DELETE FROM table WHERE id='' OR '' = ''"; 4
5 Developers must n Apply best coding practices n Perform code analysis n Manual code analyses (reviews, inspections) n Automated static code analysis n Perform tests n Manual penetration testing n Automated penetration testing (vulnerability scanners) 5
6 Penetration testing n Widely used by developers n Consists in stressing the application from the point of view of an attacker n black-box approach n Uses specific malicious inputs n e.g., for SQL Injection: or 1=1 n Can be performed manually or automatically n Many tools available n Including commercial and open-source n Does not require access to the code 6
7 Static code analysis n white-box approach n Consists in analyzing the source code of the application, without execution it n Looks for potential vulnerabilities n Among other types of software defects n Can be performed manually or automatically n These tools provide an automatic way for highlighting possible coding errors n Does require access to the code (or bytecode) 7
8 Our goal n Evaluate several automatic penetration testing tools and static analysis tools n In a controlled environment n Focus on two key measures of interest: n Coverage n Portrays the percentage of existing vulnerabilities that are detected by a given tool n False positives rate n Represents the number of reported vulnerabilities that in fact do not exist n Target only SQL Injection vulnerabilities n Extremely relevant in Web Services 8
9 Steps n Preparation n Select the penetration testers and static code analyzers n Select the Web Services to be considered n Execution n Use the tools to identify potential vulnerabilities n Verification n Perform manual verification to confirm that the vulnerabilities identified by the tools do exist n Analysis n i.e., are not false positives n Analyze the results obtained and systematize the lessons learned 9
10 Web Services tested n Eight Web Services n A total of 25 operations n Four of the services are based on the TPC-App performance benchmark n Four other services have been adapted from code publicly available on the Internet n Implemented in Java and use a relational database 10
11 Web Services characterization 11
12 Tools studied n Penetration testing n HP WebInspect n IBM Rational AppScan n Acunetix Web Vulnerability Scanner n [Antunes 2009] n Static code analysis n FindBugs n Yasca n IntelliJ IDEA n Decided not to mention the brand of the tools n VS1, VS2, VS3, VS4 (without any order in particular) n SA1, SA2, SA3 (without any order in particular) 12
13 Tools and environment configuration n Penetration-testing n Underlying database restored before each test n This avoids the cumulative effect of previous tests n Guarantees that all the tools started the service testing in a consistent state n If allowed by the testing tool, information about the domain of each parameter was provided n If the tool requires an exemplar invocation per operation, the exemplar respected the input domains of operation n All the tools in this situation used the same exemplar n Static code analysis n Configured to fully analyze the services code n For the analyzers that use binary code, the deployment-ready version was used 13
14 Web Services manual inspection n It is essential to correctly identify the vulnerabilities that exist in the services code n A team of experts was invited to review the source code looking for vulnerabilities n False positives were eliminated by cross-checking the vulnerabilities identified by different people n A key difficulty is that different tools report (and count) vulnerabilities in different ways n Penetration testing: a vulnerability for each vulnerable parameter n Static analysis: a vulnerability for each vulnerable line in the service code 14
15 Vulnerabilities found 15
16 Penetration testing results 16
17 Examples of penetration testing limitations public void operation(string str) { try { String sql = "DELETE FROM table" + "WHERE id='" + str + "'"; statement.executeupdate(sql); } catch (SQLException se) {} } No return value; exceptions related with SQL mal-formation do not leak out to the invocator public String dumpdepositinfo(string str) { try { String path = "//DepositInfo/Deposit"+ "[@accnum='" + str + "']"; return csvfrompath(path); } catch (XPathException e) {} return null; } Lack of output information 17
18 Static code analysis results 18
19 Examples of static analysis limitations public void operation(string str) { int i = Integer.parseInt(str); try { String sql = "DELETE FROM table" + "WHERE id='" + str + "'"; statement.executeupdate(sql); } catch (SQLException se) {} } Analyzers identify the vulnerability because the SQL query is a non-constant string public String dumpdepositinfo(string str) { try { String path = "//DepositInfo/Deposit"+ "[@accnum='" + str + "']"; return csvfrompath(path); } catch (XPathException e) {} return null; } Depending on the complexity of csvfrompath method A static analysis tool may not be able to find the vulnerability 19
20 Penetration testing vs Static analysis (1) n Coverage 20
21 Penetration testing vs Static analysis (2) n False positives 21
22 Key observations n The coverage of static code analysis is typically higher than of penetration testing n False positives are a problem for both approaches n But have more impact in the case of static analysis; n Different tools report different vulnerabilities in the same piece of code n Even tools implementing the same approach frequently n Very poor results! 22
23 Conclusions n The effectiveness of vulnerability detection tools is very low n How to improve penetration testing? n Increase representativeness of the workload n Guarantee high coverage n Improve the attacks performed n Improve the vulnerability detection algorithms n How to improve static analysis? n Include new vulnerable code patterns n Merge penetration testing and static analysis? 23
24 Questions? 24
Detecting SQL Injection Vulnerabilities in Web Services
Detecting SQL Injection Vulnerabilities in Web Services Nuno Antunes, {nmsa, mvieira}@dei.uc.pt LADC 2009 CISUC Department of Informatics Engineering University of Coimbra Outline n Web Services n Web
More informationUsing Web Security Scanners to Detect Vulnerabilities in Web Services
DSN 2009 Using Web Security Scanners to Detect Vulnerabilities in Web Services Marco Vieira,, Henrique Madeira {mvieira, nmsa, henrique}@dei.uc.pt CISUC Department of Informatics Engineering University
More informationRobustness and Security Testing in SOA
Outline n The SOA trend Robustness and Security Testing in SOA Challenges & Opportunities n Robustness and security testing in Web Services n Are Web Services robust and/or secure? n Is it done? No, there
More informationDissertation Masters in Informatics Engineering
Dissertation Masters in Informatics Engineering Evaluating Web Services Security Nuno Manuel dos Santos Antunes nmsa@dei.uc.pt Advisor: Prof. Marco Vieira 10-07-2009 Department of Informatics Engineering
More informationThe Devils Behind Web Application Vulnerabilities
The Devils Behind Web Application Vulnerabilities Defending against Web Application Vulnerabilities IEEE Computer, February 2012 Nuno Antunes, Marco Vieira {nmsa, mvieira}@dei.uc.pt Postgrad Colloquium
More informationWeb services commonly provide the strategic. Penetration Testing for Web Services
COVER FEATURE Penetration Testing for Web Services Nuno Antunes and Marco Vieira, University of Coimbra, Portugal Web services are often deployed with critical software security faults that open them to
More informationBlack Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand different types of application assessments and how they differ Be
More informationProtecting Database Centric Web Services against SQL/XPath Injection Attacks
Protecting Database Centric Web Services against SQL/XPath Injection Attacks Nuno Laranjeiro, Marco Vieira, and Henrique Madeira CISUC, Department of Informatics Engineering University of Coimbra, Portugal
More informationUsing Web Security Scanners to Detect Vulnerabilities in Web Services
FACULDADE DE CIÊNCIAS E TECNOLOGIA DA UNIVERSIDADE DE COIMBRA DEPARTAMENTO DE ENGENHARIA INFORMÁTICA Using Web Security Scanners to Detect Vulnerabilities in Web Services Marco Vieira Nuno Antunes Henrique
More informationAutomatic vs. Manual Code Analysis
Automatic vs. Manual Code Analysis 2009-11-17 Ari Kesäniemi Senior Security Architect Nixu Oy ari.kesaniemi@nixu.com Copyright The Foundation Permission is granted to copy, distribute and/or modify this
More informationEngineering Secure Complex Software Systems and Services
Engineering Secure Complex Software Systems and Services Preparation of FP7-ICT WP 2009-2010 - Mini-Concertation Meeting Henrique Madeira University of Coimbra Portugal University of Coimbra Question 1
More informationProtecting Database Centric Web Services against SQL/XPath Injection Attacks
Protecting Database Centric Web Services against SQL/XPath Injection Attacks Nuno Laranjeiro, Marco Vieira, and Henrique Madeira CISUC, Department of Informatics Engineering University of Coimbra, Portugal
More informationLearning objectives for today s session
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand what a black box and white box assessment is and how they differ Identify
More informationApplication Security Testing. Erez Metula (CISSP), Founder Application Security Expert ErezMetula@AppSec.co.il
Application Security Testing Erez Metula (CISSP), Founder Application Security Expert ErezMetula@AppSec.co.il Agenda The most common security vulnerabilities you should test for Understanding the problems
More informationStreamlining Application Vulnerability Management: Communication Between Development and Security Teams
Streamlining Application Vulnerability Management: Communication Between Development and Security Teams October 13, 2012 OWASP Boston Application Security Conference Agenda Introduction / Background Vulnerabilities
More informationCHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS
66 CHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS 5.1 INTRODUCTION In this research work, two new techniques have been proposed for addressing the problem of SQL injection attacks, one
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationHP WebInspect Tutorial
HP WebInspect Tutorial Introduction: With the exponential increase in internet usage, companies around the world are now obsessed about having a web application of their own which would provide all the
More informationSystematically Enhancing Black-Box Web Vulnerability Scanners
Systematically Enhancing Black-Box Web Vulnerability Scanners Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science (by Research) in Computer Science by Sai Sathyanarayan
More informationPenetration Testing Lessons Learned. Security Research
1 Penetration Testing Lessons Learned Security Research 2 Who am I? CTO at Immunity, Inc. Privately held information security company Consulting Training Specialized Security Products CANVAS SILICA Based
More informationApplication Code Development Standards
Application Code Development Standards Overview This document is intended to provide guidance to campus system owners and software developers regarding secure software engineering practices. These standards
More informationApplication Security and the SDLC. Dan Cornell Denim Group, Ltd. www.denimgroup.com
Application Security and the SDLC Dan Cornell Denim Group, Ltd. www.denimgroup.com Overview Background What is Application Security and Why is It Important? Specific Reference Examples Integrating Security
More informationTowards An Automated, Black-Box Method For Reversing Web Applications
Association for Information Systems AIS Electronic Library (AISeL) MCIS 2009 Proceedings Mediterranean Conference on Information Systems (MCIS) 1-1-2009 Towards An Automated, Black-Box Method For Reversing
More informationSoftware Security. Group project: application security verification using OWASP ASVS
Software Security Group project: application security verification using OWASP ASVS Brainstorm What would you do if you if someone asked you to check if some piece of software that they use (and possibly
More informationMETHODS TO TEST WEB APPLICATION SCANNERS
METHODS TO TEST WEB APPLICATION SCANNERS Fernando Román Muñoz, Luis Javier García Villalba Group of Analysis, Security and Systems (GASS) Department of Software Engineering and Artificial Intelligence
More informationDissecting and digging application source code for vulnerabilities
1 Dissecting and digging application source code for vulnerabilities by Abstract Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem
More informationWeb Application Report
Web Application Report This report includes important security information about your Web Application. Security Report This report was created by IBM Rational AppScan 8.5.0.1 11/14/2012 8:52:13 AM 11/14/2012
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationMetrics, methods and tools to measure trustworthiness
Metrics, methods and tools to measure trustworthiness Henrique Madeira AMBER Coordination Action University of Coimbra March 9 th, 2009 1 Measuring trustworthiness Trustworthy ICT should be: Secure Dependable
More informationA clustering Approach for Web Vulnerabilities Detection
A clustering Approach for Web Vulnerabilities Detection Mohamed Kaâniche Rim Akrout, Eric Alata, Yann Bachy, Anthony Dessiatnikoff, Vincent Nicome?e Design and Assessment of application Level Intrusion
More informationCountering The Faults Of Web Scanners Through Byte-code Injection
Countering The Faults Of Web Scanners Through Byte-code Injection Introduction Penetration testing, web application scanning, black box security testing these terms all refer to a common technique of probing
More informationCS346: Database Programming. http://warwick.ac.uk/cs346
CS346: Database Programming http://warwick.ac.uk/cs346 1 Database programming Issue: inclusionofdatabasestatementsinaprogram combination host language (general-purpose programming language, e.g. Java)
More informationTurning the Battleship: How to Build Secure Software in Large Organizations. Dan Cornell May 11 th, 2006
Turning the Battleship: How to Build Secure Software in Large Organizations Dan Cornell May 11 th, 2006 Overview Background and key questions Quick review of web application security The web application
More informationWHITE PAPER. Analyzing the Effectiveness and Coverage of Web Application Security Scanners
WHITE PAPER Analyzing the Effectiveness and Coverage of Web Application Security Scanners Table of Contents Introduction 3 Summary 3 Methodology 4 Testing 4 Detailed Results 5 Closed Source Internal Corporate
More informationSecurity Test s i t ng Eileen Donlon CMSC 737 Spring 2008
Security Testing Eileen Donlon CMSC 737 Spring 2008 Testing for Security Functional tests Testing that role based security functions correctly Vulnerability scanning and penetration tests Testing whether
More informationTOOL EVALUATION REPORT: FORTIFY
TOOL EVALUATION REPORT: FORTIFY Derek D Souza, Yoon Phil Kim, Tim Kral, Tejas Ranade, Somesh Sasalatti ABOUT THE TOOL Background The tool that we have evaluated is the Fortify Source Code Analyzer (Fortify
More informationMingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
More informationApplication Security and the SDLC. Dan Cornell Denim Group, Ltd. www.denimgroup.com
Application Security and the SDLC Dan Cornell Denim Group, Ltd. www.denimgroup.com Overview Background What is Application Security and Why is It Important? Specific Reference Examples Integrating Security
More informationSoftware Testing Interview Questions
Software Testing Interview Questions 1. What s the Software Testing? A set of activities conducted with the intent of finding errors in software. 2.What is Acceptance Testing? Testing conducted to enable
More informationUsing Free Tools To Test Web Application Security
Using Free Tools To Test Web Application Security Speaker Biography Matt Neely, CISSP, CTGA, GCIH, and GCWN Manager of the Profiling Team at SecureState Areas of expertise: wireless, penetration testing,
More informationThe JAVA Way: JDBC and SQLJ
The JAVA Way: JDBC and SQLJ David Toman School of Computer Science University of Waterloo Introduction to Databases CS348 David Toman (University of Waterloo) JDBC/SQLJ 1 / 21 The JAVA way to Access RDBMS
More informationJava Program Vulnerabilities
Java Program Vulnerabilities Sheetal Thakare, Dr.B.B.Meshram Abstract The Java programming language provides a lot of security features, build directly into the language and also supplied by security relevant
More informationHow to Avoid an Attack - Security Testing as Part of Your Software Testing Process
How to Avoid an Attack - Security Testing as Part of Your Software Testing Process Recent events in the field of information security, which have been publicized extensively in the media - such as the
More informationWeb Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure
Vulnerabilities, Weakness and Countermeasures Massimo Cotelli CISSP Secure : Goal of This Talk Security awareness purpose Know the Web Application vulnerabilities Understand the impacts and consequences
More informationMapReduce. MapReduce and SQL Injections. CS 3200 Final Lecture. Introduction. MapReduce. Programming Model. Example
MapReduce MapReduce and SQL Injections CS 3200 Final Lecture Jeffrey Dean and Sanjay Ghemawat. MapReduce: Simplified Data Processing on Large Clusters. OSDI'04: Sixth Symposium on Operating System Design
More informationIntroduction to Web Application Security. Microsoft CSO Roundtable Houston, TX. September 13 th, 2006
Introduction to Web Application Security Microsoft CSO Roundtable Houston, TX September 13 th, 2006 Overview Background What is Application Security and Why Is It Important? Examples Where Do We Go From
More informationLeveraging User Interactions for In-Depth Testing of Web Applications
Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister 1,EnginKirda 2, and Christopher Kruegel 3 1 Secure Systems Lab, Technical University Vienna, Austria sean@seclab.tuwien.ac.at
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More informationSerious Threat. Targets for Attack. Characterization of Attack. SQL Injection 4/9/2010 COMP620 1. On August 17, 2009, the United States Justice
Serious Threat SQL Injection COMP620 On August 17, 2009, the United States Justice Department tcharged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit
More informationEarly Vulnerability Detection for Supporting Secure Programming
Early Vulnerability Detection for Supporting Secure Programming Luciano Sampaio - lsampaio@inf.puc- rio.br Alessandro Garcia - afgarcia@inf.puc- rio.br OPUS Research Group LES DI PUC- Rio - Brazil OPUS
More informationWeb Application Penetration Testing
Web Application Penetration Testing 2010 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Will Bechtel William.Bechtel@att.com
More information1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications
1. Introduction 2. Web Application 3. Components 4. Common Vulnerabilities 5. Improving security in Web applications 2 What does World Wide Web security mean? Webmasters=> confidence that their site won
More informationSecurity Module: SQL Injection
Security Module: SQL Injection Description SQL injection is a security issue that involves inserting malicious code into requests made to a database. The security vulnerability occurs when user provided
More informationState of The Art: Automated Black Box Web Application Vulnerability Testing. Jason Bau, Elie Bursztein, Divij Gupta, John Mitchell
Stanford Computer Security Lab State of The Art: Automated Black Box Web Application Vulnerability Testing, Elie Bursztein, Divij Gupta, John Mitchell Background Web Application Vulnerability Protection
More informationCourse Title: Penetration Testing: Network Threat Testing, 1st Edition
Course Title: Penetration Testing: Network Threat Testing, 1st Edition Page 1 of 6 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base
More informationAbstract. Introduction. Summary
Analyzing the Effectiveness and Coverage of Web Application Security s By Larry Suto Application Security Consultant San Francisco October, 2007 Abstract This paper summarizes my study of web application
More informationBackground. HSBC DOD VA Masters in Computer Science Somerset Recon. Avid CTF Competitor
Penetration Testing Background HSBC DOD VA Masters in Computer Science Somerset Recon Avid CTF Competitor Table Of Contents 0. Information Security Risks 1. Why Pentest 2. Pentest Methodology/Process 3.
More informationSupplement IV.C: Tutorial for Oracle. For Introduction to Java Programming By Y. Daniel Liang
Supplement IV.C: Tutorial for Oracle For Introduction to Java Programming By Y. Daniel Liang This supplement covers the following topics: Connecting and Using Oracle Creating User Accounts Accessing Oracle
More informationINF 212 ANALYSIS OF PROG. LANGS ADVERSITY. Instructors: Crista Lopes Copyright Instructors.
INF 212 ANALYSIS OF PROG. LANGS ADVERSITY Instructors: Crista Lopes Copyright Instructors. random quotes. just because We have forty million reasons for failure, but not a single excuse. It's fine to celebrate
More informationWeb Vulnerability Detection and Security Mechanism
Web Vulnerability Detection and Security Mechanism Katkar Anjali S., Kulkarni Raj B. ABSTRACT Web applications consist of several different and interacting technologies. These interactions between different
More informationBenchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR Organization Dan Cornell! CTO, Denim Group! @danielcornell My Background Dan Cornell, founder and CTO of Denim Group Software developer by background (Java,.NET,
More information15-415 Database Applications Recitation 10. Project 3: CMUQFlix CMUQ s Movies Recommendation System
15-415 Database Applications Recitation 10 Project 3: CMUQFlix CMUQ s Movies Recommendation System Project Objective 1. Set up a front-end website with PostgreSQL back-end 2. Allow users to login, like
More informationTESTING TOOLS COMP220/285 University of Liverpool slide 1
TESTING TOOLS COMP220/285 University of Liverpool slide 1 Objectives At the end of this lecture, you should be able to - Describe some common software tools - Describe how different parts of a multitier
More informationWeb application security: automated scanning versus manual penetration testing.
Web application security White paper January 2008 Web application security: automated scanning versus manual penetration testing. Danny Allan, strategic research analyst, IBM Software Group Page 2 Contents
More informationA Study of Android Application Security
A Study of Android Application Security William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri USENIX Security Symposium August 2011 Systems and Internet Infrastructure Security Laboratory
More informationA Strategic Approach to Web Application Security The importance of a secure software development lifecycle
A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationHybrid Analysis Mapping: Making Security and Development Tools Play Nice Together. Dan Cornell. CTO, Denim Group@danielcornell
Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Together Dan Cornell CTO, Denim Group@danielcornell This presentation contains information about DHS-funded research: Topic Number:
More informationExam Name: IBM InfoSphere MDM Server v9.0
Vendor: IBM Exam Code: 000-420 Exam Name: IBM InfoSphere MDM Server v9.0 Version: DEMO 1. As part of a maintenance team for an InfoSphere MDM Server implementation, you are investigating the "EndDate must
More information(WAPT) Web Application Penetration Testing
(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1:
More informationWeb Applications Testing
Web Applications Testing Automated testing and verification JP Galeotti, Alessandra Gorla Why are Web applications different Web 1.0: Static content Client and Server side execution Different components
More informationIBM Rational AppScan: Application security and risk management
IBM Software Security November 2011 IBM Rational AppScan: Application security and risk management Identify, prioritize, track and remediate critical security vulnerabilities and compliance demands 2 IBM
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationEncoding the Password
SESUG 2012 Paper CT-28 Encoding the Password A low maintenance way to secure your data access Leanne Tang, National Agriculture Statistics Services USDA, Washington DC ABSTRACT When users access data in
More informationCS2506 Operating Systems II Lab 8, 8 th Tue/03 /2011 Java API
Introduction The JDBC API was designed to keep simple things simple. This means that the JDBC makes everyday database tasks easy. In this lab you will learn about how Java interacts with databases. JDBC
More informationTesting Web Services for Robustness: A Tool Demo
Testing Web Services for Robustness: A Tool Demo Nuno Laranjeiro, Marco Vieira To cite this version: Nuno Laranjeiro, Marco Vieira. Testing Web Services for Robustness: A Tool Demo. Hélène WAESELYNCK.
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection 2
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationTowards Improved Security Criteria for Certification of Electronic Health Record Systems
Towards Improved Security Criteria for Certification of Electronic Health Record Systems Andrew Austin andrew_austin@ncsu.edu Ben Smith North Carolina State University 890 Oval Drive Raleigh, NC 27695-8206
More informationSoftware Development. Chapter 7. Outline. 7.1.1 The Waterfall Model RISKS. Java By Abstraction Chapter 7
Outline Chapter 7 Software Development 7.1 The Development Process 7.1.1 The Waterfall Model 7.1.2 The Iterative Methodology 7.1.3 Elements of UML 7.2 Software Testing 7.2.1 The Essence of Testing 7.2.2
More informationHP Application Security Center
HP Application Security Center Web application security across the application lifecycle Solution brief HP Application Security Center helps security professionals, quality assurance (QA) specialists and
More informationExternal Network & Web Application Assessment. For The XXX Group LLC October 2012
External Network & Web Application Assessment For The XXX Group LLC October 2012 This report is solely for the use of client personal. No part of it may be circulated, quoted, or reproduced for distribution
More informationFuzzing in Microsoft and FuzzGuru framework
Fuzzing in Microsoft and FuzzGuru framework OWASP-IL May-2007 John Neystadt jney@microsoft.com Lead Program Manager Forefront Edge, Microsoft Agenda Overview Introduction to Fuzzing FuzzGuru Architecture
More informationEffective Software Security Management
Effective Software Security Management choosing the right drivers for applying application security Author: Dharmesh M Mehta dharmeshmm@mastek.com / dharmeshmm@owasp.org Table of Contents Abstract... 1
More informationApplication Security Testing. Generic Test Strategy
Application Security Testing Generic Test Strategy Page 2 of 8 Contents 1 Introduction 3 1.1 Purpose: 3 1.2 Application Security Testing: 3 2 Audience 3 3 Test Strategy guidelines 3 3.1 Authentication
More informationCSE 1223: Introduction to Computer Programming in Java Chapter 7 File I/O
CSE 1223: Introduction to Computer Programming in Java Chapter 7 File I/O 1 Sending Output to a (Text) File import java.util.scanner; import java.io.*; public class TextFileOutputDemo1 public static void
More informationPenetration testing: exposure of fallacies 1-14
Penetration testing: exposure of fallacies 1-14 Statistics of the vulnerabilities distribution (2014) Network perimeter: 73% 52% 34% Ability to connect third-party equipment without pre-authorization Weak
More informationOverview of Web Services API
1 CHAPTER The Cisco IP Interoperability and Collaboration System (IPICS) 4.5(x) application programming interface (API) provides a web services-based API that enables the management and control of various
More informationDatabase Access from a Programming Language: Database Access from a Programming Language
Database Access from a Programming Language: Java s JDBC Werner Nutt Introduction to Databases Free University of Bozen-Bolzano 2 Database Access from a Programming Language Two Approaches 1. Embedding
More informationDatabase Access from a Programming Language:
Database Access from a Programming Language: Java s JDBC Werner Nutt Introduction to Databases Free University of Bozen-Bolzano 2 Database Access from a Programming Language Two Approaches 1. Embedding
More informationBDD FOR AUTOMATING WEB APPLICATION TESTING. Stephen de Vries
BDD FOR AUTOMATING WEB APPLICATION TESTING Stephen de Vries www.continuumsecurity.net INTRODUCTION Security Testing of web applications, both in the form of automated scanning and manual security assessment
More informationAn Approach to Perform Automated Functional Testing in Database-Driven Applications
An Approach to Perform Automated Functional Testing in Database-Driven Applications Awdren Fontão 1 1 Instituto Nokia de Tecnologia INdT, Manaus, AM andreza.dy@gmail.com ; awdren.fontao@indt.org.br 2 Experimentation
More informationSAST, DAST and Vulnerability Assessments, 1+1+1 = 4
SAST, DAST and Vulnerability Assessments, 1+1+1 = 4 Gordon MacKay Digital Defense, Inc. Chris Wysopal Veracode Session ID: Session Classification: ASEC-W25 Intermediate AGENDA Risk Management Challenges
More informationPenetration Testing: Lessons from the Field
Penetration Testing: Lessons from the Field CORE SECURITY TECHNOLOGIES SCS SERVICES May 2009 1 Agenda: About me: Alberto Soliño Director of Security Consulting Services at Core Security One of first five
More informationHackMiami Web Application Scanner 2013 PwnOff
HackMiami Web Application Scanner 2013 PwnOff An Analysis of Automated Web Application Scanning Suites James Ball, Alexander Heid, Rod Soto http://www.hackmiami.org Overview Web application scanning suites
More informationOperationalizing Application Security & Compliance
IBM Software Group Operationalizing Application Security & Compliance 2007 IBM Corporation What is the cost of a defect? 80% of development costs are spent identifying and correcting defects! During the
More informationWebCruiser Web Vulnerability Scanner User Guide
WebCruiser Web Vulnerability Scanner User Guide Content 1. Software Introduction...2 2. Key Features...3 2.1. POST Data Resend...3 2.2. Vulnerability Scanner...6 2.3. SQL Injection...8 2.3.1. POST SQL
More informationSINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL
SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL SINGLE SIGNON: Single Signon feature allows users to authenticate themselves once with their credentials i.e. Usernames and Passwords
More informationServices. Relational. Databases & JDBC. Today. Relational. Databases SQL JDBC. Next Time. Services. Relational. Databases & JDBC. Today.
& & 1 & 2 Lecture #7 2008 3 Terminology Structure & & Database server software referred to as Database Management Systems (DBMS) Database schemas describe database structure Data ordered in tables, rows
More informationSQL Injection Attack Lab Using Collabtive
Laboratory for Computer Security Education 1 SQL Injection Attack Lab Using Collabtive (Web Application: Collabtive) Copyright c 2006-2011 Wenliang Du, Syracuse University. The development of this document
More information