SlideShare a Scribd company logo

Intro to Web Application Security

Download as ppt, pdf
Rob Ragan
Rob Ragan

Introduction to Web Application Security presented at for the Penn State Information Assurance Club (Fall 2007)

1 of 35
Downloaded 263 times
1
Information Assurance Club 2007 Understanding Web Application Security
2
What is Application Security? Application Security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system vulnerabilities through flaws in the design, development, or deployment of the application. [Wikipedia] Make sure code Properly uses security mechanisms Has no design or implementation flaws
Most read
3
 
4
 
5
Application Layer VS Network Layer Application Layer Attackers send attacks inside valid HTTP requests Custom code is manipulated to do something it shouldn’t Security requires software development expertise, not signatures Network Layer Firewall, hardening, patches, IDS, IPS SSL cannot detect or prevent attacks inside HTTP requests Security based on signature database
6
Test Your Hacking Knowledge What might happen in an application if an attacker… Adds “; rm –rf /” to a menu selection passed to a system call Replaces the unitprice hidden field with -500 Sends 1000000 ‘A’ characters to a login script Figures out the encoding used for cookies Disables all client side Javascript for form validation Adds to the end of an account ID parameter “%27%20OR%201%3d1” Sends 1,000 HTTP requests per second to the search field for an hour
7
Why Should I Care? How likely is a successful web application attack? Anyone in the world, including insiders, can send an HTTP request to your server Vulnerabilities are highly prevalent Easy to exploit without special tools or knowledge Little chance of being detected Hundreds of thousands of developers with no security background or training Consequences? Corruption or disclosure of database contents Root access to web and application servers Loss of authentication and access control for users Defacement Loss of use / availability Secondary attacks from your site Application security is just as important as Network Security
Most read
8
Attacks Shift Towards Application Layer 75% of All Attacks on Information Security Are Directed to the Web Application Layer 2/3 of All Web Applications Are Vulnerable -Gartner
9
How Do Attackers Do It? Proxies Browser plugins Vulnerability scanning tools Many attacks can be launched using only a browser and text editor
10
HyperText Transfer Protocol (HTTP) GET /index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Date: Mon, 23 April 2007 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8
11
HTTPS Just encryption Eavesdropping Protect Passwords Gmail Bypass IPS Doesn't prevent hacking
12
Transparent Proxy http://fiddler2.com/sandbox/ Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more. Others: Paros, Web Scarab, etc
13
Authentication Common Problems Never expire (facebook) Not protected by SSL Easy to forge (cookies) Replay attacks Re-using cookies Preventable with encrypted date/time stamp
14
Authentication Best Practices Ensure HTTPS is being used Login failures should NOT indicate whether username or password failed Strong password policy (don’t store in clear text) Use brute force countermeasures CAPTCHA Time delay
15
State Problems HTTP is a stateless protocol Session ID tells client browser who you are Server maintains a map of session objects Hijacking techniques Guessing XSS Not using HTTPS Session ID exposed using URL-rewriting
16
Session Best Practices Single sign on/off Seemingly random and at least 20 bytes Timeout Use SSL Avoid URL-rewriting (disclosure risk)
17
Access Control Restricting access Who? What can they see? What can they do? Should exist in UI, BLL, and DAL
18
Broken Access Control Attacker notices URL indicating role / guest /getAccountInfo They modify it to another directory (role) / admin /getAccountInfo / auth /getAccountInfo Attacker views more accounts than just their own
Most read
19
Cross-Site Scripting (XSS) Web application vulnerability that allows an attacker to execute a malicious script in a victim's web browser How it works Web browsers support scripting languages like Javascript that allow web pages to perform logic If an attacker can get a web server to send their malicious script to a victim, the script executes as if it came from that web site Consequences Steal session cookies Deface websites Information disclosure
20
XSS Vulnerability Pattern Web app vulnerable to XSS if Attacker can provide malicious user input Site puts user input into a response Search, form field, message board, etc Site doesn't properly validate or sanitize that user input Unless developer is familiar with XSS, it's very likely that proper input validation is not being done
21
Two Types of XSS Stored XSS Dangerous user input is stored on the site and displayed at some later time Typically found in message boards, guest books, surveys Like leaving a land mine for a victim to trip across on a vulnerable site Reflected XSS Dangerous user input is immediately sent back to the user that submitted it Possibly a malicious link with an embedded script Typically found in search fields, error pages, etc
22
Cross-site Scripting - Tricks Scripts can only access data from their own site Enforced by the browser “sandbox” SOP Trick: Use an anonymous proxy Scripts can't access the OS or file system Trick: Wscript http://my.3c.ist.psu.edu/rrr174/email.js The browser isn't doing anything abnormal Cheat Sheet: http://ha.ckers.org/xss.html Demos: http://www.attacklabs.com
23
XSS Real World Example MySpace XSS Worm – Oct 2005 AKA Samy worm Introduced an XSS attack into his own profile When anyone viewed his profile, the attack: added Samy as a 'friend' to that user's profile and infected them with the same XSS attack in their own profile Then, when anyone views the infected profile, starts all over... The exploit: Used 'java\nscript' since 'javascript' was filtered out, String.fromCharCode(34) to generate a double quote, etc. Used XmlHttpRequest (AJAX), so does Yamanner worm 10 hrs – 560 friends, 13 hrs – 6400 friends, 18 hrs - 1,000,000 friends, 19 hrs - entire site down, 22 hrs – site back up again
24
 
25
XSS– Input Filters Many applications attempt XSS protection with filters Convert < and > to < and > Strip out HTML tags Eliminate <script> tags Strip out Javascript .NET provides XSS protection by default <%@ Page ValidateRequest=”true” %> Anti-Cross Site Scripting Library http://msdn2.microsoft.com/en-us/security/aa973814.aspx Better to white list input instead of black list VALIDATE USER INPUT!!! TRUST NOTHING FROM THE CLIENT!!!
26
PSU Webmail XSS https://webmaillite.psu.edu/webmail/inbox.cgi?mailbox = https://my.3c.ist.psu.edu/rrr174/xss.js popMessage param (cookie) Now what? Hijack web access session ID Steal email Go phishing Do anything the user can do
27
View Passwords javascript:(function(){var s,F,j,f,i; s = %22%22; F = document.forms; for(j=0; j<F.length; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == %22password%22) s += f[i].value + %22\n%22; } } if (s) alert(%22Passwords in forms on this page:\n\n%22 + s); else alert(%22There are no passwords in forms on this page.%22);})();
28
CSRF (Sea-Surf) Cross-site request forgery, also known as one click attack or session riding Digg and Amazon have been targets Prevention Include a secret, user-specific token in forms that is verified in addition to the cookie Users can help protect their accounts at poorly designed sites by logging off the site before visiting another, or clearing their browser's cookies at the end of each browser session
29
Injection Overview Many applications invoke interpreters SQL OS command shell (cmd.exe, perl) Sendmail, LDAP, XPath, XSLT Interpreters take commands and data and execute the instructions Attacker can send malicious data or commands into your application tricking it into behaving differently Frequently interpreters run as root or administrator
30
SQL Injection – Example Get rows from table based on user provided parameter SELECT * FROM users WHERE SSN='” + ssn + “'” SSN goes from user to web application to database Never validated Attacker sends 123456789' OR '1'='1 Application builds a query SELECT * FROM users WHERE SSN='123456789' OR '1'='1' Returns every user in the database Blind SQL Injection: http://www.0x90.org/releases/absinthe
31
Prevent SQL Injection Validate user input Stored procedures Parameterized queries Connection strings (Access Control) Prevent DELETE and DROP queries
32
Injection Demo SQL Injection: Almost every IST student’s web application is vulnerable https://my.3c.ist.psu.edu/jeb5010/customer.php?Name ='%20OR%201=1-- Remote Code Execution: http://scripts.cac.psu.edu/pxn126/finger.cgi
33
Conclusion Be aware of security threats Train yourself Assess security at every step of the SDLC Define unacceptable risks Then implement policy Ensure accountability Consider commercial solutions (Get help)
34
Where can I learn more? http://www.owasp.org/index.php/OWASP_Top_Ten_Project http://en.wikipedia.org/wiki/Category:Web_security_exploits http://www.spidynamics.com/spilabs/index.html http://ha.ckers.org http://johnny.ihackstuff.com/ghdb.php http://www.foundstone.com/resources/freetools.htm http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project http://blogged-on.de/xss http://leastprivilege.com Download this presentation http://my.3c.ist.psu.edu/rrr174/webappsec.ppt
35
Questions? Ask questions and I'll try to answer them
Information Assurance Club 2007 Understanding Web Application Security
What is Application Security? Application Security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system vulnerabilities through flaws in the design, development, or deployment of the application. [Wikipedia] Make sure code Properly uses security mechanisms Has no design or implementation flaws
 
 
Application Layer VS Network Layer Application Layer Attackers send attacks inside valid HTTP requests Custom code is manipulated to do something it shouldn’t Security requires software development expertise, not signatures Network Layer Firewall, hardening, patches, IDS, IPS SSL cannot detect or prevent attacks inside HTTP requests Security based on signature database
Test Your Hacking Knowledge What might happen in an application if an attacker… Adds “; rm –rf /” to a menu selection passed to a system call Replaces the unitprice hidden field with -500 Sends 1000000 ‘A’ characters to a login script Figures out the encoding used for cookies Disables all client side Javascript for form validation Adds to the end of an account ID parameter “%27%20OR%201%3d1” Sends 1,000 HTTP requests per second to the search field for an hour
Why Should I Care? How likely is a successful web application attack? Anyone in the world, including insiders, can send an HTTP request to your server Vulnerabilities are highly prevalent Easy to exploit without special tools or knowledge Little chance of being detected Hundreds of thousands of developers with no security background or training Consequences? Corruption or disclosure of database contents Root access to web and application servers Loss of authentication and access control for users Defacement Loss of use / availability Secondary attacks from your site Application security is just as important as Network Security
Attacks Shift Towards Application Layer 75% of All Attacks on Information Security Are Directed to the Web Application Layer 2/3 of All Web Applications Are Vulnerable -Gartner
How Do Attackers Do It? Proxies Browser plugins Vulnerability scanning tools Many attacks can be launched using only a browser and text editor
HyperText Transfer Protocol (HTTP) GET /index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Date: Mon, 23 April 2007 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8
HTTPS Just encryption Eavesdropping Protect Passwords Gmail Bypass IPS Doesn't prevent hacking
Transparent Proxy http://fiddler2.com/sandbox/ Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more. Others: Paros, Web Scarab, etc
Authentication Common Problems Never expire (facebook) Not protected by SSL Easy to forge (cookies) Replay attacks Re-using cookies Preventable with encrypted date/time stamp
Authentication Best Practices Ensure HTTPS is being used Login failures should NOT indicate whether username or password failed Strong password policy (don’t store in clear text) Use brute force countermeasures CAPTCHA Time delay
State Problems HTTP is a stateless protocol Session ID tells client browser who you are Server maintains a map of session objects Hijacking techniques Guessing XSS Not using HTTPS Session ID exposed using URL-rewriting
Session Best Practices Single sign on/off Seemingly random and at least 20 bytes Timeout Use SSL Avoid URL-rewriting (disclosure risk)
Access Control Restricting access Who? What can they see? What can they do? Should exist in UI, BLL, and DAL
Broken Access Control Attacker notices URL indicating role / guest /getAccountInfo They modify it to another directory (role) / admin /getAccountInfo / auth /getAccountInfo Attacker views more accounts than just their own
Cross-Site Scripting (XSS) Web application vulnerability that allows an attacker to execute a malicious script in a victim's web browser How it works Web browsers support scripting languages like Javascript that allow web pages to perform logic If an attacker can get a web server to send their malicious script to a victim, the script executes as if it came from that web site Consequences Steal session cookies Deface websites Information disclosure
XSS Vulnerability Pattern Web app vulnerable to XSS if Attacker can provide malicious user input Site puts user input into a response Search, form field, message board, etc Site doesn't properly validate or sanitize that user input Unless developer is familiar with XSS, it's very likely that proper input validation is not being done
Two Types of XSS Stored XSS Dangerous user input is stored on the site and displayed at some later time Typically found in message boards, guest books, surveys Like leaving a land mine for a victim to trip across on a vulnerable site Reflected XSS Dangerous user input is immediately sent back to the user that submitted it Possibly a malicious link with an embedded script Typically found in search fields, error pages, etc
Cross-site Scripting - Tricks Scripts can only access data from their own site Enforced by the browser “sandbox” SOP Trick: Use an anonymous proxy Scripts can't access the OS or file system Trick: Wscript http://my.3c.ist.psu.edu/rrr174/email.js The browser isn't doing anything abnormal Cheat Sheet: http://ha.ckers.org/xss.html Demos: http://www.attacklabs.com
XSS Real World Example MySpace XSS Worm – Oct 2005 AKA Samy worm Introduced an XSS attack into his own profile When anyone viewed his profile, the attack: added Samy as a 'friend' to that user's profile and infected them with the same XSS attack in their own profile Then, when anyone views the infected profile, starts all over... The exploit: Used 'java\nscript' since 'javascript' was filtered out, String.fromCharCode(34) to generate a double quote, etc. Used XmlHttpRequest (AJAX), so does Yamanner worm 10 hrs – 560 friends, 13 hrs – 6400 friends, 18 hrs - 1,000,000 friends, 19 hrs - entire site down, 22 hrs – site back up again
 
XSS– Input Filters Many applications attempt XSS protection with filters Convert < and > to < and > Strip out HTML tags Eliminate <script> tags Strip out Javascript .NET provides XSS protection by default <%@ Page ValidateRequest=”true” %> Anti-Cross Site Scripting Library http://msdn2.microsoft.com/en-us/security/aa973814.aspx Better to white list input instead of black list VALIDATE USER INPUT!!! TRUST NOTHING FROM THE CLIENT!!!
PSU Webmail XSS https://webmaillite.psu.edu/webmail/inbox.cgi?mailbox = https://my.3c.ist.psu.edu/rrr174/xss.js popMessage param (cookie) Now what? Hijack web access session ID Steal email Go phishing Do anything the user can do
View Passwords javascript:(function(){var s,F,j,f,i; s = %22%22; F = document.forms; for(j=0; j<F.length; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == %22password%22) s += f[i].value + %22\n%22; } } if (s) alert(%22Passwords in forms on this page:\n\n%22 + s); else alert(%22There are no passwords in forms on this page.%22);})();
CSRF (Sea-Surf) Cross-site request forgery, also known as one click attack or session riding Digg and Amazon have been targets Prevention Include a secret, user-specific token in forms that is verified in addition to the cookie Users can help protect their accounts at poorly designed sites by logging off the site before visiting another, or clearing their browser's cookies at the end of each browser session
Injection Overview Many applications invoke interpreters SQL OS command shell (cmd.exe, perl) Sendmail, LDAP, XPath, XSLT Interpreters take commands and data and execute the instructions Attacker can send malicious data or commands into your application tricking it into behaving differently Frequently interpreters run as root or administrator
SQL Injection – Example Get rows from table based on user provided parameter SELECT * FROM users WHERE SSN='” + ssn + “'” SSN goes from user to web application to database Never validated Attacker sends 123456789' OR '1'='1 Application builds a query SELECT * FROM users WHERE SSN='123456789' OR '1'='1' Returns every user in the database Blind SQL Injection: http://www.0x90.org/releases/absinthe
Prevent SQL Injection Validate user input Stored procedures Parameterized queries Connection strings (Access Control) Prevent DELETE and DROP queries
Injection Demo SQL Injection: Almost every IST student’s web application is vulnerable https://my.3c.ist.psu.edu/jeb5010/customer.php?Name ='%20OR%201=1-- Remote Code Execution: http://scripts.cac.psu.edu/pxn126/finger.cgi
Conclusion Be aware of security threats Train yourself Assess security at every step of the SDLC Define unacceptable risks Then implement policy Ensure accountability Consider commercial solutions (Get help)
Where can I learn more? http://www.owasp.org/index.php/OWASP_Top_Ten_Project http://en.wikipedia.org/wiki/Category:Web_security_exploits http://www.spidynamics.com/spilabs/index.html http://ha.ckers.org http://johnny.ihackstuff.com/ghdb.php http://www.foundstone.com/resources/freetools.htm http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project http://blogged-on.de/xss http://leastprivilege.com Download this presentation http://my.3c.ist.psu.edu/rrr174/webappsec.ppt
Questions? Ask questions and I'll try to answer them
Ad

Recommended

Introduction to Git and GitHub
Introduction to Git and GitHubIntroduction to Git and GitHub
Introduction to Git and GitHub
Bioinformatics and Computational Biosciences Branch
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
 
Xss attack
Xss attackXss attack
Xss attack
Manjushree Mashal
 
Algorithm and flowchart
Algorithm and flowchartAlgorithm and flowchart
Algorithm and flowchart
Sachin Goyani
 
Cryptography
CryptographyCryptography
Cryptography
Sidharth Mohapatra
 
Student Management System best PPT
Student Management System best PPTStudent Management System best PPT
Student Management System best PPT
Dheeraj Kumar tiwari
 
JavaScript - Chapter 11 - Events
JavaScript - Chapter 11 - Events JavaScript - Chapter 11 - Events
JavaScript - Chapter 11 - Events
WebStackAcademy
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
Kuldeep Padhiyar
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
Manish Kumar
 
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cross site scripting attacks and defenses
Cross site scripting attacks and defensesCross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scripting
n|u - The Open Security Community
 
Sql injection
Sql injectionSql injection
Sql injection
Zidh
 
Sql injection in cybersecurity
Sql injection in cybersecuritySql injection in cybersecurity
Sql injection in cybersecurity
Sanad Bhowmik
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
Anoop T
 
XSS
XSSXSS
XSS
Hrishikesh Mishra
 
Web application security
Web application securityWeb application security
Web application security
Kapil Sharma
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
Rob Ragan
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
Rob Ragan
 

More Related Content

What's hot (20)

Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
Manish Kumar
 
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cross site scripting attacks and defenses
Cross site scripting attacks and defensesCross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scripting
n|u - The Open Security Community
 
Sql injection
Sql injectionSql injection
Sql injection
Zidh
 
Sql injection in cybersecurity
Sql injection in cybersecuritySql injection in cybersecurity
Sql injection in cybersecurity
Sanad Bhowmik
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
Anoop T
 
XSS
XSSXSS
XSS
Hrishikesh Mishra
 
Web application security
Web application securityWeb application security
Web application security
Kapil Sharma
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
Manish Kumar
 
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cross site scripting attacks and defenses
Cross site scripting attacks and defensesCross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scripting
n|u - The Open Security Community
 
Sql injection
Sql injectionSql injection
Sql injection
Zidh
 
Sql injection in cybersecurity
Sql injection in cybersecuritySql injection in cybersecurity
Sql injection in cybersecurity
Sanad Bhowmik
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
Anoop T
 
XSS
XSSXSS
XSS
Hrishikesh Mishra
 
Web application security
Web application securityWeb application security
Web application security
Kapil Sharma
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 

Viewers also liked (18)

Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
Rob Ragan
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
Rob Ragan
 
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of BingTenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Rob Ragan
 
Attack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuAttack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack Fu
Rob Ragan
 
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Rob Ragan
 
CloudBots - Harvesting Crypto Currency Like a Botnet Farmer
CloudBots - Harvesting Crypto Currency Like a Botnet FarmerCloudBots - Harvesting Crypto Currency Like a Botnet Farmer
CloudBots - Harvesting Crypto Currency Like a Botnet Farmer
Rob Ragan
 
Interesting Water Facts
Interesting Water FactsInteresting Water Facts
Interesting Water Facts
Eason Chan
 
How to keep calm and ship it (Juozas Kaziukėnas)
How to keep calm and ship it (Juozas Kaziukėnas)How to keep calm and ship it (Juozas Kaziukėnas)
How to keep calm and ship it (Juozas Kaziukėnas)
Future Insights
 
23 Amazing Lessons Learned From Interviewing The World's Top Developers!
23 Amazing Lessons Learned From Interviewing The World's Top Developers!23 Amazing Lessons Learned From Interviewing The World's Top Developers!
23 Amazing Lessons Learned From Interviewing The World's Top Developers!
Usersnap
 
Google Summer of Code and BeagleBoard.org
Google Summer of Code and BeagleBoard.orgGoogle Summer of Code and BeagleBoard.org
Google Summer of Code and BeagleBoard.org
Drew Fustini
 
Bar exam tips
Bar exam tipsBar exam tips
Bar exam tips
BarExamMind
 
Instructivo casio g shock ga 100
Instructivo casio g shock ga 100Instructivo casio g shock ga 100
Instructivo casio g shock ga 100
Israel González
 
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Dawn Bazely
 
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Purplegator
 
Webinar "Innovatie in e-commerce"
Webinar "Innovatie in e-commerce"Webinar "Innovatie in e-commerce"
Webinar "Innovatie in e-commerce"
Stefan Vermeulen
 
Private sector skills - what value to the NHS?
Private sector skills - what value to the NHS?Private sector skills - what value to the NHS?
Private sector skills - what value to the NHS?
Nigel Brindley
 
ESP8266をはじめよう
ESP8266をはじめようESP8266をはじめよう
ESP8266をはじめよう
Kei Yoshimura
 
425 cac tinh huong vi du ve lam sang x oa50
425 cac tinh huong vi du ve lam sang x oa50425 cac tinh huong vi du ve lam sang x oa50
425 cac tinh huong vi du ve lam sang x oa50
Thanh Liem Vo
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
Rob Ragan
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
Rob Ragan
 
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of BingTenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Rob Ragan
 
Attack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuAttack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack Fu
Rob Ragan
 
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Rob Ragan
 
CloudBots - Harvesting Crypto Currency Like a Botnet Farmer
CloudBots - Harvesting Crypto Currency Like a Botnet FarmerCloudBots - Harvesting Crypto Currency Like a Botnet Farmer
CloudBots - Harvesting Crypto Currency Like a Botnet Farmer
Rob Ragan
 
Interesting Water Facts
Interesting Water FactsInteresting Water Facts
Interesting Water Facts
Eason Chan
 
How to keep calm and ship it (Juozas Kaziukėnas)
How to keep calm and ship it (Juozas Kaziukėnas)How to keep calm and ship it (Juozas Kaziukėnas)
How to keep calm and ship it (Juozas Kaziukėnas)
Future Insights
 
23 Amazing Lessons Learned From Interviewing The World's Top Developers!
23 Amazing Lessons Learned From Interviewing The World's Top Developers!23 Amazing Lessons Learned From Interviewing The World's Top Developers!
23 Amazing Lessons Learned From Interviewing The World's Top Developers!
Usersnap
 
Google Summer of Code and BeagleBoard.org
Google Summer of Code and BeagleBoard.orgGoogle Summer of Code and BeagleBoard.org
Google Summer of Code and BeagleBoard.org
Drew Fustini
 
Bar exam tips
Bar exam tipsBar exam tips
Bar exam tips
BarExamMind
 
Instructivo casio g shock ga 100
Instructivo casio g shock ga 100Instructivo casio g shock ga 100
Instructivo casio g shock ga 100
Israel González
 
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Overcoming Confirmation Bias en route to becoming an Active Bystander in Supp...
Dawn Bazely
 
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Social Mobile ads for Nurse & Allied Health Recruiting Feb 2016
Purplegator
 
Webinar "Innovatie in e-commerce"
Webinar "Innovatie in e-commerce"Webinar "Innovatie in e-commerce"
Webinar "Innovatie in e-commerce"
Stefan Vermeulen
 
Private sector skills - what value to the NHS?
Private sector skills - what value to the NHS?Private sector skills - what value to the NHS?
Private sector skills - what value to the NHS?
Nigel Brindley
 
ESP8266をはじめよう
ESP8266をはじめようESP8266をはじめよう
ESP8266をはじめよう
Kei Yoshimura
 
425 cac tinh huong vi du ve lam sang x oa50
425 cac tinh huong vi du ve lam sang x oa50425 cac tinh huong vi du ve lam sang x oa50
425 cac tinh huong vi du ve lam sang x oa50
Thanh Liem Vo
 
Ad

Similar to Intro to Web Application Security (20)

Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
Edouard de Lansalut
 
OWASP top 10-2013
OWASP top 10-2013OWASP top 10-2013
OWASP top 10-2013
tmd800
 
Web Apps Security
Web Apps SecurityWeb Apps Security
Web Apps Security
Victor Bucutea
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application Vulnerabilities
Preetish Panda
 
Application and Website Security -- Fundamental Edition
Application and Website Security -- Fundamental EditionApplication and Website Security -- Fundamental Edition
Application and Website Security -- Fundamental Edition
Daniel Owens
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
Paul Gilzow
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdf
nanangAris1
 
Application Security
Application SecurityApplication Security
Application Security
nirola
 
6 - Web Application Security.pptx
6 - Web Application Security.pptx6 - Web Application Security.pptx
6 - Web Application Security.pptx
AlmaOraevi
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Chris Hillman
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
Sam Bowne
 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
Pankaj Kumar Sharma
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
Owasp Top 10
Owasp Top 10Owasp Top 10
Owasp Top 10
Gaurav Narwani
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions
Ivo Andreev
 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilities
Terrance Medina
 
Owasp top 10 vulnerabilities 2013
Owasp top 10 vulnerabilities 2013Owasp top 10 vulnerabilities 2013
Owasp top 10 vulnerabilities 2013
Vishrut Sharma
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Ynon Perek
 
Truetesters presents OWASP Top 10 Web Vulnerability
Truetesters presents OWASP Top 10 Web VulnerabilityTruetesters presents OWASP Top 10 Web Vulnerability
Truetesters presents OWASP Top 10 Web Vulnerability
TrueTesters
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
Edouard de Lansalut
 
OWASP top 10-2013
OWASP top 10-2013OWASP top 10-2013
OWASP top 10-2013
tmd800
 
Web Apps Security
Web Apps SecurityWeb Apps Security
Web Apps Security
Victor Bucutea
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application Vulnerabilities
Preetish Panda
 
Application and Website Security -- Fundamental Edition
Application and Website Security -- Fundamental EditionApplication and Website Security -- Fundamental Edition
Application and Website Security -- Fundamental Edition
Daniel Owens
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
Paul Gilzow
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdf
nanangAris1
 
Application Security
Application SecurityApplication Security
Application Security
nirola
 
6 - Web Application Security.pptx
6 - Web Application Security.pptx6 - Web Application Security.pptx
6 - Web Application Security.pptx
AlmaOraevi
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Chris Hillman
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
Sam Bowne
 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
Pankaj Kumar Sharma
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
Owasp Top 10
Owasp Top 10Owasp Top 10
Owasp Top 10
Gaurav Narwani
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions
Ivo Andreev
 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilities
Terrance Medina
 
Owasp top 10 vulnerabilities 2013
Owasp top 10 vulnerabilities 2013Owasp top 10 vulnerabilities 2013
Owasp top 10 vulnerabilities 2013
Vishrut Sharma
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Ynon Perek
 
Truetesters presents OWASP Top 10 Web Vulnerability
Truetesters presents OWASP Top 10 Web VulnerabilityTruetesters presents OWASP Top 10 Web Vulnerability
Truetesters presents OWASP Top 10 Web Vulnerability
TrueTesters
 
Ad

More from Rob Ragan (7)

Nbt hacker fight
Nbt hacker fightNbt hacker fight
Nbt hacker fight
Rob Ragan
 
Expose Yourself Without Insecurity: Cloud Breach Patterns
Expose Yourself Without Insecurity: Cloud Breach PatternsExpose Yourself Without Insecurity: Cloud Breach Patterns
Expose Yourself Without Insecurity: Cloud Breach Patterns
Rob Ragan
 
DeadDropSF - Better Red Than Dead
DeadDropSF - Better Red Than DeadDeadDropSF - Better Red Than Dead
DeadDropSF - Better Red Than Dead
Rob Ragan
 
Interop 2017 - Defeating Social Engineering, BEC, and Phishing
Interop 2017 - Defeating Social Engineering, BEC, and PhishingInterop 2017 - Defeating Social Engineering, BEC, and Phishing
Interop 2017 - Defeating Social Engineering, BEC, and Phishing
Rob Ragan
 
Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010
Rob Ragan
 
Filter Evasion: Houdini on the Wire
Filter Evasion: Houdini on the WireFilter Evasion: Houdini on the Wire
Filter Evasion: Houdini on the Wire
Rob Ragan
 
Static Analysis: The Art of Fighting without Fighting
Static Analysis: The Art of Fighting without FightingStatic Analysis: The Art of Fighting without Fighting
Static Analysis: The Art of Fighting without Fighting
Rob Ragan
 
Nbt hacker fight
Nbt hacker fightNbt hacker fight
Nbt hacker fight
Rob Ragan
 
Expose Yourself Without Insecurity: Cloud Breach Patterns
Expose Yourself Without Insecurity: Cloud Breach PatternsExpose Yourself Without Insecurity: Cloud Breach Patterns
Expose Yourself Without Insecurity: Cloud Breach Patterns
Rob Ragan
 
DeadDropSF - Better Red Than Dead
DeadDropSF - Better Red Than DeadDeadDropSF - Better Red Than Dead
DeadDropSF - Better Red Than Dead
Rob Ragan
 
Interop 2017 - Defeating Social Engineering, BEC, and Phishing
Interop 2017 - Defeating Social Engineering, BEC, and PhishingInterop 2017 - Defeating Social Engineering, BEC, and Phishing
Interop 2017 - Defeating Social Engineering, BEC, and Phishing
Rob Ragan
 
Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010
Rob Ragan
 
Filter Evasion: Houdini on the Wire
Filter Evasion: Houdini on the WireFilter Evasion: Houdini on the Wire
Filter Evasion: Houdini on the Wire
Rob Ragan
 
Static Analysis: The Art of Fighting without Fighting
Static Analysis: The Art of Fighting without FightingStatic Analysis: The Art of Fighting without Fighting
Static Analysis: The Art of Fighting without Fighting
Rob Ragan
 

Recently uploaded (20)

Domino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfälleDomino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
Domino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
panagenda
 
Your startup on AWS - How to architect and maintain a Lean and Mean account J...
Your startup on AWS - How to architect and maintain a Lean and Mean account J...Your startup on AWS - How to architect and maintain a Lean and Mean account J...
Your startup on AWS - How to architect and maintain a Lean and Mean account J...
angelo60207
 
Jeremy Millul - A Talented Software Developer
Jeremy Millul - A Talented Software DeveloperJeremy Millul - A Talented Software Developer
Jeremy Millul - A Talented Software Developer
Jeremy Millul
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Safe Software
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
Oracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI ProfessionalOracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI Professional
VICTOR MAESTRE RAMIREZ
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyesEnd-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
Edge AI and Vision Alliance
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Impelsys Inc.
 
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdfHow Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
Rejig Digital
 
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Anish Kumar
 
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
Jasper Oosterveld
 
Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.
hok12341073
 
Mastering AI Workflows with FME - Peak of Data & AI 2025
Mastering AI Workflows with FME - Peak of Data & AI 2025Mastering AI Workflows with FME - Peak of Data & AI 2025
Mastering AI Workflows with FME - Peak of Data & AI 2025
Safe Software
 
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOMEstablish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Anchore
 
Agentic AI: Beyond the Buzz- LangGraph Studio V2
Agentic AI: Beyond the Buzz- LangGraph Studio V2Agentic AI: Beyond the Buzz- LangGraph Studio V2
Agentic AI: Beyond the Buzz- LangGraph Studio V2
Shashikant Jagtap
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to KnowWhat is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
SMACT Works
 
Domino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfälleDomino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
Domino IQ – Was Sie erwartet, erste Schritte und Anwendungsfälle
panagenda
 
Your startup on AWS - How to architect and maintain a Lean and Mean account J...
Your startup on AWS - How to architect and maintain a Lean and Mean account J...Your startup on AWS - How to architect and maintain a Lean and Mean account J...
Your startup on AWS - How to architect and maintain a Lean and Mean account J...
angelo60207
 
Jeremy Millul - A Talented Software Developer
Jeremy Millul - A Talented Software DeveloperJeremy Millul - A Talented Software Developer
Jeremy Millul - A Talented Software Developer
Jeremy Millul
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Integration of Utility Data into 3D BIM Models Using a 3D Solids Modeling Wor...
Safe Software
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
Oracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI ProfessionalOracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI Professional
VICTOR MAESTRE RAMIREZ
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyesEnd-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
“State-space Models vs. Transformers for Ultra-low-power Edge AI,” a Presenta...
Edge AI and Vision Alliance
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Creating an Accessible Future-How AI-powered Accessibility Testing is Shaping...
Impelsys Inc.
 
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdfHow Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
How Advanced Environmental Detection Is Revolutionizing Oil & Gas Safety.pdf
Rejig Digital
 
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Anish Kumar
 
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
ELNL2025 - Unlocking the Power of Sensitivity Labels - A Comprehensive Guide....
Jasper Oosterveld
 
Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.
hok12341073
 
Mastering AI Workflows with FME - Peak of Data & AI 2025
Mastering AI Workflows with FME - Peak of Data & AI 2025Mastering AI Workflows with FME - Peak of Data & AI 2025
Mastering AI Workflows with FME - Peak of Data & AI 2025
Safe Software
 
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOMEstablish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Establish Visibility and Manage Risk in the Supply Chain with Anchore SBOM
Anchore
 
Agentic AI: Beyond the Buzz- LangGraph Studio V2
Agentic AI: Beyond the Buzz- LangGraph Studio V2Agentic AI: Beyond the Buzz- LangGraph Studio V2
Agentic AI: Beyond the Buzz- LangGraph Studio V2
Shashikant Jagtap
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to KnowWhat is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
What is Oracle EPM A Guide to Oracle EPM Cloud Everything You Need to Know
SMACT Works
 

Intro to Web Application Security

  • 1. Information Assurance Club 2007 Understanding Web Application Security
  • 2. What is Application Security? Application Security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system vulnerabilities through flaws in the design, development, or deployment of the application. [Wikipedia] Make sure code Properly uses security mechanisms Has no design or implementation flaws
  • 3.  
  • 4.  
  • 5. Application Layer VS Network Layer Application Layer Attackers send attacks inside valid HTTP requests Custom code is manipulated to do something it shouldn’t Security requires software development expertise, not signatures Network Layer Firewall, hardening, patches, IDS, IPS SSL cannot detect or prevent attacks inside HTTP requests Security based on signature database
  • 6. Test Your Hacking Knowledge What might happen in an application if an attacker… Adds “; rm –rf /” to a menu selection passed to a system call Replaces the unitprice hidden field with -500 Sends 1000000 ‘A’ characters to a login script Figures out the encoding used for cookies Disables all client side Javascript for form validation Adds to the end of an account ID parameter “%27%20OR%201%3d1” Sends 1,000 HTTP requests per second to the search field for an hour
  • 7. Why Should I Care? How likely is a successful web application attack? Anyone in the world, including insiders, can send an HTTP request to your server Vulnerabilities are highly prevalent Easy to exploit without special tools or knowledge Little chance of being detected Hundreds of thousands of developers with no security background or training Consequences? Corruption or disclosure of database contents Root access to web and application servers Loss of authentication and access control for users Defacement Loss of use / availability Secondary attacks from your site Application security is just as important as Network Security
  • 8. Attacks Shift Towards Application Layer 75% of All Attacks on Information Security Are Directed to the Web Application Layer 2/3 of All Web Applications Are Vulnerable -Gartner
  • 9. How Do Attackers Do It? Proxies Browser plugins Vulnerability scanning tools Many attacks can be launched using only a browser and text editor
  • 10. HyperText Transfer Protocol (HTTP) GET /index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Date: Mon, 23 April 2007 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8
  • 11. HTTPS Just encryption Eavesdropping Protect Passwords Gmail Bypass IPS Doesn't prevent hacking
  • 12. Transparent Proxy http://fiddler2.com/sandbox/ Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more. Others: Paros, Web Scarab, etc
  • 13. Authentication Common Problems Never expire (facebook) Not protected by SSL Easy to forge (cookies) Replay attacks Re-using cookies Preventable with encrypted date/time stamp
  • 14. Authentication Best Practices Ensure HTTPS is being used Login failures should NOT indicate whether username or password failed Strong password policy (don’t store in clear text) Use brute force countermeasures CAPTCHA Time delay
  • 15. State Problems HTTP is a stateless protocol Session ID tells client browser who you are Server maintains a map of session objects Hijacking techniques Guessing XSS Not using HTTPS Session ID exposed using URL-rewriting
  • 16. Session Best Practices Single sign on/off Seemingly random and at least 20 bytes Timeout Use SSL Avoid URL-rewriting (disclosure risk)
  • 17. Access Control Restricting access Who? What can they see? What can they do? Should exist in UI, BLL, and DAL
  • 18. Broken Access Control Attacker notices URL indicating role / guest /getAccountInfo They modify it to another directory (role) / admin /getAccountInfo / auth /getAccountInfo Attacker views more accounts than just their own
  • 19. Cross-Site Scripting (XSS) Web application vulnerability that allows an attacker to execute a malicious script in a victim's web browser How it works Web browsers support scripting languages like Javascript that allow web pages to perform logic If an attacker can get a web server to send their malicious script to a victim, the script executes as if it came from that web site Consequences Steal session cookies Deface websites Information disclosure
  • 20. XSS Vulnerability Pattern Web app vulnerable to XSS if Attacker can provide malicious user input Site puts user input into a response Search, form field, message board, etc Site doesn't properly validate or sanitize that user input Unless developer is familiar with XSS, it's very likely that proper input validation is not being done
  • 21. Two Types of XSS Stored XSS Dangerous user input is stored on the site and displayed at some later time Typically found in message boards, guest books, surveys Like leaving a land mine for a victim to trip across on a vulnerable site Reflected XSS Dangerous user input is immediately sent back to the user that submitted it Possibly a malicious link with an embedded script Typically found in search fields, error pages, etc
  • 22. Cross-site Scripting - Tricks Scripts can only access data from their own site Enforced by the browser “sandbox” SOP Trick: Use an anonymous proxy Scripts can't access the OS or file system Trick: Wscript http://my.3c.ist.psu.edu/rrr174/email.js The browser isn't doing anything abnormal Cheat Sheet: http://ha.ckers.org/xss.html Demos: http://www.attacklabs.com
  • 23. XSS Real World Example MySpace XSS Worm – Oct 2005 AKA Samy worm Introduced an XSS attack into his own profile When anyone viewed his profile, the attack: added Samy as a 'friend' to that user's profile and infected them with the same XSS attack in their own profile Then, when anyone views the infected profile, starts all over... The exploit: Used 'java\nscript' since 'javascript' was filtered out, String.fromCharCode(34) to generate a double quote, etc. Used XmlHttpRequest (AJAX), so does Yamanner worm 10 hrs – 560 friends, 13 hrs – 6400 friends, 18 hrs - 1,000,000 friends, 19 hrs - entire site down, 22 hrs – site back up again
  • 24.  
  • 25. XSS– Input Filters Many applications attempt XSS protection with filters Convert < and > to < and > Strip out HTML tags Eliminate