-
Notifications
You must be signed in to change notification settings - Fork 0
/
web app
144 lines (97 loc) · 2.66 KB
/
web app
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
webAPP hacking
components of web application security::
presentation(browser)=>logic(webserver)=>data(database)
in presentaion(crosssite sciripting,exploite weakness etc)
qury string routings and http verbs::
Routing:
define actions
discovery of client security constructs
portection offered by browser::
phishing sites;
invalidated ssl certification
weak cryptography rules
mixed content
reflected cross site scripting
security headers
what the browser con't defend against::
params tempering(cookie,forms,headers,query string)
persisting cross site scripting
tools
net sparker for (spider)
burp suit(forced browsing)
(directory traversal)
banner grabbing with wget/curl
server finger printing(nmap,znmap)
acunetix(discovery or devlopment artifect)(check web scanner)
(dicovery of services via genrated documentation)
CVE.mitre.org(drupal)(discovery framework)
identifing vulnerable tragtes with shodan(shodanhq.com)(shodan tools)
tempering of untrusted data::
OWASP(open web application security project) TOP 10 RISKS:
AI INJECTION
A2 BROKEN AUTHENTICATION
CROSS SITE SCRIPTING
ETC...
Understanding Data::(something come outside of dir)
request body
request headers
query string
url routing
changing http verb
external service
Parmerter tempering ::
tools(fiddler)
hidden form field::
Mass assigment attack:
Model binding
cookie poisoning:
Insecure direct object refrence:
defending against tempering
assue malicious intent
verify the server
clinet persistent is dangerous
whitlist allowable behaviors
Attack involving client
cross site scripting(XSS)
oauth
Dom
persistent cross site scripting
content security browser header
encoding for right context
flag cookies as http only
identifing risks and evading filters
xssposd.com(website)
xssfilter evasion cheet sheet
owasp.org(website)
client only validation
insufficent transport layer security
PCI seurity standards
TLS 1.2 latest version of TLS instead of ssl strong cryptograhic algo
fiddler scripts
key logger(javascipt injection)
cros site request forgrey(csrf)
Authcookie
anti forgery token
attack against identitiy mgt and access control
web application take more to calculate for hashing
Deniel of service attacks
n/w resources not avl
distrubuted denial of service(DDOS)
botnet
norsecorp.com(website)
LOIC(low orbit ion canon)(tools)
DNS reflection attack (dns query )
amplicafication attack (request largewait )
NTP attack(spoof packet sending)
SNMP attack
SYN flood attack
RDP session
cloud flare model
improper error handling
insecure cryprographic storage:
salt sha1 has
hashcat(tools)
hashcat(website)
owasp.org cheet sheet(website)
unvalidate redirects and forwards
exeception handling module in asp elmah