1,413 research outputs found
Alternative Approach to Automate Detection of DOM-XSS Vulnerabilities
Käesolevas lõputöös pakutakse välja alternatiivne meetod DOM-XSS tuvastamiseks, toetudes juba olemasolevatele lähenemistele, mida kasutavad erinevad XSS tuvastamise veebiskännerid. Veebiskännerite üldine lähenemine on selline, et kõikidesse skännitavatesse veebisisenditesse sisestatakse kood ning kontrollitakse HTML vastust, et tuvastada potentsiaalne XSS haavatavus. Antud lõputöös tehakse ettepanek tuua sisse lisaskännimise kiht, mis kujutab endast eraldi veebilehitsejat. See veebilehitseja vastutaks veebiserverisse kõikide päringute saatmise ja HTML vastuste kuvamise eest. Vastuse kuvamine käivitaks kõik lehel olevad programmikoodid. Iga kood, mis muudab veebi sisu dünaamiliselt põhjustades DOM-XSS, kajastuks renderdatud vastuses. Kuvatud vastuses kontrollitakse XSS haavatavuse olemasolu. Käesoleva lõputöö meetod võimaldab tuvastada nii DOM-XSS kui ka teisi XSS liike. Selleks, et seda meetodit tõestada, on lõputöö autor loonud veebipõhise tööriista XSS tuvastamiseks. Antud tööriist suudab avada ja kontrollida veebilehitsejat, mis võimaldab automaatselt kuvatud veebilehe haavatavust kontrollida. Lõpuks annab tööriist väljundiks skännimisest tekkinud raporti, mis näitab potentsiaalseid XSS vastu haavatavaid sisendeid. See tööriist aitab penetratsiooni testijaid, kes eelistavad manuaalset testimist.This thesis proposes an alternative methodology to detect DOM-XSS by building-up on the existing approach used by web scanners in detecting general XSS. Web scanners general approach is to inject payload in the web page inputs and check the recieved HTML repsonse for possible cross-site scripting vulnerabilties. The thesis proposes to add an extra scan layer which is an actual browser that would be resonsible for sending any request and render the recieved HTML response from webserver. Rendering the response causes any script in the page to be executed, hence any code that alters the page dynamic content causing DOM-XSS will reflect on the rendered response. Then the rendered response is checked for XSS vulnerabilties. The thesis methodology allows detecting both DOM-XSS and other types of XSS. To provide a proof of concept for this methodology, the thesis author created a web-based tool on that premises. The tool can open and control a browser which allows automated loading of web pages and scanning the rendered response for vulnerabilties. Finally, the tool provides detailed scan report that points out possible inputs that might cause XSS in order to assist penetration testers who prefer manual scans
Security Testing: A Survey
Identifying vulnerabilities and ensuring security functionality by security testing is a widely applied measure to evaluate and improve the security of software. Due to the openness of modern software-based systems, applying appropriate security testing techniques is of growing importance and essential to perform effective and efficient security testing. Therefore, an overview of actual security testing techniques is of high value both for researchers to evaluate and refine the techniques and for practitioners to apply and disseminate them. This chapter fulfills this need and provides an overview of recent security testing techniques. For this purpose, it first summarize the required background of testing and security engineering. Then, basics and recent developments of security testing techniques applied during the secure software development lifecycle, i.e., model-based security testing, code-based testing and static analysis, penetration testing and dynamic analysis, as well as security regression testing are discussed. Finally, the security testing techniques are illustrated by adopting them for an example three-tiered web-based business application
Exploring the Effectiveness of Web Crawlers in Detecting Security Vulnerabilities in Computer Software Applications
With the rapid development of the Internet, the World Wide Web has become a carrier of a large amount of information. In order to effectively extract and use this information, web crawlers that crawl various web resources have emerged. The interconnectedness, openness, and interactivity of information in the World Wide Web bring great convenience for information sharing to the society and they also bring many security risks. To protect resource information, computer software security vulnerabilities have become the focus of attention. This article is based on the method of computer software security detection under a web crawler simply analyzes the basic concepts of computer software security detection and analyzes the precautions in the process of security detection. Finally, combined with the computer software security vulnerability problems in the web crawler environment, its security detection technology Application for further analysis
A Hybrid Graph Neural Network Approach for Detecting PHP Vulnerabilities
This paper presents DeepTective, a deep learning approach to detect
vulnerabilities in PHP source code. Our approach implements a novel hybrid
technique that combines Gated Recurrent Units and Graph Convolutional Networks
to detect SQLi, XSS and OSCI vulnerabilities leveraging both syntactic and
semantic information. We evaluate DeepTective and compare it to the state of
the art on an established synthetic dataset and on a novel real-world dataset
collected from GitHub. Experimental results show that DeepTective achieves near
perfect classification on the synthetic dataset, and an F1 score of 88.12% on
the realistic dataset, outperforming related approaches. We validate
DeepTective in the wild by discovering 4 novel vulnerabilities in established
WordPress plugins.Comment: A poster version of this paper appeared as
https://doi.org/10.1145/3412841.344213
AUTOMATED, SCHEDULED AND CI /CD WEB INJECTION
This report is made within the Curricular Unit (UC) Project, in the 2nd year of
the Master in Cyber-security and Forensic Informatics (MCIF) provided by the
Polytechnic Institute of Leiria (IPL). The purpose of this project is to study SQL
Injection vulnerabilities in web applications. According to OWASP (Open Web
Application Security Project) [20][19], this is one of the more prevalent attacks on
web applications. As part of this work a web application was implemented, which
can from a URL address, go through all the endpoints of the target application
and test for SQL Injection vulnerabilities. The application also makes allows for
scheduling of the tests and it is integrable with Continuous Integration / Continuous
Delivery (CI/CD) environments. According to the literature on the subject, there
are several algorithms that can be employed to test for existing SQL Injection
vulnerabilities in a web application. In this document, we analyze them both from
a theoretical and an implementation point of view. In order to better understand
the subject, and produce a useful tool in this space. With the development of this
project, we concluded that it is possible to integrate SQL vulnerability tests, with
CI/CD pipeline and automate the development process of an application, with the
execution of SQL injection tests in an automated way
Web Vulnerability Through Cross Site Scripting (XSS) Detection with OWASP Security Shepherd
Web applications are needed as a solution to the use of internet technology that can be accessed globally, capable of displaying information that is rich in content, cost effective, easy to use and can also be accessed by anyone, anytime and anywhere. In the second quarter of 2020, Wearesocial released information related to internet users in the world around 4.54 billion with 59% penetration. People become very dependent on the internet and also technology. This condition was also triggered due to the Covid-19 pandemic.One thing that becomes an issue on website application security is internet attacks on website platforms and we never expected the vulnerability. One type of attack or security threat that often arises and often occurs is Cross Site Scripting (XSS). XSS is one of Top 10 Open Web Application Security Projects (OWASP) lists.There are several alternatives that we can use to prevent cyber-attack. OWASP Security Shepherd can be used as a way to prevent XSS attacks. The OWASP Security Shepherd project allows users to learn or develop their manual penetration testing skills. In this research, there are several case examples or challenges that we can use as a simulation of the role of OWASP Security Shepherd to detect this XSS. The purpose of this paper is to conduct a brief and clear review of technology on OWASP Security Shepherd. This technology was chosen as an appropriate and inexpensive alternative for users to ward off XSS attacks
- …