Application security overview

520 views
437 views

Published on

Myself and Asanka Fernandopulle conducted corporate level workshop on Application Security. This workshop covered areas such as application security treats, secure cording practices, application penetration testing and web application exploitations. Workshop mainly consisted with practical sessions and demonstrations. You can find all the presentations here.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
520
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Application security overview

  1. 1. Application Security Dilan Warnakulasooriya Asanka Fernandopulle Information Security Engineer Senior Software Engineer 99X Technology 99X Technology1/1/2013 99X Technology(c) 1
  2. 2. Basics of Application Security • HTTP and HTTPS • Symmetric key • Asymmetric key • Session key • Analyzing a certificate • Sniffing HTTP and HTTPS • Calomel plugin1/1/2013 99X Technology(c) 2
  3. 3. Basics of Application Security • Man in the middle • Analyzing browser requests • Analyzing server response • https communication • https and s-http1/1/2013 99X Technology(c) 3
  4. 4. Basics of Application Security • What OWASP does • Builders , Breakers and Defenders1/1/2013 99X Technology(c) 4
  5. 5. Web Application penetration testing • Basic web testing methodology • Vulnerability, Threat and Exploit • Developer level application security overview1/1/2013 99X Technology(c) 5
  6. 6. Web Application penetration testing • Application Security frameworks • Before development begins • During definition and design • During development • During deployment • Maintenance and operations1/1/2013 99X Technology(c) 6
  7. 7. Web Application penetration testing • Web application security review frameworks • Samurai WTF • Websecurify • Wapiti • Skiffish • Acunetix • Webscarab • W3af1/1/2013 99X Technology(c) 7
  8. 8. Secure Authentication • Authentication/Access control methods1/1/2013 99X Technology(c) 8
  9. 9. Secure Authentication • Authentication bypass techniques • Direct page request • Parameter modification • Session ID prediction • Sql injection Session predictability - webscarab/burpsuite1/1/2013 99X Technology(c) 9
  10. 10. Secure Authentication • Bypass authentication matrix • Basic authentication • Multi-Level login 1 • Multi-Level login 21/1/2013 99X Technology(c) 10
  11. 11. Secure Authentication • Password remember • Password strength • Forgot password • Browser cache management1/1/2013 99X Technology(c) 11
  12. 12. Secure Authentication • Parameter tampering • Bypass HTML Field restrictions • Exploit hidden fields • Bypass client side JavaScript validation • Coding controls for Parameter Tampering1/1/2013 99X Technology(c) 12
  13. 13. Secure Authentication • Access control flaws • Using an Access control matrix • Bypass a path based access control scheme • Bypass data layer access control1/1/2013 99X Technology(c) 13
  14. 14. Injections • SQL injection classes • In band • Out of band • Inferential1/1/2013 99X Technology(c) 14
  15. 15. Injections • Techniques to exploit sql injections • Union operator • Boolean • Error based • Out of band • Time delay1/1/2013 99X Technology(c) 15
  16. 16. Injections • Standard SQL injection testing • SELECT * FROM Users WHERE Username=$username AND Password=$password • Numeric sql injection1/1/2013 99X Technology(c) 16
  17. 17. Injections • Union Exploitation technique • Xpath injection • String sql injection1/1/2013 99X Technology(c) 17
  18. 18. Injections • Boolean Exploitation technique • Sql injection : stage 1 : String sql injection • Stage 3 : Numeric sql injection1/1/2013 99X Technology(c) 18
  19. 19. Injections • Error based Exploitation technique • Modify data with sql injection • Add data with sql injection1/1/2013 99X Technology(c) 19
  20. 20. Injections • Out of band Exploitation technique1/1/2013 99X Technology(c) 20
  21. 21. Injections • Time delay Exploitation technique • Stored procedure Exploitation technique • Automated Exploitation technique1/1/2013 99X Technology(c) 21
  22. 22. Injections • How developers work on SQL injection • Automate your injection • sqlmap1/1/2013 99X Technology(c) 22
  23. 23. Session Management • Session management techniques • Session management vulnerability • insufficient session id length • Session fixation • Session variable overloading1/1/2013 99X Technology(c) 23
  24. 24. Session Management • Check your cookies • Cookie collection • Cookie reverse engineering • Cookie manipulation • Hijack a session • Hijack a session • Spoof an authentication cookie • Session fixation1/1/2013 99X Technology(c) 24
  25. 25. Session Management • How developers work on session handling1/1/2013 99X Technology(c) 25
  26. 26. Code Quality • Code quality breach • Discover clues in the HTML1/1/2013 99X Technology(c) 26
  27. 27. Cross Site Scripting • Scripting types • Reflected cross site scripting (non-persistent XSS) • Stored cross site scripting (second-order XSS) • DOM based cross site scripting (type 0 xss)1/1/2013 99X Technology(c) 27
  28. 28. Cross Site Scripting • Reflected cross site scripting (non-persistent XSS) • Testing for reflected XSS • Reflected xss1/1/2013 99X Technology(c) 28
  29. 29. Cross Site Scripting • Bypass XSS filters • Tag Attribute Value • Different syntax or enconding • Bypassing non-recursive filtering1/1/2013 99X Technology(c) 29
  30. 30. Cross Site Scripting • Stored cross site scripting (second-order XSS) • XSS attack scenario • Stored XSS1/1/2013 99X Technology(c) 30
  31. 31. Cross Site Scripting • Testing for Stored cross site scripting • Input forms • Analyze HTML code • Exploitation framework • File upload1/1/2013 99X Technology(c) 31
  32. 32. Cross Site Scripting • How developer handle XSS and CSRF1/1/2013 99X Technology(c) 32
  33. 33. Testing Tools • Proxy • How to write secure programs1/1/2013 99X Technology(c) 33
  34. 34. Thank you1/1/2013 99X Technology(c) 34

×