Narain exploring web vulnerabilities

336 views

Published on

These are the slides that i had presented during "Braindigit 9th National Conference2013 "

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
336
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Narain exploring web vulnerabilities

  1. 1. Purpose Of This Presentation For Awareness in Software QualityStrictly not for wrong use, not to damage or harm any one’s intellectual property
  2. 2. Vote of thanks• ITS Nepal• BRAINDIGIT IT Solution• OWASP• OWASP Nepal• SQA Professionals
  3. 3. Overview• Introduction• Stats on attack site• Top Tools• Demo vulnerability scanning• Analysis of report
  4. 4. Nearly 11K Attack sites arediscovered monthly
  5. 5. • Nearly 150 K Infected sites are• Discovered Monthly• I.e. nearly 5000 sites are infected daily• I.e. nearly 3 sites are infected per minute
  6. 6. After all• No software is 100% bug free, so is the web.• Difference is in level of security maintained.
  7. 7. Lock Demonstration1st lock is the simplest lock that can be broken easily and by huge mass of people(x).2nd lock is bit more complex and can be broken by(x-10,000) no of people.3rd lock is most complex and can be broken by few people on earth lets say 2 people
  8. 8. Familiar words
  9. 9. Tools
  10. 10. Demo• With joomscan Check “narain-joomscan.pptx” for slidesrelated to joomscan.• With Acunetix Check “narain- acunetix.pptx” for slidesrelated to acunetix
  11. 11. LET’S ANALYSISTHE REOPRT WE HAVE NOW
  12. 12. The Hard Part Analysing the report of Automation (15-500 pgs)Analysing False Positives and Negatives (everything seems true) N Fixing The Holes
  13. 13. Web securityDoesnt only depend on Security of servers Or Security of Application But to Whole Echo System of WEBLet’s Try More with our little knowledge
  14. 14. Thanking You

×