web application vulnerability upload
TRANSCRIPT
![Page 1: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/1.jpg)
Web Application Vulnerability
![Page 2: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/2.jpg)
OutlineIntroductionDefinitionObjectivesEntitiesThreatsPreventionConclusion
![Page 3: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/3.jpg)
Introduction
![Page 4: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/4.jpg)
Web AppVulnerabilities
![Page 5: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/5.jpg)
Definition
![Page 6: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/6.jpg)
•Web application : web-based software that provide services to users• Vulnerability: weakness which
allows attackers to reduce a system’s information assurance
![Page 7: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/7.jpg)
Objectives
![Page 8: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/8.jpg)
To breach a system's protection mechanisms
To take advantage or gain access to private information or system resources
To compromise the integrity or availability of application
To compromise the trust relationship between an application user and the web application
![Page 9: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/9.jpg)
Entities
![Page 10: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/10.jpg)
Attacker
•Unauthorized user
•Exploit the system
Victim
•Authorized user
•Weak system
![Page 11: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/11.jpg)
Threat on Web Application
![Page 12: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/12.jpg)
Buffer Overfl
ow
Cross-Site
Scripting (XSS)
Command injection
SQL Injecti
on
Cookie Snooping
![Page 13: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/13.jpg)
Preventions
![Page 14: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/14.jpg)
Avoid generation of informational
error messages
Remove HTML
comments
Use two-level
validation
Use encryption
![Page 15: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/15.jpg)
Conclusion
![Page 16: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/16.jpg)
A combination of application of both technologies and user awareness are
the only effective ways of truly defending against web attacks.
![Page 17: Web application vulnerability upload](https://reader034.vdocuments.us/reader034/viewer/2022052600/55826226d8b42a09258b5680/html5/thumbnails/17.jpg)