Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (19)
Andere mochten auch
Andere mochten auch (20)
Ähnlich wie Security testing operation vijay
Ähnlich wie Security testing operation vijay (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Security testing operation vijay
- 3. Hackers
- 4. Types of Hackers ● Ethical Hackers ● Crackers
- 5. Define Security Testing is a type of testing that intends to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.
- 6. Types of Security Testing ● Infrastructure Security Testing ● Application Security Testing
- 7. When?
- 8. Security Testing Vocabulary ● Reconnaissance/ Information gathering ● Vulnerability ● Exploit
- 11. P@ssw04d
- 13. Default / Weak Passwords
- 15. Cross Site Scripting Client side injection attack Types: Reflected XSS Stored XSS DOM based XSS
- 19. Stored XSS Demo
- 22. XSS Prevention Don’t use user input as-is Encoding X-XSS-Protection Response Header HttpOnly flag Response Header
- 24. SQL Injection Attack where SQL commands are injected in order to affect the execution of predefined SQL commands
- 27. SQL Injection Prevention Don’t use user input directly Use prepared statements Use stored procedures Use frameworks
- 28. ZAP
- 30. Thank you Dhaval Doshi (@dhavaldoshi) Lavanya Mohan (@LavanyaMohan210) Shirish Padalkar (@_Garbage_)
Hinweis der Redaktion
- Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose
- Why do real hackers hack? What is their motivation? Money? Damage to opponent Fame Government does hacking to get information
- Also known as ethical hackers, White Hat hackers are the good guys of the hacker world. They’ll help you remove a virus or PenTest a company. Black Hat – Also known as crackers, these are the men and women you hear about in the news. They find banks or other companies with weak security and steal money or credit card information. The surprising truth about their methods of attack is that they often use common hacking practices they learned early on. Gray Hat – Nothing is ever just black or white; the same is true in the world of hacking. Gray Hat hackers don’t steal money or information (although, sometimes they deface a website or two), yet they don’t help people for good (but, they could if they wanted to). These hackers comprise most of the hacking world, even though Black Hat hackers garner most (if not all) of the media’s attention.
- Infrastructure Security Testing Hack windows machine to get full control Causing network to go down Application Security Testing JIRA installed on a local server
- When do you do security testing??? When should we do security testing?
- Reconnaissance - mission to obtain information by visual observation or other detection methods a vulnerability is a weakness which allows an attacker to reduce a system's information assurance Exploit - causing unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic (usually computerised) by taking advantage of vulnerabilities
- http://www.hackingtheuniverse.com/ i don’t like these guys i want to do some damage how do i start hacking lets think any ideas??? Show them wappalyzer. It shows versions as well. If the version of some software they are using has known vulnerabilities, that can be exploited. Example: http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/ Show Wappalyzer Robots.txt Admin login screen Task ->
- http://www.hackingtheuniverse.com/ i don’t like these guys i want to do some damage how do i start hacking lets think any ideas??? Show them wappalyzer. It shows versions as well. If the version of some software they are using has known vulnerabilities, that can be exploited. Example: http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/ Show Wappalyzer Robots.txt Admin login screen Task ->
- Ask for details of password It is recommended to use more than 8 characters in password. How many have less than 8 characters password for email? How many have only small case? Blah…. What would be your guess for their password What we were doing here is applying social engineering techniques to get to know your passwords or other important information. Can we really get details by just talking and not using a computer? Let’s see a video.
- https://www.youtube.com/watch?v=lc7scxvKQOo
- Default username and password like admin password for admin consoles. People use very common passwords (like password or just numbers, their names or dictionary words) 41% people use only lowercase password. Only about 4% use special characters in passwords 50% of people have password less than 8 characters in length (at least 8 is recommended)
- XSS attacks are type of injection attacks in which the attacker injects malicious code in web pages that are viewed by other users of the application.
- Basic using script tag Ask if you can just sanitize script tag.. Show how to bypass that -> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);>
- https://google-gruyere.appspot.com/536172483468/%3Cscript%3Ealert(document.cookie)%3C/script%3E https://google-gruyere.appspot.com/536172483468/feed.gtl?uid=%3Cscript%3Ealert(1)%3C/script%3E
- Ask if small text fields will prevent this attack Tell them about intercepting requests
- <a onmouseover="alert(1)" href="#">read this!</a> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> Google Gruyere: Stored XSS: (New snippet) <a onmouseover="alert(1)" href="#">read this!</a> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);>
- HTML encoding (< → <) URL encoding before inserting it into HTML HTML attribute encoding CSS encoding This HTTP response header enables the Cross-site scripting (XSS) filter built into some modern web browsers. This header is usually enabled by default anyway, so the role of this header is to re-enable the filter for this particular website if it was disabled by the user. HttpOnly flag is included in the HTTP response header, the cookie cannot be accessed through client side script
- It happens when computers cannot tell difference between code and data
- 2 ' 2' # 2' OR 1=1 2' Union select null # 2' union Select null, null # 2' Union Select null, @@version # 2' Union Select null, database() # 2' union select null, table_name from information_schema.tables # 2' union select null, table_name from information_schema.tables where table_name like '%user%' # 2' Union select null, column_name from information_schema.columns where table_name='users' # 1' Union select null, concat(user, 0x0a,password) from users # 2' Union select null, LOAD_FILE('/etc/passwd') #
- https://www.google.co.in/about/appsecurity/tools/