Security in WEB Applications, Definitions, Risks and Tools
نویسندگان
چکیده
Security in WEB applications has become a major concern for the scientific and business communities today. An increasing amount of money is being spent for handling information security. . Therefore, giving the proper importance of handling information security, the paper focuses on: definitions of software security, vulnerabilities and risks, dealing with various threats and vulnerabilities, the risk ranking created by OWASP (Open Web Application Security Project) and describes different tools that can be used for security within a Web application using a test, some of them are Zed Attack Proxy (ZAP), BeEF (The Browser Exploitation Framework), Burp Suite, PeStudio, Xenotix XSS Exploit Framework, Lynis, Reconng, Suricata, WPScan, and O-Saft (OWASP SSL Advanced Forensic Tool).
منابع مشابه
ایجاد نیمه خودکار مشاپ های سازمانی با استفاده از توصیفات معنایی
Mashups are next generation of web applications. A mashup is a lightweight web application that is created by combining information or capabilities from more than one existing resources to deliver a new and integrated experience to the user. Mashups introduce a new class of integration techniques in enterprises for implementing situational applications (i.e. applications that come together to s...
متن کاملUsing Control Frameworks to Map Risks in Web 2.0 Applications
Web 2.0 applications are continuously moving into the corporate mainstream. Each new development brings its own threats or new ways to deliver old attacks. The objective of this study is to develop a framework to identify the security issues an organisation is exposed to through Web 2.0 applications, with specific focus on unauthorised access. An extensive literature review was performed to obt...
متن کاملWeb 2.0 Technologies and Social Networking Security Fears in Enterprises
Web 2.0 systems have drawn the attention of corporation, many of which now seek to adopt Web 2.0 technologies and transfer its benefits to their organizations. However, with the number of different social networking platforms appearing, privacy and security continuously has to be taken into account and looked at from different perspectives. This paper presents the most common security risks fac...
متن کاملTowards Modeling Role-Based Pageflow Definitions within Web Applications
Model-Driven Software Development (MDSD) can be used to enhance developing and maintaining web applications. Furthermore, security plays a crucial role in the area of web applications. A seamless integration of access control and modeling web applications becomes important. This work introduces model-driven integration of security concerns into the development life cycle of web applications. In...
متن کاملEvaluating & engineering: an approach for the development of secure web applications
On a regular basis, we learn about well-known online services that have been misused or compromised by data theft. As insecure applications pose a threat to the users’ privacy as well as to the image of companies and organizations, it is absolutely essential to adequately secure them from the start of the development process. Often, reasons for vulnerable applications are related to the insuffi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Research in Computing Science
دوره 78 شماره
صفحات -
تاریخ انتشار 2014