Improvised Tool for Security Testing
31 Pages6112 Words125 Views
Added on 2022-01-17
Improvised Tool for Security Testing
Added on 2022-01-17
ShareRelated Documents
An Analytical Approach for
Obtaining the Improvised Tool for
Security Testing
Abstract
Obtaining the Improvised Tool for
Security Testing
Abstract
List of Figures
List of Tables
List of Abbreviations
TABLE OF CONTENTS
Chapter-1 Introduction.......................................................................................................................6
Chapter-2 Literature Review..............................................................................................................6
Chapter-3 Methodology......................................................................................................................6
Chapter-4 Experimental Procedure...................................................................................................6
Chapter-5 Analysis and Result...........................................................................................................6
Chapter-6 Discussion...........................................................................................................................6
Chapter-7 Conclusion..........................................................................................................................6
References............................................................................................................................................6
Chapter-1 Introduction.......................................................................................................................6
Chapter-2 Literature Review..............................................................................................................6
Chapter-3 Methodology......................................................................................................................6
Chapter-4 Experimental Procedure...................................................................................................6
Chapter-5 Analysis and Result...........................................................................................................6
Chapter-6 Discussion...........................................................................................................................6
Chapter-7 Conclusion..........................................................................................................................6
References............................................................................................................................................6
1 CHAPTER-1 INTRODUCTION
In the field of software development, different types of programming languages are used for the
designing of the software. In most cases, the developer chooses such a programming language that is
not open-source. However, not all of those kinds of software are eligible for creating the software.
Thus, in most cases, for the purpose of software development, Java, C and Python are used. This is
because all are eligible for creating the executable files. However, the executable files or software are
mostly sensitive to be attacked by the cybercriminals as for the vulnerability issues in it (Li, 2010).
Thus, after creating or designing software, security and functional testing are done to make sure about
the quality and health of the software.
Generally, open-source code is considered as less secured as it is using the open-source libraries as
well which are developed by some third party who do not disclose the internal operations of those
libraries. This is because, those kinds of codes can be easily hacked by the attackers as they will try to
penetrate into the code surface and will steal all the valuable and confidential information from the
code and server (Jinan et al., 2017). The sensitive issues are found in web frameworks and software
applications. Most of the web framework is done using Java and Python (Flask or Django) which is
open source. The backend of the database is designed based on the required data storage.
Thus, the identification and detection of vulnerability are essential for those software or backend
coding. There are different tools that are available which are used to check the vulnerabilities in a
source code. In this project, some tolls will be identified through which the codes will be tested for
vulnerabilities.
1.1 VULNERABILITIES
Software vulnerabilities in a certain code are the flaws or weaknesses that are present in that code.
These are often caused by the flaw, glitch or weakness that are present in the software through which
the code has been written (Hou et al., 2018). To write and design a sophisticated code, the flaws
thatare the vulnerabilities should be prevented. However, to prevent the code from vulnerabilities, the
reason and behaviour of all of the possible vulnerabilities need to be identified. The finding of the
code vulnerabilities can be done both manually and with the application of tools. However, all of the
vulnerabilities cannot be found through a manual search. Thus, the tools are required through which
the vulnerabilities can be found. There are different vulnerabilities present in Python which is an
In the field of software development, different types of programming languages are used for the
designing of the software. In most cases, the developer chooses such a programming language that is
not open-source. However, not all of those kinds of software are eligible for creating the software.
Thus, in most cases, for the purpose of software development, Java, C and Python are used. This is
because all are eligible for creating the executable files. However, the executable files or software are
mostly sensitive to be attacked by the cybercriminals as for the vulnerability issues in it (Li, 2010).
Thus, after creating or designing software, security and functional testing are done to make sure about
the quality and health of the software.
Generally, open-source code is considered as less secured as it is using the open-source libraries as
well which are developed by some third party who do not disclose the internal operations of those
libraries. This is because, those kinds of codes can be easily hacked by the attackers as they will try to
penetrate into the code surface and will steal all the valuable and confidential information from the
code and server (Jinan et al., 2017). The sensitive issues are found in web frameworks and software
applications. Most of the web framework is done using Java and Python (Flask or Django) which is
open source. The backend of the database is designed based on the required data storage.
Thus, the identification and detection of vulnerability are essential for those software or backend
coding. There are different tools that are available which are used to check the vulnerabilities in a
source code. In this project, some tolls will be identified through which the codes will be tested for
vulnerabilities.
1.1 VULNERABILITIES
Software vulnerabilities in a certain code are the flaws or weaknesses that are present in that code.
These are often caused by the flaw, glitch or weakness that are present in the software through which
the code has been written (Hou et al., 2018). To write and design a sophisticated code, the flaws
thatare the vulnerabilities should be prevented. However, to prevent the code from vulnerabilities, the
reason and behaviour of all of the possible vulnerabilities need to be identified. The finding of the
code vulnerabilities can be done both manually and with the application of tools. However, all of the
vulnerabilities cannot be found through a manual search. Thus, the tools are required through which
the vulnerabilities can be found. There are different vulnerabilities present in Python which is an
open-source coding language (Dhivvya et al., 2019). Some of the important vulnerabilities in python
code are listed below:
Insufficient Logging and Monitoring: This is one of the dangerous vulnerabilities which
causes the breach or tampering with the data that are accessed by python and stored in the
backend database.
Injection Flaws: It occurs when untrusted data is sent as part of a command or query to the
remote location or port. The cybercriminals then try to attack by applying the sophisticated
trick to the targeted system using unintended commands (Klyokta et al., 2019).
Sensitive Data Exposure: The flaws regarding credential management like the username and
password will incur a significant loss to the user.
Cross-Site Scripting Flaws: This is a type of risk in the web script through which
cybercriminals use to target a web page and steal all the data from there and create a new web
page. On that new web page, the same content will be replicated which distract the users
(Katole et al., 2018).
Broken Authentication: This is another type of vulnerability through which the user
credentials can be stolen as the code does not provide the integral measure to save the
credentials securely.
1.2 SOFTWARE SYSTEM VULNERABILITIES
<1000 WORDS>
USE THIS LINK FOR REF: https://www.compuquip.com/blog/computer-security-vulnerabilities
1.2.1 Types of Security Vulnerability
Hidden Backdoor Programs
Admin Account Privileges
Automated Running of Scripts
Unknown Security Bugs in Software
code are listed below:
Insufficient Logging and Monitoring: This is one of the dangerous vulnerabilities which
causes the breach or tampering with the data that are accessed by python and stored in the
backend database.
Injection Flaws: It occurs when untrusted data is sent as part of a command or query to the
remote location or port. The cybercriminals then try to attack by applying the sophisticated
trick to the targeted system using unintended commands (Klyokta et al., 2019).
Sensitive Data Exposure: The flaws regarding credential management like the username and
password will incur a significant loss to the user.
Cross-Site Scripting Flaws: This is a type of risk in the web script through which
cybercriminals use to target a web page and steal all the data from there and create a new web
page. On that new web page, the same content will be replicated which distract the users
(Katole et al., 2018).
Broken Authentication: This is another type of vulnerability through which the user
credentials can be stolen as the code does not provide the integral measure to save the
credentials securely.
1.2 SOFTWARE SYSTEM VULNERABILITIES
<1000 WORDS>
USE THIS LINK FOR REF: https://www.compuquip.com/blog/computer-security-vulnerabilities
1.2.1 Types of Security Vulnerability
Hidden Backdoor Programs
Admin Account Privileges
Automated Running of Scripts
Unknown Security Bugs in Software
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Security Programming Proposal for Threat Modeling and Testing Toollg...
|4
|702
|57
Webpage Designlg...
|4
|652
|90
Foundation of information System - Assignmentlg...
|4
|732
|51
Software Exploitation - VLClg...
|13
|3382
|419
Introduction to Kali Linuxlg...
|18
|683
|42
Studying Large Repositories of Source Code - Assignmentlg...
|12
|2264
|82