logo

Reflective Critical Analysis | Web Application Security

Set up dynamic web pages, evaluate web server-side technologies, identify and test security threats, design and test web application security.

5 Pages1203 Words10 Views
   

Added on  2022-08-17

Reflective Critical Analysis | Web Application Security

Set up dynamic web pages, evaluate web server-side technologies, identify and test security threats, design and test web application security.

   Added on 2022-08-17

ShareRelated Documents
Running head: WEB APPLICATION SECURITY
Web Application Security
Name of the Student
Name of the University
Author Note
Reflective Critical Analysis | Web Application Security_1
WEB APPLICATION SECURITY1
Reflective Critical Analysis
We find scanning, sniffing and SQL injection as important activities for both attackers
and network administrators. To perform scanning of vulnerable web applications and sniff
important information contained by them we need to be methodical in our approach to
conduct penetration tests (Medeiros, Neves and Correia 2016). When we are targeting
vulnerable web applications like OWASP Mutillidae we can use the Nmap tool for getting to
learn about the insecure hosts that have open and exploitable ports through which the target
systems try to access the web and mailing domains (Almasalmeh, Saidi and Trabelsi 2019).
As these domains are being hosted locally, the IP address of these host systems need to be
scanned. We host the vulnerable web application using the XAMPP Server and then
refreshed the databases to ensure the tables and database schema are appropriately set up.
Nmap is offers us a broad set of functions which help us in conducting various tasks through
execution of various executable commands (Hwang and Kim 2019). Here we find some very
useful functions like Nmap target selection, Nmap port selection, Nmap port scan types,
service and OS detections, Nmap output formats and the ability to run NSE scripts. When it
comes to targeting the vulnerable web application Mutillidae we can use the Nmap tool to
learn about the open hosts and exploitable ports of a webpage or target system (Almasalmeh,
Saidi and Trabelsi 2019). Here, since the webpage is being locally hosted, the ip address of
the host system is being scanned. By performing such Nmap scans we are getting to know the
exploitable ports and protocols of the different host systems. Next Wireshark packet capture
provides us with the web application server IP from destination port and provides important
clues in raw data of packets which can be used to make the right queries with sqlmap.
Wireshark is one of the most popular protocol analysers that we can use for network
administration as well as for for sniffing information from vulnerable websites (CUI and
SHEN 2018). Once messages are sent over the network the recipient host responds by
Reflective Critical Analysis | Web Application Security_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Web Application Set-up Assignment 2022
|13
|1511
|15

Ethical Hacking & Countermeasures Report 2022
|25
|3747
|46

Cyber Security - Assignment PDF
|8
|2242
|71

Penetration Testing and Intrusion Detection Name of the University Author
|57
|5094
|316

Security Assessment on a Firewall
|11
|891
|145

TCP Scan On The Webserver
|13
|1284
|26