Print Email Facebook Twitter Black-Box assessment of Web systems security Title Black-Box assessment of Web systems security Author Senesi, M. Contributor Gross, H.G. (mentor) Van Vliet, F. (mentor) Faculty Electrical Engineering, Mathematics and Computer Science Department Department of Software Technology Programme Computer Science - track Software Engineering Date 2012-04-25 Abstract Many companies rely on Web applications to promote their services to the world. It is a logical step, as the Web offers great advantages such as convenience, low cost and instant reachability from anywhere in the world. Meanwhile Web applications tend to be implemented in an insecure way and the attacker does not even need to be too experienced to break into the companies over the Internet. Black-box penetration testing is very helpful in the assessment of Web systems security as it simulates such an attack. The aim of this thesis is to design and evaluate a structured methodology that any software developer can use to perform a black-box penetration test on Web systems to detect and prevent the most dangerous Web vulnerabilities. Subject hackingwebpenetration testingblack boxsecuritytestingsql injectioncross site scriptingfile uploadcommand injectionfilename injectionpath traversalcross site request forgerysanitizationfiltering To reference this document use: http://resolver.tudelft.nl/uuid:fd98efb8-8225-4eea-bf6c-5f56a2d022f5 Part of collection Student theses Document type master thesis Rights (c) 2012 Senesi, M. Files PDF milan.senesi-thesis-6.11.2011.pdf 2.23 MB Close viewer /islandora/object/uuid:fd98efb8-8225-4eea-bf6c-5f56a2d022f5/datastream/OBJ/view