Frameworks & Security How web applications frameworks kill your security scanning
|
|
- Veronica Phelps
- 6 years ago
- Views:
Transcription
1 Frameworks & Security How web applications frameworks kill your security scanning Christian Hang Armorize Technologies 173
2 Motivation > Web application security concerns you > Complex issue, but tools available > Understand analysis tool limitations > Frameworks make scanning difficult > Help to understand reasons & solutions
3 Web Application Security > Your web application is under attack! > Security affects the complete stack
4 DataSource ds; public void doget(httpservletrequest req, HttpServletResponse resp) { String password = req.getparameter("password"); String sql = "SELECT * FROM user WHERE name='admin' AND " + "password='" + password + "'"; Statement stmt = ds.getconnection().createstatement(); ResultSet res = stmt.executequery(sql); if (res.next()) { resp.getwriter().println("welcome"); } else { resp.getwriter().println("wrong password"); } }
5 Injection Vulnerability > Possible SQL Injection > Unvalidated user input: Tainted Source req.getparameter("password"); > Tainted data propagates: Dataflow path String password = req.getparameter("password"); String sql = "SELECT * FROM user WHERE name='admin' AND " + "password='" + password + "'"; > Unescaped tainted data is processed: Sink stmt.executequery(sql); "SELECT * FROM user WHERE AND password='' password='" OR + password 1=1 --'"; + "'";
6 Preventing Injection Vulnerabilities > Principles are simple: Don t trust user data! Validate against expected data Sanitize for output/processing > Applying them is difficult: Data flow can be complex Simple approaches don t work > Automate! Tools can help
7 Security Tools > Three types & technologies: Black box Penetration testing White box Static Code Analysis (SCA) Dynamic Analysis Runtime Guard/Monitor > Not one perfect solution
8 Security Tools > Standard: Testing after implementation Lots of findings, time constraints > Better: Testing during development > Developers likely to encounter SCA
9 Static Code Analysis > Compile time analysis > Operates on source code or binaries > Points to vulnerability on code line > Often provides traces > Can be integrated in development process
10 What can be detected by SCA? > Open Example: WebOWASP Application Top Security 10 Project > Automatic detection hard Configuration Issues (other stack areas) Business Logic Issues (a pplic a tio n dependa nt) Automatic detection feasible Validation/Sanitization Programming Practices
11 SCA Technology Limits > SCA is compile-time no runtime data > Runtime types unknown flow unclear > Execution environment not accessible > Code might be incomplete Results may not be fully accurate You ll have to know how to interpret results
12 Metrics & Terminology Code is Tool reports safe vulnerable True Negative False Negative Tool fails False sense of security nothing False Positive Vulnerability Waste of time & money True Positive
13 Where do Web Frameworks come in? > Web Frameworks omnipresent > Web Frameworks want to help you Figure out action based on URL Prepare user input to be easily accessible Separate Business Logic and Views > Magic happening in the background > A lot of runtime behavior that s opaque
14 Example: A Struts Request
15 What s the problem? > Reflection program can modify its structure and behavior at runtime > Static = Runtime type unknown > Where do I go from here? > Flow trace is > Potential for False broken / unclear Negative / Positive ((Action) Class.forName(??????????).newInstance()).execute(req); Class.forName("MyAction").newInstance()).execute(req);
16 What s the problem? > Invocation Sequence > Cross-Context-Propagation Servlet public void doget(httpservletrequest req, HttpServletResponse resp) { String user = req.getparameter("user"); req.setattribute("user_" + "data", user); req.setattribute(????????????????, getservletconfig().getservletcontext().getrequestdispatcher( "show.jsp").forward(req,resp);??????????).forward(req,resp); } JSP <p><%= request.getattribute(???????????) request.getattribute("user_data") %></p>
17 SCA Scan results > Tainted Source req.getparameter("user"); > Dataflow path String user = req.getparameter("user"); req.setattribute(????????????????, user); > Is this a sink? <%= request.getattribute(???????????) %> > Assume attribute is > Potential for False clean / tainted Negative / Positive
18 Summary of Flow Disruptions > URL invokes Actions Not obvious from source code: See XML > Actions forward to Views Not obvious from source code: See XML > Views output data from Action Cross-Context Propagation XML key to understanding the application SCA tool needs to understand framework!
19 Possible Solutions? > Require user to hardcode configuration > Tools hardcode support for framework > Dynamically translate magic into code
20 Glue Code Generation > Resolve reflection ambiguity <struts-config> <form-beans> <form-bean name="registrationform type="com.domain.form.registrationform" /> </form-beans> <action-mappings> <action attribute="registrationform input="registrationinput.jsp name="registrationform path="/registration" scope="request type="com.domain.action.registrationaction"> <forward name="success" path="/registrationsuccess.jsp" /> <forward name="fail" path="/registrationfail.jsp"/> </action> </action-mappings> </struts-config> RegistrationAction ra = new RegistrationAction(); ActionForward fwd = ra.execute( );
21 Glue Code Generation > Connect controller & views <struts-config> <form-beans> <form-bean name="registrationform type="com.domain.form.registrationform" /> </form-beans> <action-mappings> <action attribute="registrationform input="registrationinput.jsp name="registrationform path="/registration" scope="request type="com.domain.action.registrationaction"> <forward name="success" path="/registrationsuccess.jsp" /> <forward name="success" path="/registrationsuccess.jsp" /> <forward name="fail" path="/registrationfail.jsp"/> <forward name="fail" path="/registrationfail.jsp"/> </action> </action-mappings> </struts-config> RegistrationAction ra = new RegistrationAction(); ActionForward fwd = ra.execute( ); if ( ) { req.getrequestdispatcher("registrationsuccess.jsp").forward(req, res); } else { req.getrequestdispatcher("registrationfail.jsp").forward(req, res); }
22 Simple & Effective Workaround > No impact on implementation or code > Several Options Standalone (3rd party) infrastructure Bundled with tool > Not perfect, but easily extendable > Applicable to home-grown frameworks > Extends coverage of automatic analysis
23 Extended Coverage RegistrationAction ra = new RegistrationAction(); ActionForward fwd = ra.execute( ); public ActionForward execute(actionmapping map, ) { String firstname = req.getparameter("firstname"); req.setattribute("new_user", firstname); return map.findforward("success"); } if ( ) { req.getrequestdispatcher("registrationsuccess.jsp").forward(req, res); } else { req.getrequestdispatcher("registrationfail.jsp").forward(req, res); } Welcome <%= request.getattribute("new_user") %>!
24 Conclusion > You need to be aware of web security issues > Automation can help you. Know your tools > Frameworks make scanning hard > On the fly translation increases coverage
25 Christian Hang Armorize Technologies, Inc.
Frameworks & Security
Frameworks & Security How web frameworks kill your static security scans AppSec Research 2010 Christian Hang Armorize Technologies chris@armorize.com Copyright The Foundation Permission is granted to copy,
More informationOWASP 5/07/09. The OWASP Foundation OWASP Static Analysis (SA) Track Session 1: Intro to Static Analysis
Static Analysis (SA) Track Session 1: Intro to Static Analysis Eric Dalci Cigital edalci at cigital dot com 5/07/09 Copyright The Foundation Permission is granted to copy, distribute and/or modify this
More informationAppScan Deployment APPLICATION SECURITY SERVICES. Colin Bell. Applications Security Senior Practice Manager
APPLICATION SECURITY SERVICES AppScan Deployment Colin Bell Applications Security Senior Practice Manager Copyright 2017 HCL Products & Platforms www.hcltech.com The Evolution of Devops 2001 - Continuous
More informationWanted: Students to participate in a user study
Wanted: Students to participate in a user study Requirements: Know how to use the Eclipse IDE Knowledge in Java development Knowledge of static analysis is not required, but it is a plus Time: 2-3 hours
More informationStruts interview questions
Struts interview questions 1.What is MVC? Model-View-Controller (MVC) is a design pattern put together to help control change. MVC decouples interface from business logic and data. Model : The model contains
More informationFinding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
More informationThe Struts MVC Design. Sample Content
Struts Architecture The Struts MVC Design Sample Content The Struts t Framework Struts implements a MVC infrastructure on top of J2EE One Servlet acts as the Front Controller Base classes are provided
More informationWeb Applications (Part 2) The Hackers New Target
Web Applications (Part 2) The Hackers New Target AppScan Source Edition Terence Chow Advisory Technical Consultant An IBM Rational IBM Software Proof of Technology Hacking 102: Integrating Web Application
More informationIronWASP (Iron Web application Advanced Security testing Platform)
IronWASP (Iron Web application Advanced Security testing Platform) 1. Introduction: IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability
More informationJavaEE Interview Prep
Java Database Connectivity 1. What is a JDBC driver? A JDBC driver is a Java program / Java API which allows the Java application to establish connection with the database and perform the database related
More informationAndromeda: XSS Accurate and Scalable Security Analysis of Web Applications. OWASP* Top Ten Security Vulnerabilities. SQL Injection.
Andromeda: XSS Accurate and Scalable Security Analysis of Web Applications Attacker s evil script ... Omer Tripp Marco Pistoia Tel Aviv University & IBM IBM T. J. Watson Research Center
More informationMake My Day Just Run A Web Scanner
Make My Day Just Run A Web Scanner Countering the faults of typical web scanners through bytecode injection Toshinari Kureha, Fortify Software Agenda Problems With Black Box Testing Approaches To Finding
More informationSome Facts Web 2.0/Ajax Security
/publications/notes_and_slides Some Facts Web 2.0/Ajax Security Allen I. Holub Holub Associates allen@holub.com Hackers attack bugs. The more complex the system, the more bugs it will have. The entire
More informationF4F: Taint Analysis of Framework-based Web Applications
F4F: Taint Analysis of Framework-based Web Applications Manu Sridharan 1 Shay Artzi 1 Marco Pistoia 1 Sal Guarnieri 2 Omer Tripp 2,3 Ryan Berg 2 1 IBM Research 2 IBM Software Group 3 Tel-Aviv University
More informationWeb Applilicati tion S i ecur t ity SIRT Se u c i r ty ity T a r i aining April 9th, 2009
Web Application Security SIRT Security Training Tai i April 9 th, 2009 Introduction Philip Sears Application Development Manager Office of Mediated Education Kansas State University Technical Lead on K
More informationSecuring Software Applications Using Dynamic Dataflow Analysis. OWASP June 16, The OWASP Foundation
Securing Software Applications Using Dynamic Dataflow Analysis Steve Cook OWASP June 16, 2010 0 Southwest Research Institute scook@swri.org (210) 522-6322 Copyright The OWASP Foundation Permission is granted
More informationIs Your Web Application Really Secure? Ken Graf, Watchfire
Is Your Web Application Really Secure? Ken Graf, Watchfire What we will discuss today Pressures on the application lifecycle Why application security defects matter How to create hacker resistant business
More informationMemory Safety (cont d) Software Security
Memory Safety (cont d) Software Security CS 161: Computer Security Prof. Raluca Ada Popa January 17, 2016 Some slides credit to David Wagner and Nick Weaver Announcements Discussion sections and office
More informationWelcome To PhillyJUG. 6:30-7:00 pm - Network, eat, find a seat 7:00-7:15 pm - Brief announcements 7:15-8:30 pm - Tom Janofsky's presentation
Welcome To PhillyJUG 6:30-7:00 pm - Network, eat, find a seat 7:00-7:15 pm - Brief announcements 7:15-8:30 pm - Tom Janofsky's presentation Web Development With The Struts API Tom Janofsky Outline Background
More informationAdvanced Action Classes
CH05 8/21/03 8:22 AM Page 91 5 Advanced Action Classes In this chapter, we dig further into the Controller components of the Struts framework by covering the built-in Action classes that come with Struts.
More informationLecture 10. Pointless Tainting? Evaluating the Practicality of Pointer Tainting. Asia Slowinska, Herbert Bos. Advanced Operating Systems
Lecture 10 Pointless Tainting? Evaluating the Practicality of Pointer Tainting Asia Slowinska, Herbert Bos Advanced Operating Systems December 15, 2010 SOA/OS Lecture 10, Pointer Tainting 1/40 Introduction
More information2017, IBM Corporation Liberty z/os Good Practices. WebSphere Liberty z/os Applications and Application Deployment
WebSphere Liberty z/os Applications and Application Deployment 1 Objective of this Presentation Provide an understanding of the application types supported by Liberty Provide a general understanding of
More informationW e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s
W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s Session I of III JD Nir, Security Analyst Why is this important? ISE Proprietary Agenda About ISE Web Applications
More informationContinuously Discover and Eliminate Security Risk in Production Apps
White Paper Security Continuously Discover and Eliminate Security Risk in Production Apps Table of Contents page Continuously Discover and Eliminate Security Risk in Production Apps... 1 Continuous Application
More informationSecure Application Development. OWASP September 28, The OWASP Foundation
Secure Application Development September 28, 2011 Rohini Sulatycki Senior Security Consultant Trustwave rsulatycki@trustwave.com Copyright The Foundation Permission is granted to copy, distribute and/or
More informationCMPSC 497: Static Analysis
CMPSC 497: Static Analysis Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University Page 1 Our Goal In this course,
More informationStruts. P. O. Box Austin, TX Fax: +1 (801) (877) 866-JAVA
Struts P. O. Box 80049 Austin, TX 78708 Fax: +1 (801) 383-6152 information@middleware-company.com +1 (877) 866-JAVA Copyright 2002 Agenda In this presentation we will discuss: Struts Overview Where to
More informationUsing Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks
Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks Alex Orso with William Halfond and Pete Manolios Georgia Institute of Technology {orso whalfond manolios}@cc.gatech.edu
More information"Secure" Coding Practices Nicholas Weaver
"Secure" Coding Practices based on David Wagner s slides from Sp 2016 1 Administrivia Computer Science 161 Fall 2016 2 3 This is a Remarkably Typical C Problem Computer Science 161 Fall 2016 if ((options
More informationSecure Web App. 제목 : Secure Web Application v1.0 ( 채수민책임 ) Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 1 -
Secure Web App. Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 1 - Building & Testing Secure Web Applications By Aspect Security Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 2
More informationSimple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;
Simple Overflow 1 #include int main(void){ unsigned int num = 0xffffffff; printf("num is %d bits long\n", sizeof(num) * 8); printf("num = 0x%x\n", num); printf("num + 1 = 0x%x\n", num + 1); }
More informationProspex: Protocol Specification Extraction
Prospex: Protocol Specification Extraction Paolo Milani Comparetti paolo@iseclab.org, Vienna University of Technology Gilbert Wondracek gilbert@iseclab.org, Vienna University of Technology Christopher
More informationFinal Score Name SOLUTION ID Extra Credit. 15% of course grade
Final Score Name SOLUTION ID Extra Credit Section (circle one): TTh 8:00-9:20 TTh 9:30-10:50 TTh 11:00-12:20 15% of course grade 1. Inheritance When Java was developed, it was scrutinized since it only
More informationOPEN WEB APPLICATION SECURITY PROJECT OWASP TOP 10 VULNERABILITIES
OPEN WEB APPLICATION SECURITY PROJECT OWASP TOP 10 VULNERABILITIES What is the OWASP Top 10? A list of the top ten web application vulnerabilities Determined by OWASP and the security community at large
More informationappendix A: Working with Struts
appendix A: A1 A2 APPENDIX A From among the many Java-based web server frameworks available, we settled on a Struts/Hibernate/MySQL solution as our representative framework for developing enterprise-class
More informationaccess to a JCA connection in WebSphere Application Server
Understanding connection transitions: Avoiding multithreaded access to a JCA connection in WebSphere Application Server Anoop Ramachandra (anramach@in.ibm.com) Senior Staff Software Engineer IBM 09 May
More informationStatic analysis of PHP applications
Static analysis of PHP applications Ondřej Šerý DISTRIBUTED SYSTEMS RESEARCH GROUP http://dsrg.mff.cuni.cz CHARLES UNIVERSITY PRAGUE Faculty of Mathematics and Physics References G. Wassermann, Z. Su:
More informationHPE Security Fortify Plugins for Eclipse Software Version: Installation and Usage Guide
HPE Security Fortify Plugins for Eclipse Software Version: 16.10 Installation and Usage Guide Document Release Date: April 2016 Software Release Date: April 2016 Legal Notices Warranty The only warranties
More informationApplications. Cloud. See voting example (DC Internet voting pilot) Select * from userinfo WHERE id = %%% (variable)
Software Security Requirements General Methodologies Hardware Firmware Software Protocols Procedure s Applications OS Cloud Attack Trees is one of the inside requirement 1. Attacks 2. Evaluation 3. Mitigation
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationISSTA : Software Testing and Analysis TAJ: Effective Taint Analysis of Web Applications, PLDI 2009
Slide 1 Hybrid Security Analysis of Web JavaScript Code via Dynamic Partial Evaluation Omer Tripp, Pietro Ferrara, Marco Pistoia IBM Watson Research Center ISSTA 2014 ISSTA : Software Testing and Analysis
More informationAppendix C WORKSHOP. SYS-ED/ Computer Education Techniques, Inc.
Appendix C WORKSHOP SYS-ED/ Computer Education Techniques, Inc. 1 Preliminary Assessment Specify key components of WSAD. Questions 1. tools are used for reorganizing Java classes. 2. tools are used to
More informationJDBC [Java DataBase Connectivity]
JDBC [Java DataBase Connectivity] Introduction Almost all the web applications need to work with the data stored in the databases. JDBC is Java specification that allows the Java programs to access the
More informationSecurity Testing. John Slankas
Security Testing John Slankas jbslanka@ncsu.edu Course Slides adapted from OWASP Testing Guide v4 CSC 515 Software Security What is Security Testing? Validate security controls operate as expected What
More informationInline Reference Monitoring Techniques
Inline Reference Monitoring Techniques In the last lecture, we started talking about Inline Reference Monitors. The idea is that the policy enforcement code runs with the same address space as the code
More informationTexas Regional Infrastructure Security Conference (TRISC) Dan Cornell
Securing the SDLC: A Case Study Texas Regional Infrastructure Security Conference (TRISC) 2008 Dan Cornell April 22, 2008 Agenda Denim Group introduction and background The problem: Integrate security
More informationEnhanced Pushdown Automaton based Static Analysis for Detection of SQL Injection Hotspots in Web Application
Indian Journal of Science and Technology, Vol 9(8), DOI: 10.17485/ijst/016/v9i8/97808, July 016 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 Enhanced down Automaton based Static Analysis for Detection
More informationICSE MET 17 Keynote. Metamorphic Testing: Beyond Testing Numerical Computations
ICSE MET 17 Keynote Metamorphic Testing: Beyond Testing Numerical Computations Dr. Zhi Quan (George) Zhou Associate Professor University of Wollongong Australia zhiquan@uow.edu.au 1 Why this topic? Observation:
More informationCreating Web Application with BEA WebLogic Workshop. Jeff (Yefim) Zhuk
Creating Web Application with BEA WebLogic Workshop Jeff (Yefim) Zhuk author of the book Integration-Ready Architecture and Design by Cambridge University Press Software Engineering With XML, Java,.NET,
More informationServlet for Json or CSV (or XML) A servlet serving either Json or CSV (or XML) based on GET parameter - This version uses org.json
Servlet for Json or CSV (or XML) A servlet serving either Json or CSV (or XML) based on GET parameter - This version uses org.json A Servlet used as an API for data Let s say we want to write a Servlet
More informationProtect your apps and your customers against application layer attacks
Protect your apps and your customers against application layer attacks Development 1 IT Operations VULNERABILITY DETECTION Bots, hackers, and other bad actors will find and exploit vulnerabilities in web
More informationLanguage Security. Lecture 40
Language Security Lecture 40 (from notes by G. Necula) Prof. Hilfinger CS 164 Lecture 40 1 Lecture Outline Beyond compilers Looking at other issues in programming language design and tools C Arrays Exploiting
More informationFortify Software Security Content 2017 Update 4 December 15, 2017
Software Security Research Release Announcement Micro Focus Security Fortify Software Security Content 2017 Update 4 December 15, 2017 About Micro Focus Security Fortify SSR The Software Security Research
More informationPage 1
Java 1. Core java a. Core Java Programming Introduction of Java Introduction to Java; features of Java Comparison with C and C++ Download and install JDK/JRE (Environment variables set up) The JDK Directory
More informationCONTRAST ASSESS MARKET-DEFINING APPLICATION SECURITY TESTING FOR MODERN AGILE AND DEVOPS TEAMS WHITEPAPER
WHITEPAPER CONTRAST ASSESS MARKET-DEFINING APPLICATION SECURITY TESTING FOR MODERN AGILE AND DEVOPS TEAMS WELCOME TO THE ERA OF SELF-PROTECTING SOFTWARE CONTRASTSECURITY.COM CONTENTS What is Interactive
More informationWHITEHAT SECURITY. T.C. NIEDZIALKOWSKI Technical Evangelist. DECEMBER 2012
WHITEHAT SECURITY DECEMBER 2012 T.C. NIEDZIALKOWSKI Technical Evangelist tc@whitehatsec.com WhiteHat Security Company Overview Headquartered in Santa Clara, CA WhiteHat Sentinel SaaS end-to-end website
More informationApplication Layer Security
Application Layer Security General overview Ma. Angel Marquez Andrade Benefits of web Applications: No need to distribute separate client software Changes to the interface take effect immediately Client-side
More informationThe Basic Web Server CGI. CGI: Illustration. Web based Applications, Tomcat and Servlets - Lab 3 - CMPUT 391 Database Management Systems 4
CMPUT 391 Database Management Systems The Basic Web based Applications, - - CMPUT 391 Database Management Systems Department of Computing Science University of Alberta CMPUT 391 Database Management Systems
More informationLarge Scale Generation of Complex and Faulty PHP Test Cases
Large Scale Generation of Complex and Faulty PHP Test Cases Bertrand STIVALET Elizabeth FONG ICST 2016 Chicago, IL, USA April 15th, 2016 http://samate.nist.gov Authors Bertrand STIVALET National Institute
More informationSHIFTLEFT OCULAR THE CODE PROPERTY GRAPH
SHIFTLEFT OCULAR INTRODUCTION ShiftLeft Ocular offers code auditors the full range of capabilities of ShiftLeft s best-in-class static code analysis 1, ShiftLeft Inspect. Ocular enables code auditors to
More informationSecurity issues. Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith
Security issues Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith Criteria D3 D3 Recommend ways to improve web security when using web server scripting Clean browser input Don
More informationSecure Programming Techniques
Secure Programming Techniques Meelis ROOS mroos@ut.ee Institute of Computer Science Tartu University spring 2014 Course outline Introduction General principles Code auditing C/C++ Web SQL Injection PHP
More informationOne-Slide Summary. Lecture Outline. Language Security
Language Security Or: bringing a knife to a gun fight #1 One-Slide Summary A language s design principles and features have a strong influence on the security of programs written in that language. C s
More informationImportant Points to Note
Important Points to Note All Participating colleges are requested to mute your telephone lines during the webinar session. Participants are requested to make note of questions / responses to questions,
More informationExpeditor Client for Desktop. Web Container and Web Applications
Expeditor Client for Desktop and Applications Expeditor Client for Desktop Contents This presentation covers these topics: Application capabilities application infrastructure Plug-in descriptions applications
More informationGenerating String Attack Inputs Using Constrained Symbolic Execution. presented by Kinga Dobolyi
Generating String Attack Inputs Using Constrained Symbolic Execution presented by Kinga Dobolyi What is a String Attack? Web applications are 3 tiered Vulnerabilities in the application layer Buffer overruns,
More informationThe Ultimate Windows 10 Hardening Guide: What to Do to Make Hackers Pick Someone Else
The Ultimate Windows 10 Hardening Guide: What to Do to Make Hackers Pick Someone Else Paula Januszkiewicz CQURE: CEO, Penetration Tester CQURE Offices: New York, Dubai, Warsaw MVP: Enterprise Security,
More informationTaming Bugs. Paul Böhm. The Art and Science of writing secure Code.
Taming Bugs The Art and Science of writing secure Code Paul Böhm http://www.sec-consult.com/ Overview This talk is about code-based Defense Strategies against Security Vulnerabilties If your Code is broken,
More informationThis course is intended for Java programmers who wish to write programs using many of the advanced Java features.
COURSE DESCRIPTION: Advanced Java is a comprehensive study of many advanced Java topics. These include assertions, collection classes, searching and sorting, regular expressions, logging, bit manipulation,
More informationTools for Security Testing
Tools for Security Testing 2 Due to cloud and mobile computing, new security breaches occur daily as holes are discovered and exploited. Security Testing Tools-When, What kind and Where Due to cloud and
More informationStatic Analysis. Systems and Internet Infrastructure Security
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Static Analysis Trent
More informationTaming Bugs. Paul Böhm. The Art and Science of writing secure Code.
Taming Bugs The Art and Science of writing secure Code Paul Böhm http://www.sec-consult.com/ Overview This talk is about code-based Defense Strategies against Security Vulnerabilties If your Code is broken,
More informationType of Classes Nested Classes Inner Classes Local and Anonymous Inner Classes
Java CORE JAVA Core Java Programing (Course Duration: 40 Hours) Introduction to Java What is Java? Why should we use Java? Java Platform Architecture Java Virtual Machine Java Runtime Environment A Simple
More informationDevelopment*Process*for*Secure* So2ware
Development*Process*for*Secure* So2ware Development Processes (Lecture outline) Emphasis on building secure software as opposed to building security software Major methodologies Microsoft's Security Development
More informationAutomated Assessment Tools
Automated Assessment Tools Barton P. Miller Computer Sciences Department University of Wisconsin bart@cs.wisc.edu Elisa Heymann Computer Sciences Department University of Wisconsin & Universitat Autònoma
More informationgfuzz: An instrumented Web application fuzzing environment Ezequiel D. Gutesman Corelabs Core Security Technologies
gfuzz: An instrumented Web application fuzzing environment Ezequiel D. Gutesman Corelabs Core Security Technologies Objectives Present a working tool (prototype-poc) to test the security of a given web
More informationOWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP
OWASP Top 10 Risks Dean.Bushmiller@ExpandingSecurity.com Many thanks to Dave Wichers & OWASP My Mom I got on the email and did a google on my boy My boy works in this Internet thing He makes cyber cafes
More informationEmbedded SQL. csc343, Introduction to Databases Diane Horton with examples from Ullman and Widom Fall 2014
Embedded SQL csc343, Introduction to Databases Diane Horton with examples from Ullman and Widom Fall 2014 Problems with using interactive SQL Standard SQL is not Turing-complete. E.g., Two profs are colleagues
More informationManaging an Application Vulnerability Management Program in a CI/CD Environment. March 29, 2018 OWASP Vancouver - Karim Lalji 1
Managing an Application Vulnerability Management Program in a CI/CD Environment March 29, 2018 OWASP Vancouver - Karim Lalji 1 About Me Karim Lalji Managing Security Consultant (VA/PT) at TELUS Previously:
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationHPE Security Fortify Audit Workbench Software Version: User Guide
HPE Security Fortify Audit Workbench Software Version: 16.10 User Guide Document Release Date: April 2016 Software Release Date: April 2016 Legal Notices Warranty The only warranties for Hewlett Packard
More informationWeb Application & Web Server Vulnerabilities Assessment Pankaj Sharma
Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web Applications?
More informationString Analysis for the Detection of Web Application Flaws
String Analysis for the Detection of Web Application Flaws Luca Carettoni l.carettoni@securenetwork.it Claudio Merloni c.merloni@securenetwork.it CONFidence 2007 - May 12-13, Kraków, Poland 04/05/07 1
More informationIntegration of the softscheck Security Testing Process into the V-Modell
Integration of the softscheck Security Testing Process into the V-Modell Wilfried Kirsch, Prof. Dr. Hartmut Pohl softscheck GmbH Köln Büro: Bonnerstr. 108. 53757 Sankt Augustin www. softscheck.com Products
More informationcom Spring + Spring-MVC + Spring-Boot + Design Pattern + XML + JMS Hibernate + Struts + Web Services = 8000/-
www.javabykiran. com 8888809416 8888558802 Spring + Spring-MVC + Spring-Boot + Design Pattern + XML + JMS Hibernate + Struts + Web Services = 8000/- Java by Kiran J2EE SYLLABUS Servlet JSP XML Servlet
More informationJAVA MICROSERVICES. Java Language Environment. Java Set Up. Java Fundamentals. Packages. Operations
Java Language Environment JAVA MICROSERVICES Object Oriented Platform Independent Automatic Memory Management Compiled / Interpreted approach Robust Secure Dynamic Linking MultiThreaded Built-in Networking
More informationPENETRATION TEST REPORT
PENETRATION TEST REPORT for Jigsaw LLC V1.0 Amsterdam November 28th, 2017 1/10 Radically Open Security B.V. - Chamber of Commerce 60628081 Document Properties Client Title Targets Version 1.0 Pentesters
More informationSafety Checks and Semantic Understanding via Program Analysis Techniques
Safety Checks and Semantic Understanding via Program Analysis Techniques Nurit Dor Joint Work: EranYahav, Inbal Ronen, Sara Porat Goal Find properties of a program Anti-patterns that indicate potential
More informationShiftLeft. Real-World Runtime Protection Benchmarking
ShiftLeft Real-World Runtime Protection Benchmarking Table of Contents Executive Summary... 02 Testing Approach... 02 ShiftLeft Technology... 04 Test Application... 06 Results... 07 SQL injection exploits
More informationSecure Programming Lecture 15: Information Leakage
Secure Programming Lecture 15: Information Leakage David Aspinall 21st March 2017 Outline Overview Language Based Security Taint tracking Information flow security by type-checking Summary Recap We have
More informationStudents should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:
Secure Java Web Application Development Lifecycle - SDL (TT8325-J) Day(s): 5 Course Code: GK1107 Overview Secure Java Web Application Development Lifecycle (SDL) is a lab-intensive, hands-on Java / JEE
More informationxcommand Table of contents Sven Ehrke extended command pattern (for Java) Introduction... 1 How others do it
xcommand extended command pattern (for Java) Sven Ehrke (sven.ehrke@web.de) 10.08.2006 Table of contents Introduction... 1 How others do it... 1 Struts... 2 Webwork... 3 Restlet... 3 Spring MVC... 4 Servlet
More informationCIS 700/002 : Special Topics : OWASP ZED (ZAP)
CIS 700/002 : Special Topics : OWASP ZED (ZAP) Hitali Sheth CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of
More informationCYBERSECURITY PENETRATION TESTING - INTRODUCTION
CYBERSECURITY PENETRATION TESTING - INTRODUCTION Introduction Pen-testing 101 University Focus Our Environment Openness and learning Sharing and collaboration Leads to Security Weaknesses What is Penetration
More informationWeb Application Threats and Remediation. Terry Labach, IST Security Team
Web Application Threats and Remediation Terry Labach, IST Security Team IST Security Team The problem While we use frewalls and other means to prevent attackers from access to our networks, we encourage
More informationTesting Web Database Applications. Yuetang Deng Phyllis Frankl Jiong Wang
Testing Web Database Applications Yuetang Deng Phyllis Frankl Jiong Wang Outline Introduction Techniques for testing Web Database applications Example Tool Preliminary experiment based on TPC-W benchmark
More informationDEFENSIVE PROGRAMMING. Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology
DEFENSIVE PROGRAMMING Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology Traditional Programming When writing a program, programmers typically
More informationBlack Box Testing. EEC 521: Software Engineering. Specification-Based Testing. No Source Code. Software Testing
Black Box Testing EEC 521: Software Engineering Software Testing Black-Box Testing Test-Driven Development Also known as specification-based testing Tester has access only to running code and the specification
More informationBinary Static Analysis. Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116
Binary Static Analysis Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116 Bio Chris Wysopal, Veracode s CTO and Co- Founder, is responsible for the company s software
More informationTIBCO Silver Fabric Enabler for ActiveMatrix BPM Release Notes
TIBCO Silver Fabric Enabler for ActiveMatrix BPM Release Notes Software Release 1.2.0 August 2014 Two-Second Advantage Important Information SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE.
More information