Scribd Logo
Upload

Welcome to Scribd!

  • 27 views

    Vulnerable Web Application

    Uploaded by

    Prasoon
    This document describes a project to create a "Vulnerable Web Application" registry by Nikhil Kumar Singh, Prasoon Gupta, and Vaibhav Singh under the guidance of Dr. Raju Ranjan. The registry would maintain a comprehensive list of known vulnerable web applications, both past and present, to help web developers, security auditors, penetration testers, and students. It would categorize vulnerabilities like command execution, file inclusion, SQL injection, and cross-site scripting. The registry aims to help eliminate SQL injection attacks, cross-site scripting, and cross-site request forgery. Tools like HTML, Java, JavaScript, PHP, and CSS could be required. It also describes how SQL injections,

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Vulnerable Web Application

    Uploaded by

    Prasoon
    27 views10 pages
    This document describes a project to create a "Vulnerable Web Application" registry by Nikhil Kumar Singh, Prasoon Gupta, and Vaibhav Singh under the guidance of Dr. Raju Ranjan. The registry would maintain a comprehensive list of known vulnerable web applications, both past and present, to help web developers, security auditors, penetration testers, and students. It would categorize vulnerabilities like command execution, file inclusion, SQL injection, and cross-site scripting. The registry aims to help eliminate SQL injection attacks, cross-site scripting, and cross-site request forgery. Tools like HTML, Java, JavaScript, PHP, and CSS could be required. It also describes how SQL injections,

    Original Description:

    Original Title

    Pre

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document describes a project to create a "Vulnerable Web Application" registry by Nikhil Kumar Singh, Prasoon Gupta, and Vaibhav Singh under the guidance of Dr. Raju Ranjan. The registry would maintain a comprehensive list of known vulnerable web applications, both past and present, to help web developers, security auditors, penetration testers, and students. It would categorize vulnerabilities like command execution, file inclusion, SQL injection, and cross-site scripting. The registry aims to help eliminate SQL injection attacks, cross-site scripting, and cross-site request forgery. Tools like HTML, Java, JavaScript, PHP, and CSS could be required. It also describes how SQL injections,

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    27 views10 pages

    Vulnerable Web Application

    Uploaded by

    Prasoon
    This document describes a project to create a "Vulnerable Web Application" registry by Nikhil Kumar Singh, Prasoon Gupta, and Vaibhav Singh under the guidance of Dr. Raju Ranjan. The registry would maintain a comprehensive list of known vulnerable web applications, both past and present, to help web developers, security auditors, penetration testers, and students. It would categorize vulnerabilities like command execution, file inclusion, SQL injection, and cross-site scripting. The registry aims to help eliminate SQL injection attacks, cross-site scripting, and cross-site request forgery. Tools like HTML, Java, JavaScript, PHP, and CSS could be required. It also describes how SQL injections,

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 10

    Vulnerable Web Application

    By-
    Nikhil Kumar Singh - 1713114028 17SCSE114026
    Prasoon Gupta - 1713113006 17SCSE1144067
    Vaibhav Singh - 1713114052 17SCSE114057
    Info and Intro
    • Here’s an overview of out selected topic
    for project development that is
    ‘Vulnerable Web Application’

    • The project is developed together by


    ‘Nikhil Kumar Singh’, ‘Prasoon Gupta’,
    ‘Vaibhav Singh’ under the guidance and
    mentorship of ‘Dr. Raju Ranjan’.
    About this development
    • ‘Vulnerable Web Application’ is all about
    – a comprehensive and well maintained registry
    of all known vulnerable web applications
    currently available present and past, we can
    also forecast upcoming threats and menace.
    – ‘Vulnerable Web Application’ must be used for
    demonstration and educational process only.
    This is useful for
    • These vulnerable web applications is used
    by
    – web developers,
    – security auditors,
    – penetration testers,
    – instructors, trainers and students.
    Here are list of some relevant keywords
    • ‘Vulnerable’,
    • ‘Application’,
    • ‘OSWAP’,
    • ‘security’,
    • ‘threats’,
    • ‘practice’,
    • ‘test’,
    • ‘deployment’,
    • ‘cybersecurity’,
    • ‘attack’
    What is?
    • Vulnerable-Web-Application is a website that is
    prepared for people who are interested in web
    penetration and who want to have information
    about this subject or to be working.

    • Vulnerable-Web-Application categorically
    includes Command Execution, File Inclusion,
    File Upload, SQL and XSS. For database-
    requiring categories,
    Helpful for eliminating
    • i. SQL Injection Attacks
    • ii. Cross-Site Scripting (XSS)
    • iii. Cross-Site Request Forgery (CSRF)
    Some of tools required are
    • HTML
    • Java
    • JavaScript
    • PHP
    • CSS
    Working mechanism
    • SQL Injections can be prevented by simply filtering
    inputs properly and thinking about whether an input can
    be trusted.

    • Cross-Site Scripting can be prevented by not


    returning HTML tags to client. This has the added
    benefit of defending against HTML injection

    • Cross Site Request Forgery can be prevented by


    storing a secret token in a hidden form field which is
    inaccessible from the 3rd party site.
    That was our presentation

    Thank-You
    for providing us with time and supplying with
    all knowledge and material required.
    We the members of group #BT 7203 hereby
    are making sure that all the work is original
    and all slides are self-made.
    That’s all

    You might also like