3 widely used types of attacks on web software
TRANSCRIPT
3 Widely Used Types of
Attacks on Web Software
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
3 Widely Used Types of Attacks on
Web Software
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
Nowadays software products, in particularly web-based ones, are widely utilized in almost all the business segments and leisure.
3 Widely Used Types of Attacks on
Web Software
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
Web apps allow to buy goods, manage various processes, perform money transactions, etc. They attract attention of hackers because they process confidential data. That is why any web site testing, desktop testing and mobile testing should allocate substantial time on thorough security testing and discovering the system vulnerabilities.
Experts in Web Software Security Mention Such Widely Applied Types of Cyber-Attacks:
1
2
3
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
SQL injection
Cross-site scripting or XSS
Manipulations with URL
SQL Injection
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
Computer burglars inject SQL commands into an SQL queries through the web software user interface. The server executes the query and allows the malicious user to steal or alter data in the web application database.
Cross-site scripting or XSS
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
This popular type of web software vulnerabilities allows hackers to insert malicious code into the UI of web software so that the inserted elements can be seen by other users. The code runs, when a user opens the page, and interacts with the web server providing the hacker access to the application data.
Manipulations with URL
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
Web software often transfers data from the browser running on the client computer to the server and vice versa by means of URL. Change in the URL may give access to the system data if this type of vulnerability is not revealed during manual or automated testing.
Office in UkrainePhone: +380 (472) 5-61-6-51E-mail: [email protected]: 154a, Borschagivska str., Kiev, Ukrainehttp://qatestlab.com/
Thank You for Your Attention