Home Information Systems Demonstrate your knowledge of testing security controls aligned with Input validation and business logic. You will also use the recommended OWASP testing guide reporting format to report your test findings

Demonstrate your knowledge of testing security controls aligned with Input validation and business logic. You will also use the recommended OWASP testing guide reporting format to report your test findings

Author:

March 24th, 2022

Note: RECOMMENDED ONLY TO A CYBER SECURITY TUTOR IN THIS FIELD PERIOD. PLEASE …READ THE ASSIGNMENT FULLY BEFORE CONTACTING ME!

Using the readings from weeks 7 and 8 as a baseline, analyze, test and document the results for the tutoring web application found on the SDEV virtual machine. ( I PREFER USING YOUR OWN VM HERE CAUSE I WOULDN’T SHARE PERSONAL INFO) Use both manual means and automated tools (e.g., ZAP). The latter will enable you to discover more information than a cursory manual examination. Specific tests to be conducted include:

1. Testing for Reflected Cross site scripting (OTG-INPVAL-001)  What is the importance of testing for this vulnerability?  How many occurrences of the vulnerability did an automated scan discover?  What is your recommendation to address any issues?  Can you place a simple JavaScript alert (e.g., DeleteSession.php as an example)?

2. Testing for Stored Cross site scripting (OTG-INPVAL-002)

 What is the importance of testing for this vulnerability?  What happens when you attempt to add a pop-up window (e.g., <script>alert(document.cookie)</script>) to the email input field within the “index.html” field?  Can you introduce Stored Cross site scripting?

3. Testing for SQL Injection (OTG-INPVAL-005)  Did your manual and automated testing discover any SQL Injection vulnerabilities – if so, how many? (Note: There should be at least one occurrence).  Name two or more steps you can take according to the reading to resolve the issue.  Fix and test at least one occurrence of the vulnerabilities – displaying your resulting source code and output results.

4. Testing for Code Injection (OTG-INPVAL-012)  What is the importance of testing for this vulnerability?  What are at least two measures you can take to remediate this issue?  Can you input some simple html code or exploit Remote File Inclusion (RFI)?

5. Test business logic data validation (OTG-BUSLOGIC-001)



 What are at least two examples of business logic errors? This could be from various input forms or areas you discovered in previous HW assignments.  How can you mitigate against such errors?

6. Test integrity checks (OTG-BUSLOGIC-003)  Do Drop down menus exist and are they sufficient for the application? Why does the use of drop-down menus help mitigate against this risk?  Does your manual or automated scan reveal the use of password “AUTOCOMPLETE”? What issue, if any, does the use of AUTOCOMPLETE pose?

7. Test defenses against application misuse (OTG-BUSLOGIC-007)



 What is the importance of testing for this vulnerability?  Can adding additional characters in input fields cause unexpected results? Verify for at least two instances.

General Guidelines

You should document the results for the tests, your comments, and recommendations for improved security for each security control tested in a word or PDF document. The format of your document should be the format that is recommended in chapter 5 of the OWASP testing guide. Provide screen captures and descriptions of your tests conducted. Discuss any issues found and possible mitigations.

Deliverables:

You should submit your document by the due date. Your document should be well-organized, use the OWASP recommended reporting format, include all references used and contain minimal spelling and grammar errors.

MUST FOLLOW THE ATTACHED GRADING RUBRIC:

Calculate the price

Make an order in advance and get the best price

Type of paper

Academic level

Deadline

Pages (550 words)

$0.00

*Price with a welcome 15% discount applied.

Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.

We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.

How it works

Receive a 100% original paper that will pass Turnitin from a top essay writing service

step 1

Upload your instructions

Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.

step 2

Control the process

Once you place an order with our professional essay writing services, we will email you login details to your account. There, you'll communicate with the writer and support team and track the writer's progress.

step 3

Download your paper on time

As soon as your work is ready, we’ll notify you via email. You'll then be able to download it from your account and request a revision if needed. Please note that you can also rate the writer's work in your account.

Pro service tips

How to get the most out of your experience with Homework Mules

One writer throughout the entire course

If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.

The same paper from different writers

You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."

Copy of sources used by the writer

Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.

Testimonials

See why 20k+ students have chosen us as their sole writing assistance provider

Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.

Political science

Thank you!

Customer 452701, February 12th, 2023

Business Studies

Great paper thanks!

Customer 452543, January 23rd, 2023

Finance

Thank you very much!! I should definitely pass my class now. I appreciate you!!

Customer 452591, June 18th, 2022

Psychology

Thank you. I will forward critique once I receive it.

Customer 452467, July 25th, 2020

Political science

I like the way it is organized, summarizes the main point, and compare the two articles. Thank you!

Customer 452701, February 12th, 2023

Psychology

I requested a revision and it was returned in less than 24 hours. Great job!

Customer 452467, November 15th, 2020

Education

Thank you so much, Reaserch writer. you are so helpfull. I appreciate all the hard works. See you.

Customer 452701, February 12th, 2023

Technology

Thank you for your work

Customer 452551, October 22nd, 2021

Accounting

Thank you for your help. I made a few minor adjustments to the paper but overall it was good.

Customer 452591, November 11th, 2021

11,595

Customer reviews in total

96%

Current satisfaction rate

3 pages

Average paper length

37%

Customers referred by a friend

OUR GIFT TO YOU

15% OFF your first order

Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.

Claim my 15% OFF Order in Chat