Penetrační testování webových aplikací

Thumbnail Image

Files

HUC0019_FEI_N2647_1801T064_2018.pdf (3.01 MB)
HUC0019_FEI_N2647_1801T064_2018_priloha.zip (79.16 MB)
HUC0019_FEI_N2647_1801T064_2018_posudek_vedouci_Plucar_Jan.pdf (51.31 KB)
HUC0019_FEI_N2647_1801T064_2018_posudek_oponent_Zelinka_Ivan.pdf (46.92 KB)

Downloads

1

Date issued

2018

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Vysoká škola báňská - Technická univerzita Ostrava

Location

Signature

Abstract

This work addresses problematics of web application security. At the beginning of the thesis is the research of the current state of penetration testing. The theoretical part of work describes the concept of penetration testing itself, its types, advantages and disadvantages as well as several standards that are closely related to this type of security testing. Part of the thesis is also an analysis of several reports on vulnerabilities in web applications, from which the most frequent ones are selected. All the selected vulnerabilities are described in theory and then practically demonstrated on a prepared web application where defense mechanisms are also presented. The output of this work is a simple penetration tool and set of recommendations for a secure web application implementation.

Description

Subject(s)

web application securit, common vulnerabilities, Cross Site Scripting, File Inclusion, OS Command Injection, Path Traversal, penetration testing, SQL Injection, penetration testing standards, input validation

Citation

Item identifier

http://hdl.handle.net/10084/128326

Collections

Vysokoškolské kvalifikační práce Fakulty elektrotechniky a informatiky / Theses and dissertations of Faculty of Electrical Engineering and Computer Science (FEI)