Skip to content

secjedi/SecurityTesting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
inventory-management-system-project
inventory-management-system-project
 
 
sanitized _pages
sanitized _pages
 
 
Buffer_Overflow_Attack.pdf
Buffer_Overflow_Attack.pdf
 
 
Client side Filtering.pdf
Client side Filtering.pdf
 
 
Integer_Overflow_Attack.pdf
Integer_Overflow_Attack.pdf
 
 
InventoryManagementReport.pdf
InventoryManagementReport.pdf
 
 
README.md
README.md
 
 
WebGoat SQL Injection Assignment 3.pdf
WebGoat SQL Injection Assignment 3.pdf
 
 
XSS_Attack.pdf
XSS_Attack.pdf
 
 
convert_to_images.py
convert_to_images.py
 
 
project.png
project.png
 
 
project2.png
project2.png
 
 
project3.png
project3.png
 
 
sql_mitigation.pdf
sql_mitigation.pdf
 
 

Repository files navigation

SecurityTesting

This repository contains the reports of some of the exercises and project done in my Security course.
In this course we explored the OWASP top ten web application security vulnerabities in systems and wep applications. We exploited and added relevant patches where necessary. We used tools like OWASP Zap, explored web automation framweworks like selenium and static taint analysis on codes.
Some of the reports found in this repo are reports on attacks and exploitation like Buffer Overflow, Integer overflow, Sql Injection, XSS, XSRF, Exploiting hidden URL. It also includes test automation using Selenium with Java to automate True positive vulnerabilities found on a web app.

For the XRSF attack go to: https://medium.com/@evidencemonday/webgoat-cross-site-request-forgery-solution-1c069985e80f
The project for this course was on finding, exploiting vulnerabilty in an inventory management system web application, performing static analysis on the code and patching the vulnerabities.

Inventory managenment System Outlook
Injecting payload
Exploit shown on page

About

This repository contains the reports of some of the exercises and project done in my Security course. It includes reports on attacks and exploitation like Buffer Overflow, Integer overflow, Sql Injection, XSS, XSRF. It also includes test automation using Selenium with Java to automate True positive vulnerabilities found on a web app.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages