|
|
Tool for SQL Injection Vulnerability Detection
Kutypa, Matouš ; Samek, Jan (referee) ; Barabas, Maroš (advisor)
The Bachelor thesis is focused on the issue of SQL injection vulnerabilities. The thesis presents commonly used procedures in the attacks against information systems and are also discussed possibilities of defense including the correct ways of input validation. The theoretical part contains the essential foundation of what should the penetration tester know, to be able to examine the inputs of application for SQL injection vulnerability. The thesis also describes analysis, design and implementation of specialized tool for Web application vulnerability detection. The implemented tool was tested and compared with other existing tools. Within the thesis has been also implemented a Web application, which demonstrates many different variants of SQL injection vulnerable inputs.
|
|
| |
|
|
Application displaying the course of cyber attacks
Safonov, Yehor ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
Nowadays, the safety of end stations is a topical issue. The complexity of the programming equipment of the computing systems brings about a greater probability of creating vulnerabilities, which could be used as a new anchor point for possible attacks aimed at endpoint computers or the whole company infrastructure. One of the main goals of this bachelor thesis is to create an instrument that would allow system administrators to perform more effective analysis and countermeasures directed to prevent the emergence of negative threats. From a theoretical point of view, the bachelor thesis will focus on the most common attacks on modern operating systems with an emphasis on Windows. It will then deal with the problematics of malicious code, especially with the principles of its operation, specific features and current trends. In the practical part, focus will be placed on the implementation of a robust application that will become a part of the project that is currnetly being developed in TrustPort company. In the beginning, the bachelor thesis is going to analyze different use cases of the application. Further it will make comparisons between different graphical representations, which could be displayed. Subsequently, the thesis is going to define the sets of functional, non-functional and critical requirements for the implementation as to create a concept of future application, specifically its architecture and user interface. During the next step a plan of the implementation of the proposed application is going to be presented. This plan is logically divided into several stages for better understanding. According to the implemented parts, the functionality of the application will be tested on the most commonly detected user attacks. At the end of the work, possible expansion, improvements and a concise conclusion will be stated.
|
|
| |
|
|
Application displaying the course of cyber attacks
Safonov, Yehor ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
Nowadays, the safety of end stations is a topical issue. The complexity of the programming equipment of the computing systems brings about a greater probability of creating vulnerabilities, which could be used as a new anchor point for possible attacks aimed at endpoint computers or the whole company infrastructure. One of the main goals of this bachelor thesis is to create an instrument that would allow system administrators to perform more effective analysis and countermeasures directed to prevent the emergence of negative threats. From a theoretical point of view, the bachelor thesis will focus on the most common attacks on modern operating systems with an emphasis on Windows. It will then deal with the problematics of malicious code, especially with the principles of its operation, specific features and current trends. In the practical part, focus will be placed on the implementation of a robust application that will become a part of the project that is currnetly being developed in TrustPort company. In the beginning, the bachelor thesis is going to analyze different use cases of the application. Further it will make comparisons between different graphical representations, which could be displayed. Subsequently, the thesis is going to define the sets of functional, non-functional and critical requirements for the implementation as to create a concept of future application, specifically its architecture and user interface. During the next step a plan of the implementation of the proposed application is going to be presented. This plan is logically divided into several stages for better understanding. According to the implemented parts, the functionality of the application will be tested on the most commonly detected user attacks. At the end of the work, possible expansion, improvements and a concise conclusion will be stated.
|
|
|
Tool for SQL Injection Vulnerability Detection
Kutypa, Matouš ; Samek, Jan (referee) ; Barabas, Maroš (advisor)
The Bachelor thesis is focused on the issue of SQL injection vulnerabilities. The thesis presents commonly used procedures in the attacks against information systems and are also discussed possibilities of defense including the correct ways of input validation. The theoretical part contains the essential foundation of what should the penetration tester know, to be able to examine the inputs of application for SQL injection vulnerability. The thesis also describes analysis, design and implementation of specialized tool for Web application vulnerability detection. The implemented tool was tested and compared with other existing tools. Within the thesis has been also implemented a Web application, which demonstrates many different variants of SQL injection vulnerable inputs.
|
guest ::
