|
|
MCUXpresso Web application security
Mittaš, Tomáš ; Heriban, Pavel (referee) ; Roupec, Jan (advisor)
This thesis deals with testing of the security of web application MCUXpresso Web SDK Builder using ethical hacking techniques and tools. At the beginning, the history of ethical hacking and structure of web applications are briefly mentioned. The thesis then analyses the application itself from the user’s point of view, its parts before logging in and after logging in and the operation of this application. The following is a list of the most common vulnerabilities and weaknesses found in web applications to understand any vulnerabilities found. Furthemore, the thesis deals with the techniques and tools of web application security and compares them. The penultimate chapter deals with the use of Analysis and vulnerability scanning technique on the application MCUXpresso Web SDK Builder. Finally, an application security test plan is designed, while part of this plan is automated.
|
|
|
MCUXpresso Web application security
Mittaš, Tomáš ; Heriban, Pavel (referee) ; Roupec, Jan (advisor)
This thesis deals with testing of the security of web application MCUXpresso Web SDK Builder using ethical hacking techniques and tools. At the beginning, the history of ethical hacking and structure of web applications are briefly mentioned. The thesis then analyses the application itself from the user’s point of view, its parts before logging in and after logging in and the operation of this application. The following is a list of the most common vulnerabilities and weaknesses found in web applications to understand any vulnerabilities found. Furthemore, the thesis deals with the techniques and tools of web application security and compares them. The penultimate chapter deals with the use of Analysis and vulnerability scanning technique on the application MCUXpresso Web SDK Builder. Finally, an application security test plan is designed, while part of this plan is automated.
|
|
|
Tool creation for an automated penetration testing of web applications
Kiezler, Tomáš ; Hradil, Jiří (advisor) ; Pavlíček, Luboš (referee)
This thesis focuses on security of web applications, which can be measured by the results of penetration testing. In the theoretical section of this study individual methods of how the testing can be performed are outlined. This study then outlines the advantages and disadvantages of automated testing compared to manual testing, and the tools which incorporate automated scanning for security of web applications are scrutinized. Statistics of security risk occurrences found on the Czech Internet are also included. The practical part depicts the creation of a tool for automated testing, written in the most frequently used programming language in web development, that will be able to detect the most common weaknesses. The tool is developed to show ways of detecting certain risks and to inspect whether it is possible to automate the search. The primary aim of this study is to introduce the reader to the field of security of web applications, present to them the legality of penetration testing and introduce them to options of finding and fixing security risks and avoiding them in web development.
|
guest ::
