Security

 

Web application security

DDSEC.web is the next-generation web application vulnerability scanner, providing automated vulnerability assessment with unprecedented accuracy and comprehensiveness.

Web Application Issues checked:

  • Scripting issues
  • Input sources: forms, text boxes, dialog windows, etc.
  • Multiple Charset Encodings (UTF-8, ISO-8859-15, UTF-7, etc.)
  • Regular expression checks
  • Header integrity (Multiple HTTP Content Length, HTTP Response Splitting)
  • Session handling/fixation
  • Cookies
  • Framework vulnerabilities (Java Server Pages, .NET, Ruby On Rails, etc.)

Technical vulnerabilities:

  • Invalidated input:
    • Tainted parameters - Parameters in URLs, HTTP headers, and forms are often used to control and validate access to sensitive information
    • Tainted data
  • Cross-Site Scripting flaws:
    • XSS takes advantage of a vulnerable web site to attack clients who visit that web site. The most frequent goal is to steal the credentials of users who visit the site
  • Content Injection flaws:
    • Data injection
    • SQL injection - allows commands to be executed directly against the database, allowing disclosure and modification of data in the database
    • XPath injection – allows an attacker to manipulate the data in the XML database
    • Command injection – Operating System and Platform specific commands may often be used to give attackers access to data and escalate privileges on backend servers
    • Process injection
  • Cross-site Request Forgeries:
    • Rather than exploiting the user's trust in a site, the attacker (and his malicious page) exploits the site's trust in the client software

Security Vulnerabilities:

  •  Denial of Service
  •  Broken access control
  •  Path manipulation
  •  Broken session management
  •  Weak cryptographic functions, Non salt hash

Architectural/Logical Vulnerabilities:

  • Information leakage
  • Insufficient authentication
  • Password change form disclosing detailed information
  • Session-idle deconstruction not consistent with policies

Other vulnerabilities:

  • Debug mode
  • Thread Safety
  • Hidden Form Field Manipulation
  • Weak Session Cookies: Cookies are often used to transmit sensitive credentials, and are often easily modified to escalate access or assume another user's identify.
  • Fail Open Authentication
  • Dangers of HTML Comments