3 Widely Used Types of Attacks on Web Software

Views:
 
     
 

Presentation Description

Nowadays software products, in particularly web-based ones, are widely utilized in almost all the business segments and leisure.

Comments

Presentation Transcript

3 Widely Used Types of Attacks on Web Software:

3 Widely Used Types of Attacks on Web Software Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/

3 Widely Used Types of Attacks on Web Software:

3 Widely Used Types of Attacks on Web Software Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ Nowadays software products, in particularly web-based ones, are widely utilized in almost all the business segments and leisure.

3 Widely Used Types of Attacks on Web Software:

3 Widely Used Types of Attacks on Web Software Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ Web apps allow to buy goods, manage various processes, perform money transactions, etc. They attract attention of hackers because they process confidential data. That is why any  web site testing , desktop testing and  mobile testing  should allocate substantial time on thorough  security testing  and discovering the system vulnerabilities.

Experts in Web Software Security Mention Such Widely Applied Types of Cyber-Attacks::

Experts in Web Software Security Mention Such Widely Applied Types of Cyber-Attacks: 1 2 3 Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ SQL injection Cross-site scripting or XSS Manipulations with URL

SQL Injection:

SQL I njection Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ Computer burglars inject SQL commands into an SQL queries through the web software user interface. The server executes the query and allows the malicious user to steal or alter data in the web application database.

Cross-site scripting or XSS:

Cross-site scripting or XSS Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ This popular type of web software vulnerabilities allows hackers to insert malicious code into the UI of web software so that the inserted elements can be seen by other users. The code runs, when a user opens the page, and interacts with the web server providing th e hacker access to the application data.

Manipulations with URL:

Manipulations with URL Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ Web software often transfers data from the browser running on the client computer to the server and vice versa by means of URL. Change in the URL may give access to the system data if this type of vulnerability is not revealed during manual or  automated testing .

Thank You for Your Attention :

Office in Ukraine Phone: +380 (472) 5-61-6-51 E-mail: [email protected] Address: 154a, Borschagivska str., Kiev, Ukraine http://qatestlab.com/ Thank You for Your Attention

authorStream Live Help