Security of web applications. By Evgeny Prokoptsov
Why does it matter? Websites gather and store private information. Websites are hosted on a server.
Who is affected by the problem?
Importance to users/customers.
Overview of Website Attack Techniques and The Defence Against Them.
Types of Attack Cross-Site Scripting (XSS) SQL Injection Buffer Overflow
Prevention Techniques Data filtering Techniques. Predefine user input parameters Check parameters type Predefine maximum size of data
Prevention Tools SQL injection Tools Buffer Overflow Tools Cross-Site Scripting Tools SQL ninja SQLmap MUSIC SUSHI Haskell-xss-sanitize JSoup Sanitizer SPIKE OWASP WebScarab Buffer Overflow Tools CCured Lint ProPolice
Conclusion. Establish/Implement proper Coding Techniques. Use available testing tools before Web application deployment. Constantly read/monitor new hacking techniques and their prevention.