Info icon This preview shows pages 1–3. Sign up to view the full content.

Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

WEB SECURITY EXPLOITATIONS AND APPLICATIONS 2 WEB SECURITY EXPLOITATIONS AND APPLICATIONS Executive Summary Web security exploitations are a major challenge for Internet users. For an individual to safely use the internet, one must be equipped with adequate security mechanisms. It will help in shunning the hackers and attackers from accessing private data or manipulating personal information. Applications like wire shark are essential when using the internet. The rest of this document examine and explore the topic above Introduction In today’s world there is a rapid increase of information exchange and sharing in social networking. There is also a tendency of many businesses shifting from manual business adoption to online, electronic commerce transactions and e-commerce. Many websites experience attacks from hackers frequently, and users accessing the sites have not been left out either. The majority of the attacks results from poor programming syntax or flawed coding. Attackers use mostly Cross-site scripting (XSS), and SQL injection. Counteracting this problem web application security has ultimate attention. Web security is a component of Information safety that specifically addresses the security issue of web services, online applications, portals, and websites. It operates by applying principles of application security onto the internet systems. This paper elaborates on the safety exploits performed on web applications; security exploits carried out on websites, possible preventive measures and state examples of vulnerable applications. Security exploits carried out on web applications There is several security exploits conducted on web applications. They majorly occur due to poor programming and inefficient software development procedures. Considering web applications, the following are common exploitations carried out on web applications. They include; Remote code execution, Format string vulnerabilities, Cross Site Scripting, SQL injection and Username enumeration. (A). Remote Code Execution Distant code effecting is the ability of an attacker to access individual’s computing device such as computer and makes modifications despite the geographical location of the instrument. In remote code execution, the attacker runs malicious codes that control the affected system. After accessing the system, they alter user privileges and elevate their own. The efficient way to avoid this exploitation is to fix holes that can allow the attacker to gain access. (Moore, T., and Clayton, R., 2009). Microsoft regularly releases patches that are security oriented to address this issue.The patches are periodic updates that are used to combat any security alert provided by end users or web developers.
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern