PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application... more
PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without practising secure guidelines, improper validation of user inputs leads to various source code vulnerabilities. Logical flaws while designing, implementing and hosting the web application causes work flow deviation attacks. In this paper, we are analyzing the complete behaviour of a web application through static and dynamic analysis methodologies.
While the 21st century has seen the explosion of the Internet bubble and the arrival of Web 2.0, the standards have changed very little to support the growing number of new programs. Nevertheless developers have managed to continue... more
While the 21st century has seen the explosion of the Internet bubble and the arrival of Web 2.0, the standards have changed very little to support the growing number of new programs. Nevertheless developers have managed to continue delivering interactivity with the users and have continued to provide interesting Web-based applications for online services. Most web applications include JavaScript language that executes on the end-user's browser, unlike other languages such as Java, ASP and PHP that run on the server-side. Running a web application on a client’s browser allows it to acquire and obtain different HTTP parameters that may put it within a sizable diversity of web security vulnerabilities, such as SQL injection and Cross-site scripting (XSS). XSS vulnerabilities are undoubtedly the most common vulnerabilities found in Web applications. Although cross-site scripting has been assessed as mild-severity vulnerability from time to time, the development of XSS attacks has revived its portrait. This paper will discuss XSS vulnerabilities; most importantly, it will study three common known forms of XSS and approaches to preventing XSS attacks. Keywords: cross-site scripting, XSS, persistent, content security policy, DOM
Masyarakat jenis ini menjalankan hidup secara otonom dan terlibat dalam interaksi saling mengenal satu sama lain. Mereka menerima keragaman dan pada waktu yang sama berusaha mempertahankan budaya mereka. Contoh: suku yang menerima... more
Masyarakat jenis ini menjalankan hidup secara otonom dan terlibat dalam interaksi saling mengenal satu sama lain. Mereka menerima keragaman dan pada waktu yang sama berusaha mempertahankan budaya mereka. Contoh: suku yang menerima kebudayaan luar tetap juga mempertahankan budayanya sendiri. 2.Multikulturalisme Akomodatif Masyarakat ini memiliki kultur dominan yang membuat penyesuaian penyesuaian dan akomodasi tertentu bagi kebutuhan kultural kaum minoritas. Mereka memberikan kebebasan untuk kaum minoritas untuk mengembangkan budaya mereka. Contoh: ragam agama di suatu negara 3.Multikulturalisme Otonomi Mereka berusaha mewujudkan equality dengan budaya dominan dan menginginkan kehidupan otonom dalam kerangka politik yang secara kolektif dan dapat diterima. Contoh: gerakan kaum perempuan menuntut kedudukan 30% pada UU politik, agar sejajar dengan kaum laki-laki. 4.Multikulturalisme Interaktif Masyarakat plural dimana kelompok kelompok kultural tidak terlalu terfokus dengan kehidupan kultural otonom, tetapi membentuk penciptaan kolektif yang mencerminkan dan menegaskan perspektif digstif mereka. Contoh: Orang kulit hitam di Amerika yang diperlakukan sebagai budak dan memperjuangkan agar terdapatnya perlakuan yang sama antara kulit hitam dan kulit putih. 5.Multikulturalisme Kosmopolitas Mereka berusaha menghapus batas-batas kultural sama sekali untuk menciptakan sebuah masyarakat dimana detiap individu tidak lagi terikat terhadap suatu budaya tertentu. Contoh: kelompok liberal yang menganggap semua budaya dapat dipilih dan diambil secara bebas. a. Multikulturalisme Isolasi Masyarakat jenis ini biasanya menjalankan hidup secara otonom dan terlibat dalam interaksi yang saling mengenal satu sama lain. Kelompok-kelompok tersebut pada dasarnya menerima keragaman, namun pada saat yang sama berusaha mempertahankan budaya
Popularity of the web increases nowadays and it is used every day and it needs a high security. Web vulnerability scanner (WVS) is a tools that can make observation of a web that can help developers or pentester web to find... more
Popularity of the web increases nowadays and it is used every day and it needs a high security. Web vulnerability scanner (WVS) is a tools that can make observation of a web that can help developers or pentester web to find vulnerabilities in web and fix the holes before the developer online the website. Application web testing is very important thing to identify successes, completeness, safety and quality of the application. In this paper, will be explained about testing in a few websites using different scanners in five websites and the result will be analyzed toward the relevance result on each scanner. Scanning results are useful to complete in testing.
In this paper we proposed a framework model instrument to assess web application security components. The philosophy depends on the possibility that infusing practical vulnerabilities in a web application and assaulting them naturally can... more
In this paper we proposed a framework model instrument to assess web application security components. The philosophy depends on the possibility that infusing practical vulnerabilities in a web application and assaulting them naturally can be utilized to bolster the evaluation of existing security systems and apparatuses in custom setup situations. To give consistent with life comes about, the proposed powerlessness and assault infusion technique depends on the investigation of an expansive number of vulnerabilities in genuine web applications. To expel the vulnerabilities by executing a solid Vulnerability and Attack Injector Tool (VAIT) for securing web applications. To prevent various attacks like follows: 1. SQL Injection (SQLi) 2. Cross Site Scripting (XSS) 3. Brute Force Attack 4. Shoulder surfing Attack 5. Social Attack. 6. Dictionary Attack
Keywords: SQL Injection, XSS Attack, Web security etc.
Cross Site Scripting(XSS) is the most popular security problem in modern web application. In Cross Site Scripting, attacker uses a trusted site and injects a vulnerability script in the client or server side browser. This code when... more
Cross Site Scripting(XSS) is the most popular security problem in modern web application. In Cross Site Scripting, attacker uses a trusted site and injects a vulnerability script in the client or server side browser. This code when executes sends a secure information to attacker. This type of attack can be blocked by using server side filters and client side filters. In this workwe have developeda two pass client side filter. This filter solves the well known problem of FalsePositive in various client side filters. We have proposed an architecture and algorithm that solves false positive problem.
In 2014 over 70% of people in Great Britain accessed the Internet every day. This resource is an optimal vector for malicious attackers to penetrate home computers and as such compromised pages have been increasing in both number and... more
In 2014 over 70% of people in Great Britain accessed the Internet every day. This resource is an optimal vector for malicious attackers to penetrate home computers and as such compromised pages have been increasing in both number and complexity. This paper presents X-Secure, a novel browser plug-in designed to present and raise the awareness of inexperienced users by analysing web-pages before malicious scripts are executed by the host computer. X-Secure was able to detect over 90% of the tested attacks and provides a danger level based on cumulative analysis of the source code, the URL, and the remote server, by using a set of heuristics, hence increasing the situational awareness of users browsing the internet.
PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application... more
PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without practising secure guidelines, improper validation of user inputs leads to various source code vulnerabilities. Logical flaws while designing, implementing and hosting the web application causes work flow deviation attacks. In this paper, we are analyzing the complete behaviour of a web application through static and dynamic analysis methodologies.
Image watermarking has come to wide use in the recent past. It is by the authentication problems and limitation means that the setting accuracy of the image watermarking operation is minimized. Different types of integration schemes have... more
Image watermarking has come to wide use in the recent past. It is by the authentication problems and limitation means that the setting accuracy of the image watermarking operation is minimized. Different types of integration schemes have been proposed in the past to improve efficiency and makes the embedding resistant against various attacks .Although transformation, spatial domain approaches have been developed PSNR improvements in image artifacts due to the fringes are still to be observed. To improvise the embedding, image artifacts in this paper a forward-based image embedding scheme is proposed.