IS3445 Security Strategies for Web Applications and Social Networking
Lab 7 Assessment
1. How does Skipfish categorize findings in the scan report?
As high risk flaws, medium risk flaws, and low issue scans
2. Which tool used in the lab is considered a static analysis tool? Explain what is referred to by static code analysis.
RATS, because the running of static code analysis tools that attempt to highlight possible vulnerabilities within ‘static’ (non-running) source code.
3. What possible high risk vulnerabilities did the Rats tool find in the DVWA application source code?
Allow system commands to execute.
4. Did the static analysis tool find all the potential security flaws in the application?
Yes, although such tools like these would automatically find security flaws with high degree of confidence that what it found was a flaw.
5. What is black box testing on a web site or web application?
They’re designed to threat the application as an “unknown entity”; therefore, no knowledge of the tiers is provided.
6. Explain the Skipfish command in detail: ./skipfish-o/var/scans/is308lab.org –A admin:password –d3 –b I –X logout.jsp –r200000 http://www.is308lab.org
This is a standard, authenticated scan of a well-designed and self-contained site.
7. During the manual code review, what is noticed about high.php to make it less likely to vicitimize users with XSS reflection and why is it considered more secure?
Because when a php is at high-level language its more secure and often times it’ll most likely have bugs and errors that are low-level languages.
8. Would Firefox be considered a web application assessment tool?
Firefox is a popular web application penetration testing tool with many plugins. It’s designed for web application security assessment or penetration testing.
9. Compare and contrast a pent testing tool such as OWASP WebScarab with an automatic analysis tool like skipfish.
Webscarab is a framework for analyzing application that communicate using the