VAPT PRESENTATION full.pptx

6,768 views 36 slides Dec 11, 2022
Slide 1
Slide 1 of 36
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36

About This Presentation

vapt project for collage student

Size: 8.34 MB
Language: en
Added: Dec 11, 2022
Slides: 36 pages

Slide Content

 Vulnerability Assessment & Penetration Testing Made By : DARSHAN BHAVSAR (20082291001) SAGAR THAKOR (20082291023)

INDEX What Is  Vulnerability Assessment What Is Penetration Testing Types Of Testing Steps Involved In vapt Process Some Images Tools Which Are Use Top Common Vulnerability Demo Website And Vm’s Some vulnerabilities and solution of them.

What Is  Vulnerability Assessment Vulnerability assessment (VA) is a systematic technical approach to finding the security loopholes in a network or software system. It primarily adopts a scanning approach which is done. both manually and performed by certain tools. The outcome of a VA process is a report showing all vulnerabilities, which are categorised based on their severity. This report is further used for the next step, which is penetration testing (PT).

What Is Penetration Testing A Penetration test (PT) is a proof-of-concept approach to actually explore and exploit vulnerabilities. This process confirms whether the vulnerability really exists and further proves that exploiting it can result in damage to the application or network. The outcome of a PT is, typically, evidence in the form of a screenshot or log, which substantiates the finding and can be a useful aid towards remediation.

TYPES OF TESTING There Are Mainly 3 Types Of Testing. BLACKBOX TESTING GRAYBOX TESTING WHITEBOX TESTING Black Box does not include any knowledge of the structure of the system, so this type of testing simulates the approach of an outside attacker. Gray Box includes only a limited knowledge of the layout of the target. White Box testing occurs when a penetration tester has complete knowledge of the layout of the target(s).

Steps Involved In vapt Process Enumerates a vulnerability. Performs an attack manually Analyses the results of the attack Performs similar or different attacks based on previous findings Assimilates the results to create a customised attack Exploits the vulnerability further to see if more attacks are possible Repeats the above steps for all vulnerabilities Prepare the final report of testing

TOOLS WHICH ARE USE HOSTEDSCAN NMAP OWASP ZAP WPSCAN NIKTO

NMAP :- Nmap is a network scanning tool that uses IP packets to identify all the devices connected to a network and to provide information on the services and operating systems they are running. OWASP ZAP :- OWASP ZAP Penetration testing helps in finding vulnerabilities before an attacker does. OSWAP ZAP is an open-source free tool and is used to perform penetration tests. The main goal of Zap is to allow easy penetration testing to find the vulnerabilities in web applications. NIKTO :- Nikto is an open source web server and web application scanner. Nikto can perform comprehensive tests against web servers for multiple security threats, including over 6700 potentially dangerous files/programs. Nikto can also perform checks for outdated web servers software, and version-specific problems.

WPSCAN :- The WPSSCAN CLI tool is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites.  HOSTEDSCAN :- Vulnerability scans, automated for any business. Scan networks, servers, and websites for security risks. Manage your risks via dashboards, reporting, automation.

Top Common Vulnerability SQL Injection Cross Site Scripting Broken Authentication and Session Management Insecure Direct Object References Security Misconfiguration Insecure Storage Failure to restrict URL Access Un-validated Redirects and Forwards

Demo Website And Vm’s https://demo.testfire.net http://testphp.vulnweb.com OWASP Mutillidae II Attack-defense online lab

SOME VULNERABILITY

1.Vulnerability name : XML RPC SEEMS TO BE ENABLED. SEVERITY : MEDIUM. IMPACT : Vulnerability in XML-RPC  allows an attacker to make a system call which can be dangerous for the application and servers . Also, an attacker can use this method to craft a successful DOS and BRUTEFORCE attack against the application. SOLUTION : Simply deleting the xmlrpc.php file. That's a WordPress core file that some 3rd-party apps and plugins still rely on to interact with WordPress, so deleting it risks disrupting their functionality. I'll describe three ways of disabling XML-RPC safely here: Disable XML-RPC in WordPress using a plugin. Block XML-RPC using the htaccess file. Disable XML-RPC in WordPress via a filter.

2. Vulnerability name : THEME VERSION IS OUT DATED. SEVERITY : LOW. IMPACT : Outdated theme versions are more prone to get affected by a security threat Over time hackers find their way to exploit its core and ultimately execute the attack on the sites still using outdated versions. Solution : the WordPress team releases patches and newer versions with updated security mechanisms. Update themes and plugins.

3.Vulnerability name : BACKUP DIRECTORY FOUND. SEVERITY : MEDIUM IMPACT : The File Manager WordPress plugin, version 6.4 and lower, failed to restrict external access to the fm_backups directory with a . htaccess file. This resulted in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, which the plugin had taken. SOLUTION : Update the File Manager WordPress plugin, version 6.5 and higher.

4.Vulnerability : USERID/USERNAME FOUND. SEVERITY : HIGH IMPACT : Attacker will do Bruteforce attack and get your password. SOLUTION : Change username/id and password. Create complex password. Require multi-factor authentication Enable and configure remote access. An access management tool like OneLogin will mitigate the risk of a brute-force attack.

5.VULNERABILITY : GOT ACESS OF DATABASE. SEVERITY : CRITICAL. IMPACT : WordPress Database is the brain of a WordPress website as it stores all the information about and on the website like posts, pages, comments, tags, users data, categories, custom fields, and other site options. This makes it a juicy target for malicious actors. Spammers and hackers run automated codes for SQL injections. Here is how you can secure the WordPress database . SOLUTION : Change Administrator Username and user id. Change Database Prefix Strict Database User Privileges Create Backups and delet e custom tables. reference : https://www.getastra.com/blog/911/how-to-secure-wordpress-database/

6. Vulnerability : USERID/USERNAME FOUND. SEVERITY : HIGH IMPACT : Attacker will do Bruteforce attack and get your password. SOLUTION : Change username/id and password. Create complex password. Require multi-factor authentication Enable and configure remote access. An access management tool like OneLogin will mitigate the risk of a bruteforce attack

7. Vulnerability : ROBOT.TXT FOUND. SEVERITY : LOW IMPACT : This file can be viewed by anyone, and it might contain sensitive information about the server. For example, specifying which directories shouldn’t be indexed tells the attacker where the sensitive files are . robot(s).txt to supply information to search engines and other indexing tools. This file exists on your server. SOLUTION : Make sure the file doesn’t contain any sensitive information. If any information in file so protect, backup and remove it.

6. Vulnerability : WORDPRESS VERSION IS OUT-DATED. SEVERITY : LOW IMPACT : Outdated WordPress versions  are more prone to get affected by a security threat. Over time hackers find their way to exploit its core and ultimately execute the attack on the sites still using outdated versions. SOLUTION : For the same reason, the WordPress team releases patches and newer versions with updated security mechanisms. Running  older versions of PHP  can cause incompatibility issues. As WordPress runs on PHP, it requires an updated version to operate properly.

7. Vulnerability: - Cross Site Scripting (XSS) – Reflected Severity: - Medium Summary: - Reflected Cross-site Scripting (XSS) occur when an attacker injects browser executable code within a single HTTP response. When a web application is vulnerable to this type of attack, it will pass unvalidated input sent through requests back to the client. The value of request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.   Impact : Cookie Stealing - A malicious user can steal cookies and use them to gain access to the application. Arbitrary requests - An attacker can use XSS to send requests that appear to be from the victim to the web server. Malware download - XSS can prompt the user to download malware. Since the prompt looks like a legitimate request from the site, the user may be more likely to trust the request and actually install the malware. Solution : Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including <> " ' and =, should be replaced with the corresponding HTML entities (<> etc). - Malware download - XSS can prompt the user to download malware. Since the prompt looks like a legitimate request from the site, the user may be more likely to trust the request and actually install the malware.

Vulnerability find with hostedscan website : https://dpsrkp.net/

Vulnerability find with zap. website : https://dpsrkp.net/

THANK YOU
Tags
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 6,768
  • Slides 36
  • Age 1085 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category