Website Vulnerability Assessment: Insights from a Boston Institute Project Presentation

Website Analysis By Mannya Muralidhar Acharya (Currently pursuing Master Of Cybersecurity from The University of Adelaide, Australia)

Website Analysis Selected Project: Run a Scan through a website and create a detailed report on the findings that will include: Interface of website, Category of Website, what technology the website uses, security used in website Selected Project: Run a Scan through a website and create a detailed report on the findings that will include: Interface of website, Category of Website, what technology the website uses, security used in website

Website Analysis What is website analysis? - The process of reviewing and rating a website for its performance in important criteria that include: Search engine optimization (SEO) Speed Traffic flow User experience - It also includes a scan of competitive websites. - Each of these elements is important for website's success because they shape the way our business is perceived and our website's Internet performance. Website analyses can be helpful to websites on a continuous basis through insights that can be used to optimize and improve pages currently live, ensure a positive user experience and increase the potential that users will be returning customers. The importance and benefits of website analysis:- Website analysis gives us insight into how website performance and user experience. A regular website analysis can: 1. Identify areas of our website that need improvements, updates or changes. 2. Help us to optimize our website to attract new visitors and keep our customers coming back. 3. Ensure to provide the best experience for our customers and prospects and offering the most value to them.

Website Analysis You can't just “set it and forget it” - As with most things related to technology, change happens fast. To stay relevant and engaging for visitors and potential customers, website needs to be continuously moving. Regular website analysis is crucial to ensuring online presence is meeting key metrics while driving the development of relevant website content so visitors find value, come back again and ideally share their experience with others. Key Reasons Why Web Analysis is Important :- Improved user experience: By identifying issues that affect user navigation, functionality, or content clarity, website analysis can help optimize the site for a better user experience. Enhanced SEO performance: By analyzing data on website traffic, keyword rankings, and backlinks, website owners can identify areas for improvement in search engine optimization (SEO) and increase their online visibility. Data-driven decision making: Website analysis provides valuable data and insights that can be used to inform website design, content creation, and marketing strategies. Competitive benchmarking: By analyzing competitor websites, businesses can identify best practices, understand their online landscape, and develop strategies to differentiate themselves. Improved security posture: Security analysis of websites can reveal potential vulnerabilities, allowing owners to take proactive steps to protect their website from cyber threats.

Website Analysis Website analysis can be categorized into several types depending on the specific goals: Technical analysis: This focuses on the website's technical aspects, such as the CMS used, performance metrics, and coding standards. User experience (UX) analysis: This evaluates how easy and enjoyable it is for users to navigate and use the website. Content analysis: This examines the website's content, including its quality, relevance, and alignment with user needs. SEO analysis: This focuses on how well the website is optimized for search engines and potential improvements in its ranking. Security analysis: This assesses the website's security measures and identifies potential vulnerabilities.

Abstract: This study explores www.technotaught.com, an educational website that provides resources and lessons on a range of technology-related subjects. It looks at how the website aims to support tech-related learning, inspiration, problem-solving, and community building. The report lists the technologies that were used, such as the web server, database, programming language, Content Management System (CMS), and plugins. Using Nmap, Nessus, and Tcpdump , among other tools, practical demos show how to perform website scanning, vulnerability assessment, and traffic analysis. To strengthen security and performance, recommendations include automatic vulnerability scanners, web application scanners, web application firewalls (WAFs), security header analysis, human security testing, CMS scanners, and continuous monitoring solutions. The purpose of this analysis is to improve knowledge of website analysis methods, which will help with web-based platform protection and optimization.

Objective: The objective of the research is to analyze the website www.technotaught.com, focusing on its purpose, target audience, categories, and the technologies used. Additionally, the research aims to provide insights into the website's use cases, such as learning, inspiration, problem-solving, community building, and professional development. Furthermore, the research includes a detailed examination of the technologies utilized by the website, ranging from the Content Management System (CMS) to programming languages, plugins, and hosting services. The practical demonstration section outlines various methods and tools for website scanning, along with recommendations for improving website security and mitigating vulnerabilities. Overall, the research aims to provide a comprehensive understanding of www.technotaught.com and offer actionable insights for enhancing its functionality, user experience, and security posture.

I have divided my website analysis into 3 parts: Research: In-depth exploration of the website's purpose, audience, and categories. Analysis of its functionalities in learning, inspiration, problem-solving, community building, and professional development. Data Collection: Comprehensive overview of the technologies employed on the website. Examination of the Content Management System (CMS), programming languages, plugins, and hosting services utilized. Practical Demonstration: Utilization of various tools for information gathering, vulnerability scanning, web application scanning, content discovery, and website traffic analysis. Recommendations for improving website security and performance based on practical findings.

Research Website Used: The website analyzed is www.technotaught.com .

Use of this website: Learning: The website appears to provide advice on a range of topics, therefore it might be used as a resource for people looking to learn about business, technology, web development, graphic design, and marketing. Inspiration : By presenting a range of ideas and initiatives, the website may encourage visitors to take up new technical or artistic ventures. Problem-solving: Users may find solutions in articles and tutorials to particular problems they have in their personal or professional lives. Community building: The website has a forum or comment section, which may help to spark conversations and assemble a group of like-minded people. Professional development: The website offer resources or insights relevant to various professions, particularly those related to technology and design.

Purpose: 1. Education and Learning: Technotaught.com offers a wide range of tutorials, articles, and resources on various technology, business, and internet-related topics. These resources cater to individuals of all skill levels, from beginners seeking basic introductions to more advanced users looking to deepen their knowledge. The website aims to be a comprehensive learning platform where users can acquire new skills, stay updated on the latest trends, and solve problems they encounter in their personal or professional lives. 2. Inspiration and Creativity: Technotaught.com showcases various projects, ideas, and use cases across different domains. This can inspire users to explore new possibilities, experiment with different tools and techniques, and unleash their own creativity. The website can serve as a springboard for individuals looking to start new projects, learn new skills, or simply get motivated by seeing what others have achieved.

3. Community Building and Networking: While I cannot directly access the website's features, some sources suggest that Technotaught.com may have a comment section or forum where users can interact and engage with each other. This can foster a sense of community among users with similar interests, allowing them to share knowledge, ask questions, and learn from each other's experiences. It can also create opportunities for collaboration and networking, potentially leading to new projects, partnerships, or career opportunities. 4. Professional Development: The website's content can be valuable for professionals looking to stay updated on the latest trends and technologies in their fields. Articles and tutorials on web development, graphic design, marketing, and other relevant topics can help individuals enhance their skills, improve their professional profiles, and stay competitive in the job market.

Category: I. Primary Category: Educational Website: Focus: Providing tutorials, articles, and resources on diverse technology, business, and internet-related topics. Examples: Learning web development skills, understanding SEO best practices, mastering Photoshop tools, starting a small business online. Target Audience: Individuals of all skill levels seeking to learn, improve existing skills, or acquire new ones. II. Secondary Categories: 1. Technology Blog: Focus: Regularly publishing articles on new technologies, trends, and tools in the tech world. Examples: Latest software releases, emerging cloud computing solutions, advancements in artificial intelligence, cybersecurity updates. Target Audience: Tech enthusiasts, professionals looking to stay updated, individuals curious about the ever-evolving tech landscape.

2. DIY Resource: Focus: Offering step-by-step guides and instructions for completing various projects. Examples: Building a website, creating graphic designs, setting up a home network, fixing common computer problems. Target Audience: Individuals who enjoy hands-on projects, want to learn by doing, and appreciate practical problem-solving approaches. 3. Professional Development Tool: Focus: Sharing content relevant to various professions, helping individuals enhance their skillsets and stay competitive. Examples: Web development tutorials for developers, marketing tips for entrepreneurs, graphic design techniques for creative professionals. Target Audience: Professionals aiming to upskill, expand their knowledge base, and stay relevant in their respective fields.

Data Collection Technologies used by this website: 1. Content Management System (CMS): WordPress A Content Management System (CMS) is a software application that helps users create, manage, and publish content on a website or web application. It provides a user-friendly interface, eliminating the need for extensive coding knowledge, and streamlines the content lifecycle. Think of it as a central hub where you can easily edit text, upload images, add videos, and organize various elements of your website without directly working with complex code. WordPress as a Content Management System (CMS) Technology WordPress is a free and open-source CMS, making it one of the most popular choices for building and managing websites worldwide. Its user-friendly interface and vast ecosystem of plugins and themes empower users with varying technical skills to create diverse websites, from simple blogs to complex e-commerce platforms.

2. Blogs : WordPress WordPress remains a popular choice for bloggers due to its ease of use, flexibility, customization options, and extensive ecosystem of themes and plugins. Whether you're a hobbyist blogger, professional writer, or business owner, WordPress provides a powerful platform for creating and managing your blog effectively. 3. Programming languages: PHP(8.0.29) PHP 8.0.29 serves as a dependable foundation for WordPress websites, enabling them to deliver dynamic, interactive, and secure user experiences. By leveraging the stability and security of PHP 8.0.29, WordPress developers can build robust websites that meet the demands of modern web standards while prioritizing performance, reliability, and user security. 4. Database: MySQL WordPress, being built on PHP, typically uses MySQL as its default database backend. MySQL is a widely-used open-source relational database management system known for its reliability, performance, and ease of use. It's highly compatible with PHP and provides robust support for storing and retrieving data, making it an ideal choice for dynamic content management systems like WordPress.

5. WordPress plugins: Yoast SEO Yoast SEO is a comprehensive and user-friendly WordPress plugin that empowers website owners to improve their search engine rankings, increase organic traffic, and enhance the overall visibility and performance of their WordPress sites. Its intuitive interface, powerful features, and continuous updates make it an essential tool for anyone serious about SEO optimization on WordPress. 6. Web servers: LiteSpeed LiteSpeed web server is a powerful and feature-rich solution for hosting WordPress websites. Its combination of speed, scalability, compatibility, and security makes it an attractive choice for WordPress users seeking to optimize their website performance and deliver an exceptional user experience to their visitors. 7. SEO: Yoast SEO Yoast SEO is a powerful tool for optimizing WordPress websites for search engines. It offers a wide range of features and tools to improve on-page SEO, analyze content, and enhance overall website performance in search engine results. Its user-friendly interface, comprehensive features, and regular updates make it a valuable asset for website owners looking to improve their search engine rankings and attract more organic traffic.

8. Caching: LiteSpeed Cache LiteSpeed Cache is a feature-rich caching plugin that offers comprehensive caching and optimization solutions for WordPress websites hosted on LiteSpeed web servers. By leveraging its caching features, optimization tools, and integration capabilities, website owners can significantly improve website performance, enhance user experience, and achieve faster page load times. 9. Performance: Priority Hints Priority Hints is a web performance optimization technique that allows developers to provide hints to the browser about the importance or priority of certain resources. Therefore, to implement Priority Hints in a WordPress website, custom development or the use of plugins would be required. Priority Hints can be a valuable optimization technique for improving website performance, its implementation in WordPress may require custom development or the use of specialized plugins. 10. Advertising: Google AdSense Google AdSense offers website owners and publishers an effective way to monetize their online content through targeted advertising. It's one of the most popular and widely-used advertising networks worldwide, offering a simple and effective way for website owners to monetize their online content. By displaying relevant ads to their audience and optimizing ad placements, publishers can generate revenue and support their online activities while providing value to their visitors.

11. Miscellaneous: RSS (Really Simple Syndication): WordPress automatically generates RSS feeds for various types of content, including blog posts, comments, categories, tags, and custom post types. These RSS feeds allow users to subscribe to updates from WordPress websites using feed readers or aggregators. Users can stay informed about new content without visiting the website directly, making RSS feeds a convenient way to consume information. Open Graph: Open Graph meta tags are crucial for optimizing how WordPress content appears when shared on social media platforms like Facebook, Twitter, LinkedIn, and others. WordPress supports the integration of Open Graph meta tags through plugins or themes. By adding Open Graph tags to WordPress pages and posts, website owners can control the title, description, image, and other metadata that appears when their content is shared on social media. This ensures that shared content looks visually appealing and informative, potentially increasing engagement and traffic from social media referrals.

12. Live chat: WhatsApp Business Chat Integrating WhatsApp Business Chat into a website allows businesses to provide real-time support and communication with their customers directly through the popular messaging platform. By integrating WhatsApp Business Chat into their website, businesses can provide personalized, efficient, and convenient communication channels for their customers, ultimately enhancing the overall customer experience and driving business growth.

Practical Demonstration Information Gathering: I have use three tools for information gathering are as follows: Nmap : Scanning for open ports and services on the website's server. Whois : Gathering information about the website's domain ownership and registration. DNSdumpster : Extracting subdomains, related domains, and historical records.

i . Nmap : Scanning for open ports and services on the website's server. Step 1: Open Nmap in Windows. Step 2: In Target typing my website IP Address and Choose profile Intense Scan.

As you can see there are 4 open ports which are 21, 80, 443 and 3306. Each open port serves a specific purpose and is essential for enabling various services and functionalities on the server. Here's why each of the mentioned ports is important to keep open: Port 21 (TCP): Port 21 is used for FTP (File Transfer Protocol) connections, which facilitate the transfer of files between a client and a server. Keeping port 21 open is essential for enabling FTP access to the server, allowing users to upload, download, and manage files stored on the server. FTP is commonly used for website maintenance, software distribution, and file sharing purposes. Port 80 (TCP): Port 80 is used for HTTP (Hypertext Transfer Protocol) connections, which facilitate the transfer of unencrypted data between web servers and clients. Keeping port 80 open is essential for serving web content, such as websites, web applications, and APIs, to users accessing the server via standard HTTP connections. Port 80 is commonly used for hosting websites and delivering web-based services to users.

Port 443 (TCP): Port 443 is used for HTTPS (Hypertext Transfer Protocol Secure) connections, which encrypt data transmitted between web servers and clients using SSL/TLS encryption. Keeping port 443 open is crucial for securing web traffic, protecting sensitive information, and ensuring the confidentiality and integrity of data exchanged over HTTPS connections, such as login credentials, personal information, and financial transactions. Port 3306 (TCP): Port 3306 is used for MySQL database connections, enabling clients to establish connections with the MySQL database server for data storage, retrieval, and manipulation. Keeping port 3306 open is necessary for applications and services that rely on MySQL databases, such as content management systems (e.g., WordPress), e-commerce platforms, and web applications. It allows seamless communication between the application and the MySQL database backend.

ii. Whois : Gathering information about the website's domain ownership and registration. Step 1: Visit website whois.com Step 2: Type your domain name in the box

iii. DNSdumpster : Extracting subdomains, related domains, and historical records. Step 1: Visit website https://dnsdumpster.com Step 2: Type your domain name in the box

2. Vulnerability Scanning: We have to use two tools for vulnerability scanning are as follows: Nessus: A powerful commercial scanner offering extensive vulnerability detection. The vulnerability we found is SSL Medium Strength Cipher Suites Supported (SWEET32). Description: The remote host is configured to allow SSL ciphers that provide encryption of medium strength, as classified by Nessus. Medium strength encryption, according to Nessus, encompasses encryption methods with key lengths ranging from at least 64 bits to less than 112 bits. Additionally, it includes the use of the 3DES encryption suite. Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network. Solution: Reconfigure the affected application if possible to avoid use of medium strength ciphers. Reconfiguring an application to avoid medium-strength ciphers is a crucial security step, but it requires specific knowledge and access to the application's configuration settings. Here's a breakdown of the process:

Reconfiguration Steps (General Approach): Identify the affected application: Determine which application or service is using medium-strength ciphers. This information might be provided in the security vulnerability report or through system logs. Access configuration settings: Depending on the application, you might need to access administrative or developer settings panels to modify encryption settings. Locate cipher options: Look for options related to ciphers, encryption protocols, or security settings within the configuration menu. Disable medium-strength ciphers: Identify and disable the options that enable medium-strength ciphers (e.g., DES, 3DES, RC4). Enable strong ciphers: Choose and enable ciphers considered strong and secure according to current security standards (e.g., AES-256, TLS 1.3). Test and verify: After making changes, thoroughly test the application functionality to ensure no unexpected issues arise due to the cipher modifications.

4. Content Discovery and Analysis: I have use two tools for content discovery and analysis which are: Gobuster : Brute-force directory and file enumeration with wordlists. EyeWitness : Capture screenshots of various web pages for manual analysis.

i . Gobuster : Brute-force directory and file enumeration with wordlists. a. Here is the command to look for URLs with the common wordlist. “ gobuster dir -u 154.41.233.134:80 –w / usr /share/wordlists/ dirb /common.txt” And here is the result. We can see that there are some exposed files in the www.technotaught.com website. b. If we want to look just for specific file extensions, we can use the -x flag. Here is a sample command to filter images: “ gobuster dir -u 154.41.233.134:80 -w / usr /share/wordlists/ dirb /common.txt -x jpg,png,jpeg ” c. You can use DNS mode to find hidden subdomains in a target domain. For example, if you have a domain named mydomain.com, sub-domains like admin.mydomain.com, support.mydomain.com, and so on can be found using Gobuster . Here is a sample command to find hidden subdomains: “ gobuster dns –d technotaught.com –w / usr /share/wordlists/ dirb /common.txt ”

ii. EyeWitness : Capture screenshots of various web pages for manual analysis. Here is the command to screenshot web pages:

5. Website Traffic Analysis: We have use two tools for website traffic analysis which are: Tcpdump : Capture and analyze network traffic to and from the website. Wireshark: Analyze captured network traffic for insights into website communication.

i . Tcpdump : Capture and analyze network traffic to and from the website. Open Terminal and type this command “ sudo tcpdump - i eth0 -w ~/Desktop/ technotaught_traffic.pcap host www.technotaught.com ” This command utilizes the tcpdump tool to capture network traffic on the eth0 interface of the system. It filters the captured traffic to include only packets that involve communication with the host www.technotaught.com. The captured packets are then saved to a file named technotaught_traffic.pcap , located on the desktop (~/Desktop) of the current user. The use of sudo ensures that the command is executed with administrative privileges, allowing access to the network interface for packet capture. Overall, the command captures traffic specifically related to interactions with the website www.technotaught.com and stores it in a packet capture file for further analysis. Once you've stopped the capture, you can view the captured traffic using tcpdump or other packet analysis tools like Wireshark. ii. Wireshark: Analyze captured network traffic for insights into website communication. Open that file in wireshark which you have captured from tcpdump .

Specific Events (lines 1-18): Lines 1-2: The client sends an initial packet to the server (likely a SYN packet to initiate the connection). Lines 3-4: The server responds with a SYN-ACK packet, acknowledging the connection request and sending its synchronization information. Lines 5-6: The client sends an ACK packet, acknowledging the server's response, and the connection is established. Lines 7-10: The client and server perform a TLS handshake to establish a secure connection. Lines 11-14: The client sends multiple packets to the server, likely containing the website request data. Lines 15-18: The server acknowledges receiving the client's data and sends its response packets (potentially containing the website content).

Recommendations Available Methods and Tools for Website Scanning: 1. Automated Vulnerability Scanners: Utilize automated vulnerability scanning tools such as: OpenVAS: An open-source vulnerability scanner that offers similar capabilities to Nessus. Nexpose : A vulnerability management solution that provides scanning, prioritization, and remediation recommendations. 2. Web Application Scanners: Employ web application scanners to identify vulnerabilities specific to web applications: Netsparker : An automated web application security scanner that detects SQL injection, cross-site scripting (XSS), and other vulnerabilities. Acunetix : A web vulnerability scanner that performs comprehensive security assessments of web applications, including JavaScript-heavy applications and single-page applications.

3. Security Headers Analysis: Use tools to analyze security headers and configuration: SecurityHeaders.com: A free online tool that evaluates the security headers of a website and provides recommendations for improvement. Mozilla Observatory: A web-based tool that assesses a website's security posture, including security headers, encryption protocols, and more. 4. Web Application Firewalls (WAFs): Implement WAFs to protect against common web application attacks: ModSecurity : An open-source WAF module that protects web applications from various attacks, including SQL injection and cross-site scripting. Cloudflare WAF: A cloud-based WAF service that provides protection against OWASP Top 10 vulnerabilities and other threats. 5. Manual Security Testing: Conduct manual security testing to complement automated scanning: Burp Suite: A popular toolkit for web application security testing, including manual testing, automated scanning, and vulnerability verification.

6. Content Management System (CMS) Scanners: If the website is built on a CMS platform, use CMS-specific scanners to identify vulnerabilities: WPScan : A WordPress vulnerability scanner that checks for security issues in WordPress installations, themes, and plugins. JoomScan : A Joomla vulnerability scanner that identifies security vulnerabilities in Joomla-based websites. 7. Continuous Monitoring and Reporting: Implement continuous monitoring solutions to detect and respond to new vulnerabilities: Security Information and Event Management (SIEM) Systems: Aggregate security event logs and provide real-time analysis and reporting. Vulnerability Management Platforms: Automate vulnerability assessment, prioritize risks, and generate reports for remediation efforts. By leveraging these methods and tools for website scanning, organizations can effectively identify and mitigate security vulnerabilities, enhance their security posture, and protect sensitive data from potential cyber threats. Regular scanning and proactive security measures are essential for maintaining a robust and resilient web infrastructure.

Conclusion In conclusion, the analysis of www.technotaught.com reveals its diverse utility as an educational platform, inspirational resource, problem-solving hub, community-building space, and professional development tool. Leveraging WordPress as its CMS and a suite of complementary technologies such as PHP, MySQL, Yoast SEO, and LiteSpeed , the website caters to a broad audience seeking knowledge and practical guidance across various domains. Recommendations for enhancing its security posture through automated vulnerability scanners, web application scanners, security headers analysis, WAFs, manual security testing, CMS-specific scanners, and continuous monitoring underscore the importance of proactive security measures in maintaining a robust web presence. Overall, www.technotaught.com exemplifies the value of leveraging technology to empower users in their learning, creativity, and professional endeavors while prioritizing security and community engagement.

References https://www.youtube.com/watch?v=alJLui61v2Y&ab_channel=TechieQA https://www.freecodecamp.org/news/gobuster-tutorial-find-hidden-directories-sub-domains-and-s3-buckets/ https://www.youtube.com/watch?v=q3EleG1_5so&ab_channel=CyberNation1 https://null-byte.wonderhowto.com/how-to/scan-for-vulnerabilities-any-website-using-nikto-0151729/ https://www.tenable.com/blog/how-to-run-your-first-vulnerability-scan-with-nessus

Thank You!!

Website Vulnerability Assessment: Insights from a Boston Institute Project Presentation

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Website Vulnerability Assessment: Insights from a Boston Institute Project Presentation

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx