PROJECT TITLE :
A Black-Box Approach to Detect Vulnerabilities in Web Services Using Penetration Testing
Web services work over dynamic connections among distributed systems. This technology was specifically designed to easily pass SOAP message through firewalls using open ports. These edges involve a number of security challenges, like Injection Attacks, phishing, Denial-of-Services (DoS) attacks, and thus on. The issue to detect vulnerabilities,before they're exploited, encourages developers to use security testing like penetration testing to cut back the potential attacks. Given a black-box approach, this research use the penetration testing to emulate a series of attacks, like Cross-web site Scripting (XSS), Fuzzing Scan, Invalid Varieties, Malformed XML, SQL Injection, XPath Injection and XML Bomb. In this way, was used the soapUI vulnerability scanner so as to emulate these attacks and insert malicious scripts within the requests of the internet services tested. Furthermore, was developed a collection of rules to analyze the responses in order to scale back false positives and negatives. The results counsel that ninety seven.1percent of.Net services have at least one vulnerability of these attacks. We additionally determined a ranking of those attacks against web services.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here