Podrobnosti studentského projektu

Seznam
Téma:Bezpečnostní plug-in do prohlížeče
Katedra:Katedra kybernetiky
Vedoucí:doc. Ing. Daniel Novák, Ph.D.
Vypsáno jako:Diplomová práce, Semestrální projekt
Popis:Familiarize yourself with existing CLI tools for reconnaisance and vulnerability scanning (Nikto, DataSploit, etc.)

2. Familiarize yourself with the OWASP Top 10 list

3. Analyze the websecurity extension market

4. Determine which functionalities of common reconnaisance and vulnerability scanning tools can be implemented in a browser extension

5. Design a user-friendly browser extension that can be used by web developers to avoid the most common security issues

6. The extension should recommend possible remediation/mitigation steps for found issues
Literatura:W. Qianqian and L. Xiangjun, "Research and design on Web application vulnerability scanning service," 2014 IEEE 5th International Conference on Software Engineering and Service Science, 2014, pp. 671-674, doi: 10.1109/ICSESS.2014.6933657. [link]

2. Esposito, Damiano, et al. "Exploiting the potential of web application vulnerability scanning." ICIMP 2018 the Thirteenth International Conference on Internet Monitoring and Protection, Barcelona, Spain, 22-26 July 2018. IARIA, 2018. [link]

3. Rennhard, Marc, et al. "Improving the effectiveness of web application vulnerability scanning." International Journal on Advances in Internet Technology 12.1/2 (2019): 12-27. [link]

4. A. C. Perera, K. Kesavan, S. V. Bannakkotuwa, C. Liyanapathirana and L. Rupasinghe, "E-commerce (WEB) Application Security: Defense against Reconnaissance," 2016 IEEE International Conference on Computer and Information Technology (CIT), 2016, pp. 732-742, doi: 10.1109/CIT.2016.105.
Za obsah zodpovídá: Petr Pošík