izpis_h1_title_alt

Vdorno testiranje spletnih aplikacij
ID Prajnc, Martin (Author), ID Trček, Denis (Mentor) More about this mentor... This link opens in a new window, ID Jelenc, David (Comentor)

.pdfPDF - Presentation file, Download (2,25 MB)
MD5: 1BA9D65847C1E86380F61A63C79983BF

Abstract
Dandanes večina poslovanja in komunikacije poteka prek interneta. Tako je predvsem zaradi spletnih aplikacij, ki so produkt več tehnik in orodij za programiranje. Te tehnike in orodja se izjemno hitro razvijajo in nadgrajujejo, vendar z vidika varnosti to ni nujno vedno dobro. Problem je v tem, da mnoga podjetja namenijo velike količine proračuna le za razvoj, zato za varnost in varnostno testiranje ne ostane veliko sredstev. Varnostni pregledi se po navadi opravijo čisto na koncu, ko je produkt že pripravljen na dostavo kupcu. To je sicer bolje, kot da varnostnega pregleda sploh ne bi bilo, a najboljša praksa je, da se razvijalci zavedajo ranljivosti sistema, ki ga razvijajo, in to upoštevajo že pri razvoju in implementaciji. S temi vidiki se ukvarja informacijska varnost. V splošnem informacijska varnost pomeni varstvo informacijskih sistemov in podatkov pred nezakonitim dostopom, razkritjem, spremembo ali uničenjem. V diplomski nalogi se bomo sicer osredotočili na penetracijsko testiranje ter opis ranljivosti spletnih aplikacij in orodij, ki jih bomo uporabili za razkritje teh ranljivosti. Nato bomo na praktičnem primeru spletne aplikacije izvedli penetracijski test. Na ta način bo bralcu predstavljeno penetracijsko testiranje spletnih aplikacij.

Language:Slovenian
Keywords:informacijska varnost, vdorno testiranje, spletne aplikacije, penetracijsko testiranje, penetracijski preizkus, vdorni preizkus
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2021
PID:20.500.12556/RUL-130492 This link opens in a new window
COBISS.SI-ID:78383107 This link opens in a new window
Publication date in RUL:15.09.2021
Views:2113
Downloads:204
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Penetration testing of web applications
Abstract:
Today, the majority of business processess and communications take place over the Internet, thanks to web applications, which are the product of several programming techniques and tools. The aforementioned techniques and tools are extremely fast to develop and upgrade, but from the security and safety point of view this is not necessarily always good. The problem, which arises is that many companies spend large amounts of budget only on development, and not enough money is left for safety and security testing. Safety and security checks are usually done right at the end when the product is ready to be delivered to the customer. While this approach is better than not having a security check, the best practice is for developers to be aware of the vulnerabilities of the system they are developing and to take this into account when developing and implementing it. Information security deals with these aspects. In general, information security means the protection of information systems and data against unauthorized access, disclosure, alteration or destruction. In my diploma thesis I will focus on penetration testing and description of vulnerabilities of web applications and tools that I will use to reveal these vulnerabilities. This way the reader will be introduced to penetration testing of web applications.

Keywords:information security, penetration test, web application

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back