Info: Zenodo’s user support line is staffed on regular business days between Dec 23 and Jan 5. Response times may be slightly longer than normal.

Published August 30, 2023 | Version Final
Other Open

Gestão de Vulnerabilidade em Aplicações WEB: Exploração de SQL Injection

  • 1. student

Description

Through further expansion related to the use of services on web pages, weighted, in parallel, to the strong joining of systematized data structures, the degenerations caused by attacks, until now, are characterized as a pertinent challenge for institutions and organizations that may be susceptible to this kind of adversity. There is a need to adopt good practices regarding security policies to avoid problems to the health of the organization's data. Thus, this study aims to highlight the importance of adopting OWASP guidelines about defense against SQL Injection, aligned with security management, in view of the consequences that vulnerability may cause. Aiming the development of a didactic and practical environment for the experimentation and application of the concepts presented in this work, a conceptual web application prototype was implemented, purposely containing the SQL Injection vulnerability. Technologies and approaches have been adopted in their implementation that have made it easy to perform test / attack procedures, understand implementation, vulnerability, and correction of the failures. It is concluded that if OWASP recommended protection measures based on the PCI DSS data security standard guidelines, can be adopted more efficiently in maintaining and building web applications, the incidence of SQL injection threats will be significantly smaller

Files

AlanLucena_RenanDias_20191206_PRONTO (2).pdf

Files (1.4 MB)

Name Size Download all
md5:e5198581248d6c9633b2b50e34378519
1.4 MB Preview Download

Additional details

Related works