Presented by: Melvin Rodriguez CAP6135 Malware and Software Vulnerability Analysis Spring 2012
CAP6135 – Malware and Software Vulnerability Analysis
description
Transcript of CAP6135 – Malware and Software Vulnerability Analysis
CAP6135 – Malware and Software Vulnerability Analysis
By Tara Lingle and Orcun Tagtekin
Web Application Vulnerability Scanning searches for software vulnerabilities within web applications:- Web Application Security (Scripting issues)- Technical Vulnerabilities (Cross-site Scripting)- Security Vulnerabilities (Denial of Service)- Architectural/Logical Vulnerabilities (Information Leakage)
Can be used to help identify potential security vulnerabilities within commercial and proprietary based web applications.
Frequently used in both the pre-deployment and post-deployment test cycles.
CAP6135 – Malware and Software Vulnerability Analysis
The goal of this project is to explore both the commercial and open source web application vulnerability scanners that currently exist and determine which one(s) we would recommend to an organization.- Evaluate leading commercial products, to include
features, strengths and weaknesses- Compare our findings with other research- Review a number of open source tools available- Decide how the commercial products compare against
the open source tools
CAP6135 – Malware and Software Vulnerability Analysis
CAP6135 – Malware and Software Vulnerability Analysis
Limited number of false positives and false negatives
Ability to customize configuration options for internal needs
Covers all major platforms (Java, JavaScript, PHP, ASP, ASP.NET), including dynamic content
Ease of use for non-security professionals Powerful, automated scanning engine that can
handle complexities by default (i.e. minimal manual intervention)
CAP6135 – Malware and Software Vulnerability Analysis
Vendor Support Tests both application vulnerabilities and known
web server vulnerabilities Usable reports and data Maintenance/upgrade costs Expandability for future needs of the organization Can obtain periodic updates as new
vulnerabilities are introduced
CAP6135 – Malware and Software Vulnerability Analysis
Acunetix Web Vulnerability Scanner by Acunetix
AppScan by IBM/Watchfire, Inc.
WebInspect by HP/SPI-Dynamics
Hailstorm by Cenzic
CAP6135 – Malware and Software Vulnerability Analysis
CAP6135 – Malware and Software Vulnerability Analysis
Web Application Vulnerability Scanning Software - Comparison of Strengths/Weaknesses
Product AppScan (IBM)Web Vulnerability Scanner
(Acunetix)WebInspect (HP) Hailstorm (Cenzic)
Strengths
Design and Ease of Use
Documentation and Help Files
Ease in manual adjustments/administration
Reports
Ability to map and scan Ajax applications (client-side functionality)
Web Application Vulnerability Software - Comparison of Strengths/Weaknesses
Product AppScan (IBM)Web Vulnerability Scanner
(Acunetix)WebInspect (HP) Hailstorm (Cenzic)
Weaknesses
Prevalence of False Positives
Prevalence of False Negatives
Documentation and Help Files
Reports
Ability to map and scan Ajax applications (client-side functionality)
Pricing
License/Support
CAP6135 – Malware and Software Vulnerability Analysis
CAP6135 – Malware and Software Vulnerability Analysis
What are the trade-offs of using an open source tool over a commercial product?
Do any of them meet the requirements statement outlined?
CAP6135 – Malware and Software Vulnerability Analysis
Nikto by Sullo
Paros by Chinotec
WebScarab by Rogan Dawes
Grabber by Romain Gaucher
Grendel-Scan by David Byrne and Eric Duprey
Pantera by Simon Roses Femerling
Powerfuzzer by Marcin Kozlowski
Scuba by Imperva
Wapiti by Nicolas Surribas
CAP6135 – Malware and Software Vulnerability Analysis
CAP6135 – Malware and Software Vulnerability Analysis