Nt1330 Unit 3 Assignment 1 Pentesting

504 Words3 Pages
Pentesting Report SQL Injection/Hacking Wireless Networking Adrienne Aultmon CMIT 321 March 2, 2014 Mr. Jesse J. Varsalone In the iLab SQL Injection, we learned about SQL Injection attack and understanding when and how web applications connect to a database server to access data, extracting basic SQL flaws and vulnerabilities. We also tested web applications for blind SQL injections vulnerabilities, utilized tools to scan web servers and analyze the reports created using these tools and secured information in web apps and servers. A SQL injection attack is an attempt to get the website to pass a newly formed rouge SQL command to the database by including parts of SQL statements in a web form entry field. SQL…show more content…
Once we typed in the script, we navigated to the site http://localhost/realhome, which created the account juggyboy, with the password juggy123. We were able to login using those credentials. Next we used a tool call IBM Security AppScan Standard, which allows organizations to minimize web application attacks and data breaches by automating application security vulnerability testing. We first configured the scan configuration wizard, ran the scan and saved the results of the scan. The IBM Security AppScan cans the URL we entered for vulnerabilities. Once the can completed, it listed all the security issues and vulnerabilities in the website. The results were displayed in three different views, Data, Issues, and Task. We clicked the Issues tab to view the vulnerabilities and security issues for a particular website. We can click any of the results, such as SQL Injection to view all of the links vulnerable to SQL injection. The Advisory tab allows us to see the severity of the link. To fix threats and vulnerabilities and view a list of advice for fixing them, click Fix Recommendations. Finally after the IBM Security AppScan completes, you can generate reports for your organization and save the reports to be opened with a third-party application. In the iLab Hacking Wireless Networks, we learned how to crack WEP using various tools, capture network traffic and analyze and detect wireless traffic. The first tool we used was

More about Nt1330 Unit 3 Assignment 1 Pentesting

Open Document