Web Security - Risky Resource Management

use Netbeans to create two different unique and complete demonstrations of Risky Resource Management such as Buffer Copy without Checking Size of Input, Improper Limitation of a Pathname to a Restricted Directory, Download of Code Without Integrity Check, and Inclusion of Functionality from Untrusted Control Sphere. You will demonstrate and describe how to fix each of the problems. Therefore a total of four code samples will be created. Two will Risky Resource Management and two will have the issues fixed.

Using Netbeans, create your own unique, full example for each of the 2 vulnerabilities in this

category. Note: by unique and full I mean, this should not just be a code snippet. It should be

part of a small application. In other words, you need to adapt the examples provided in the

documentation to something more meaningful and substantive. It doesn’t have to be a large,

overly complex application, but it needs to be complete, and runnable and demonstrate how

this vulnerability may appear in the real world.

3. Demonstrate for each of the two applications they are vulnerable to this attack. You need to

show explicitly the attack you use and demonstrate the impact of the vulnerability. The

demonstration should occur through screen shots and detailed walkthrough of the steps you


4. Finally, using the information in the CWE/SANS Top 25 vulnerabilities, fix the issues in each of

the two examples you created in step 2.

5. Document the vulnerabilities and describe specifically how the issues were corrected. Note: You

may need to conduct additional research to better understand the vulnerability or the features

associated with a specific language.



Provide all of your source files for this assignment. Two source code files will have software

vulnerabilities. The remaining two will have the issues fixed. Provide any supplemental or utility

files supporting your main source files.

Prepare a word or PDF file describing and demonstrating the vulnerabilities in each of your source

files and specifically how you fixed the issue. You should demonstrate with screen shots and code

within the document to report your findings. Note: Be sure to provide all screen shots in one word

of PDF document. You can compress the files using a zip application for easier upload.

Taidot: MySQL, PHP, tietojärjestelmäarkkitehtuuri, Ohjelmistojen testaus, Verkkoturva

Näytä lisää: sans top 25 pdf, sans top 25 vulnerabilities, cwe/sans top 25 2017, sans top 25 vulnerabilities 2017, sans top 25 2017, owasp top 10 vs sans top 25, sans top 25 vulnerabilities 2016, cwe top 25 2017, web browser game development resource management, human resource management system java web applications, user document management upload php, upload aspnet document management, web security consulting reviews, sharepoint 2007 web parts drag drop file upload, web security assessment methodology

Tietoa työnantajasta:
( 0 arvostelua ) United States

Projektin tunnus: #16242598

3 freelanceria on tarjonnut keskimäärin %project_bid_stats_avg_sub_26% %project_currencyDetails_sign_sub_27% tähän työhön


Dear Employer! I want to work for your project. I'm very interested in your project. I'd like you to call me on chat. Please give me your project detail. If you give me the task, I'm very glad with you. I'll give you Lisää

$72 USD 10 päivässä
(15 arvostelua)
$111 USD 2 päivässä
(13 arvostelua)

A proposal has not yet been provided

$91 USD 7 päivässä
(0 arvostelua)