Provide a detailed analysis using both manual interception techniques and automatic scanner attacks on the http://localhost/week4/loginAuth.html.

 

After completing this lab, you will submit a word (or PDF) document that meets all of the requirements in the description at the end of this document. In addition, your Web Application files should be submitted. You can submit multiple files in a zip file. Needed files for this are attached!

 

What is under Lab submission details on page 15 needs to be done. You can view the rest of the document if you need to.

 

Lab submission details:

For this lab, you will provide a detailed analysis using both manual interception techniques and

automatic scanner attacks on the http://localhost/week4/loginAuth.html. You should run the manual

interception techniques first, and describe in detail the information revealed to you during your analysis.

Be sure to provide screen captures of you running of the tool and analyze all files used for the

application (loginAuth.html, authcheck.php and logout.php). Try to modify the http messages and look

for possible vulnerabilities. This is the important discovery portion of your analysis.

When you run the automatic scan, be sure to generate an HTML report showing all alerts. Also, describe

the active scan activity. For each alert, discuss all of the output and try possible solutions. Be sure to

describe how you prioritized alert messages. Try to resolve all alerts and document specifically your

process in resolving those alerts. Rerun the scanner after you have fixed as many issues as you can to

demonstrate your success.

For your deliverables, you should submit a zip file containing your word document (or PDF file) with

screen shots of your scans. Be sure to include the descriptions and analysis of your results, your

prioritization and approach to mitigating the issues. Also, include the reports from your scan. Your

report should be well-organized and clearly written. This report is aimed at your Chief Security officer

who pays your salary. He is a technical geek and wants details, clarity and something he can pass on to

others to make sure you have job security for years to come

Type of paper Academic level Subject area
Number of pages Paper urgency Cost per page:
 Total: