So you think your web-app is secure?
December 14th, 2007The time has come that I have to work on security at one bigger project. I know the basics but I digged in that much. I will post my notes here.
Web Application (WA) security is a very wide and also vague term. I need to break it down to concrete things — to the specific security threats for web-apps (WA) and then explore one by one.
- input data related to DB (SQL injections, wrong unexpected data..)
- input data when related to HTML, JS, VBs..(script injection and all that it can bring)
- User authentication (password, login security)
- sessions and cookies (stolen, replayed, hijacked)
- directory traversal
- shell escape (injection)
- DB password hard-coded in web-reachable file
- XSS
- CSRF
- Canonicalization, Unicode
Some of these threats can be eliminated by just concise coding (and being aware of them), other need some special devotion. I will explore them deeper soon.