Application Security Vulnerabilities Checklist and Types

What is Application Vulnerability?

An application vulnerability is a defect in an application that could be misused to jeopardize the security of the application. These violations target the integrity, confidentiality, of resources occupied by an application, its users.This article will Top Application Security Vulnerabilities Checklist.

Application Security Vulnerabilities Checklist

SQL Injection

  • An SQL injection is a technique, uses malicious SQL code for backed database manipulation, or may also destroy the database.
  • It is a vulnerability that may affect the web application or the website which uses an SQL database such as SQL Server, Oracle, MySQL, etc.
  • Attackers use the SQL injection for finding the credentials of the other users in the database.
  • Using SQL injection, one can alter the data in the database, i.e. you can delete, update, or insert the data.

Example –

  • You have created a table ‘users’ using create table command.
  • The table users have the following fields: id, email, password
  • Now, we usually use select * from users to retrieve the data, and this command will give all rows and columns in the table users.
  • Now, run the following command: select*from users where email = ‘xxx@xxx.xxx’ OR 1 = 1 LIMIT 1 — ‘ ] AND password = md5(‘1234’);
  • OR 1 = 1 LIMIT 1 is a condition that will always be true.
  • — ‘ AND is a SQL comment that eliminates the password part.
  • The highlighted text means, it is a comment.

Prevent SQL injection

  • use prepared statements, parameterized queries
  • do not reveal the sensitive information in the error messages
  • use web applications firewall

Secure Your Password

  • Choose password manager without master recovery – Choose a password manager, that should not allow for the improvement of a master password. If an attacker can get a grip on the master password through the account recovery tools, then this makes the most secure password management programs useless.
  • Use two-factor authentication – Use two-factor authentication to protect password manager.
  • 2FA is a login process that requires users to prove that they are who they claim to be.
  • Turn-off auto fill
  • Use strong passwords
  • Use unique passwords

Cross Site Scripting (XSS) in Application Security Vulnerability

  • Type of a computer security vulnerability, found in web application.
  • It is a common attack vector that injects the malicious code into vulnerable web applications.
  • Allows an attacker to execute the malicious javascript(JS) in the user’s browser.
  • The actual attack occurs when the victim visits the web application or web page, that executes the malicious code.
  • Types of XSS Persistent XSS, Reflected XSS, DOM-based XSS.

Persistent XSS

  • One of the website’s forms is used by the attacker to insert a malicious string into the website’s database.
  • The victim requests page from the site
  • The website includes the malicious string from the database in the response and sends it to the victim.
  • The targeted user’s browser executes the malicious scripts inside the response and sends the targeted user’s cookies to the attacker’s server.

Reflected XSS

  • The attacker crafts a URL containing a malicious string and sends it to the victim.
  • The attacker tricks the victim into requesting the URL from the website.
  • The malicious string is included in the website from the URL in the response.
  • The targeted user’s browser executes the malicious script inside the response and sends the cookies of the targeted user to the attacker’s server.

Two-Factor Authentication in Application Security Vulnerability

  • Provides an additional layer of security against unauthorized access to the account
  • This method requires the entering of more than one piece of information to the successful login of the account.
  • Except for username and passwords, 2FA requires the user to enter the additional information such as OTP, i.e. a six-digit verification code.
  • This verification code is the tokens that can be generated by the google authentication app.
  • No internet is required for the generation of these tokens.
  • The tokens are updated after every 30 seconds.

Distributed denial of service (DDoS)

  • It is a cyber attack on a specific server or network
  • DDoS is an attack from multiple sources
  • By using malicious software, the attacker gets other networks to get involved in a DDoS attack.
  • It is an attack meant to shut down a machine or system, making it inaccessible to its users.
  • Botnet – A botnet is an army of infected computers to make DDoS attack.
  • The attacker developed the malware program and distributed over the internet, i.e. put it on the websites and email attachments.
  • If a computer can go through these websites or open these attachments, the malware will be installed on their computer without the owner knowing that their computer is affected.
  • Therefore, the computer is ready to form a DDoS attack.

Insecure Cryptographic Storage in Application Security Vulnerability

  • Is a vulnerability that occurs when the sensitive data is not securely secured, i.e. appropriately encrypted.
  • Raw data can be considered as username, passwords, credit card information, etc.
  • Reasons for insecure storage are crucial improper storage and management, using bad algorithms, incorrect encryption of data, etc.
  • This unsafe storage can lead to loss of the delegate information

Preventing Insecure Cryptographic Storage

  • Use standard methods for the encryption
  • Do not create the encryption algorithms by yourself
  • Use known secure encryption algorithms
  • Ensure that the data stored is not easy to decrypt
  • If using crucial asymmetric encryption, be sure to store private keys securely and carefully.

Broken Authentication and Session Management

The websites create a session cookie and session ID typically for each valid session, and these cookies contain sensitive data like username, password, etc. Whenever the session is ended either by browser closed abruptly, or log out these cookies should be invalidated, i.e. there should be a new cookie for each session. If these cookies are not overridden, the sensitive data will exist in the system which can be more vulnerable. Therefore, a check should be done to find the strength of authentication and session management. Keys, session tokens, cookies should be adequately implemented without compromising the passwords.


Consider Relevant Tools for Application Security Vulnerabilities

Choosing the right tool will help us to find the vulnerabilities. The device you should choose will able to meet the objectives of the project. So, whether paid or freely available, the machine should be relevant to the security testing needs. The tools used are for detecting the loopholes, i.e. they will ease the process; they will not help to meet all your objectives.


Recheck the vulnerabilities reported

Results are out after the security testing. Therefore, it is essential to validate the findings and cross-check whether they exist or not. With this way, the reporting flaws are authenticated against the required context. This will save time and efforts in the long run and install the much-needed confidence in the testing process.


Invalidated Redirects and Forwards

The web application uses some methods to forward and redirects to other pages. So there should be an adequately validated method used for forwarding and redirecting to other pages. If there is no proper validation method used while redirecting to the other pages, attackers can make use of this and can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages.


An Approach to Application Security

Continuous Security monitoring approach supports Enterprises to enable real-time insights for their security presence and help them for continually observing cyber attacks. To facilitate this approach we advise taking the subsequent steps –

 


Leave a Comment

Name required.
Enter a Valid Email Address.
Comment required.(Min 30 Char)