DSpace Repository

SQLi penetration testing of financial Web applications: Investigation of Bangladesh region

Show simple item record

dc.contributor.author Farah, Tanjila
dc.contributor.author Alam, Delwar
dc.contributor.author Kabir, Md. Alamgir
dc.contributor.author Bhuiyan, Touhid
dc.date.accessioned 2018-09-12T04:44:14Z
dc.date.accessioned 2019-05-27T09:59:30Z
dc.date.available 2018-09-12T04:44:14Z
dc.date.available 2019-05-27T09:59:30Z
dc.date.issued 2016-02-18
dc.identifier.uri http://hdl.handle.net/20.500.11948/3177
dc.description.abstract Business critical web applications are the most popular services provided to the client by the financial sector. These applications are bringing handsome revenue for the financial industry every year. These services are also a frequent target of attackers. Poor coding practice leads applications to vulnerability that are exploited by attackers. Information and privileges such as access to databases, admin authorization, and access to data could be retrieved through exploitation. Services provided through web applications make the exploitation easier as these could be accessed from anywhere around the world. Web based financial services are comparatively new concept in Bangladesh. Thus the security aspects of these applications are less explored. This paper represents an analysis of few basic security issues of the financial web applications of Bangladesh. It focuses on structured query language injection (SQLi) vulnerability. It presents a manual black box penetration testing approach to test the financial web applications. Same steps are used for testing all the web applications in the data set. A vulnerability analysis of the findings collected during the penetration testing is also presented in the paper. Full Text Link: http:doi.org/10.1109/WorldCIS.2015.7359432 en_US
dc.language.iso en en_US
dc.publisher IEEE Xplore en_US
dc.subject Testing en_US
dc.subject Databases en_US
dc.subject Security en_US
dc.subject Planning en_US
dc.subject Data mining en_US
dc.subject Web servers en_US
dc.title SQLi penetration testing of financial Web applications: Investigation of Bangladesh region en_US
dc.type Article en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Browse

My Account