Simulation of Cyberattacks on Web Services in Controlled Environments: A Secure Approach to Vulnerability Assessment
Article Sidebar
Main Article Content
Abstract
The OWASP Juice Shop application was the target of this study to simulate cyber-attacks on web services in a controlled environment. SQL injection, open ports, malicious file uploads, directory traversal, cross-site request forgery (CSRF) and other common vulnerabilities were examined. To avoid ethical and legal consequences, the research was conducted in a secure environment. Findings included major flaws, such as open ports that allowed access to services and a SQL injection flaw that allowed unauthorized access to the database. XSS attacks demonstrated the execution of malicious code. However, the application was able to resist directory traversal attacks and malicious file uploads. To address the growing threat of cyberattacks, this study underscores the critical importance of incorporating strong cybersecurity measures into web services development beyond typical development considerations.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Politicas de acceso y reuso
El autor, conserva el derecho a ser propietario intelectual del artículo y podría solicitar al Director de la Revista el uso posterior de este trabajo.
El lector, tiene derecho a enviar los comentarios que crea conveniente sobre los artículos de la revista, y a participar en los foros que se organicen en torno de los artículos de la revista.