n this lab, you will evaluate the list of the ten most critical web application security risks as determined by OWASP. You will describe how hackers might use these types of attacks to compromise websites and web applications. Finally, you will use the DVWA to perform some of the most common web application attacks: a brute force attack, a cross-site request forgery (CSRF) attack, a file inclusion (upload) attack, a SQL injection attack, and a cross-site scripting attack (XSS).
Follow the steps below to complete this assignment:
- 1. Carefully read through the Student Lab Guide. It provides detailed instructions for accessing and completing the labs in this course.
- 2. Open the Lab 4 Assessment Worksheet.* Save a copy of the worksheet to your computer; this will allow you to fill it out electronically and save your answers. You will complete this worksheet and submit it to your instructor after you have completed the hands-on portion of the lab. However, it is strongly recommended that you read through the worksheet before you begin.
- 3. Click the Lab Link in the module folder to enter the virtual lab environment.
- 4. Read through all the material under the Intro and Steps tabs before you start working.
- 5. Follow the step-by-step instructions under the Steps tab to perform the lab. Note: You will not be completing a lab report, so you can disregard instructions to make screen captures.
- 6. After completing the hands-on lab, complete and submit the Lab 4 Assessment Worksheet. Use the worksheet that you saved to your computer. Be sure to save it again before submitting it.
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
check at the solution to the assignment please
Exploiting Known Web Vulnerabilities on a Live Web Server
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
In this lab, you evaluated the list of the 10 most critical Web application security risks as
determined by OWASP. You described how hackers might use these types of attacks to
compromise Web sites and Web applications. Finally, you used the DVWA (Damn Vulnerable
Web Application) to perform some of the most common Web application attacks: a brute force
attack, a cross-site request forgery (CSRF) attack, a file inclusion (upload) attack, a SQL
injection attack, and a cross-site scripting attack (XSS).
Lab Assessment Questions & Answers
1. What are the OWASP Top 10?