Professional Documents
Culture Documents
MÓDULO A -
CRIPTOGRAFÍA
Herramientas Criptográfica
bisite.usal.es | 1
1
Contenido
Security testing ........................................................................................................................................................................4
Vulnerability scanning ...................................................................................................................................................4
Dependency checkers ......................................................................................................................................................4
Testing tools .........................................................................................................................................................................5
SSL/TLS Testing ...............................................................................................................................................................5
SQL Injection testing ......................................................................................................................................................5
Vulnerability prevention ....................................................................................................................................................6
XSS Prevention ..................................................................................................................................................................6
Security headers ................................................................................................................................................................6
Personal security ....................................................................................................................................................................7
3
Universidad de Salamanca
Security testing
Vulnerability scanning
Dependency checkers
• OWASP Dependency Check - open source tool for checking for vulnerabilities in 3rd
party components
Testing tools
• BURP, ZAP - HTTP proxies useful in manual testing, but which also include a
layer of security testing
SSL/TLS Testing
5
Universidad de Salamanca
Vulnerability prevention
XSS Prevention
JavaScript
Java
• OWASP Java Encoder - Basic output encoding library for outputting HTML in
Java.
Security headers
• Helmet - NodeJS - middleware for Koa and Express to add common HTTP
security headers.
Master en Blockchain
Personal security
• NoScript - browser plugin for selective disabling of scripts on untrusted sites.