Welcome to Scribd!

APP SECURITY - Practical Material 2024

Uploaded by

0% found this document useful (0 votes)

13 views17 pages

This document appears to be a lab manual for a computer science course focusing on web and mobile application security. It provides students with activities and instructions to test the security of mobile apps, websites, email servers, cloud infrastructure, and domain records. The manual was prepared by Dr. Vasanthi Muniasamy and includes 8 activities for students to complete as part of their coursework, with each activity focused on a different type of security testing. Students are instructed to choose real world examples to test and report their findings.

Original Description:

APP SECURITY - Practical Material 2024

Copyright

Available Formats

DOCX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

13 views17 pages

APP SECURITY - Practical Material 2024

Uploaded by

Vasanthi Muniasamy

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 17

Search inside document

Dr.

Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Lab Manual

2341 CSA - 3
[PRACTICAL ACTIVITY BOOK]
SECTION: 224

Prepared By
Dr. Vasanthi Muniasamy

Department of Computer Science,

Program: Web and Mobile Application
Academic year-2023-2024

Page 1
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Name : ______________________________

University Number : ______________________________

Index Page
S. No Marks Given Date Submission Date Signature

1 5

2 5

3 5

4 5

5 3

6 3

7 2

8 2

Page 2
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #1: Mobile App Security Test [5 Marks]

Aim: To audit your iOS or android apps for OWASP Mobile Top 10 and other
Vulnerabilities.
Summary of Mobile Application Security Test

App version

App ID
Device type
Test started
Test finished
Test runtime
APK source

Report

Mobile App Permissions and Privacy

OWASP Mobile Top 10 Security Test

Mobile App External Communications
Software Composition Analysis

Page 3
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Mobile Application Permissions and Privacy Test

ACCESS_NETWORK_STAT ______________________

ACCESS_WIFI_STATE ______________________

FOREGROUND_SERVICE ______________________

INTERNET ______________________

VIBRATE ______________________

WAKE_LOCK ______________________

POST_NOTIFICATIONS ______________________

OWASP Mobile Top 10 Security Test

Write any 3:

External Communications and Outgoing Traffic

Write any 3:

Hostname IP:Port SSL Web Security Dark Web Exposure

Page 4
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Software Composition Analysis

Write any 3:

External Android Native

Page 5
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #2: Dark Web Exposure Test [5 Marks]

Aim: To monitor and detect your dark web exposure, phishing, domain squatting, and
trademark infringement monitoring.

Sites: Choose any one site and write the report.

Page 6
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Page 7
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #3: Website Security Test [5 Marks]

Aim: To check your website for GDPR, PCI & DSS compliance, security, and privacy.

Sites: Choose any one site and write the report.

Page 8
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Page 9
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #4: Email Security Test [5 Marks]

Aim: To check your email server security and encryption, DNS misconfiguration,
phishing campaigns, blacklists and spam repots.

Sites: Choose any one site and write the report.

Page 10
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #5: Cloud Security Test [3 Marks]

Aim: To detect unprotected and misconfigured cloud storage, discover shadow cloud
accounts, prevent data leaks and breaches.

Sites: Choose any one site and write the report.

Page 11
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Page 12
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #6: SSL Security Test [3 Marks]

Aim: To test your web, email servers for security and compliance with PCI DSS, HIPAA,
and NIST.

Sites: Choose any one site and write the report.

Page 13
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Page 14
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus

Activity #7: [2 Marks]

1) Identify the geographical location and proxy details of the following IP Address.

https://www.ip2location.com/

IP Address: 185.53.246.5

Details

Country

Region
City
ISP
Proxy Type

2) Find the IP Address of the following website.

https://www.nslookup.io/website-to-ip-lookup/
www.whatsapp.com / www.twitter.com / www.snapchat.com / www.instagram.com

Registrant Contact

IP Address

Page 15
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus
Type
Hosted By
Location

Activity #8: [2 Marks]

1) Find the domain information of the following website.

www.whois.com
www.whatsapp.com

Domain Information

Domain

Registrar
Registered On:
Expires On:
Updated On:
Status:
Name Servers:

Registrant Contact

Organization

State
Country

Page 16
Dr. Vasanthi Muniasamy, Department of Computer Science, Al-Mahala Female Campus
E-Mail

2) Verify the following Email addresses are valid or not.

www.email-checker.net/validate

E-MAIL ID VALID ID / NOT VALID ID / UNKNOWN

wmsami@kku.edu.sa

john@gmail.com
pockisam@gmail.com
sujan@yahoo.co.i

Page 17

Section 1983 Suits: Overview
Document2 pages
Section 1983 Suits: Overview
Peggy Plews
100% (1)
Watchtower: Regional Convention Program - 2014
Document8 pages
Watchtower: Regional Convention Program - 2014
sirjsslut
No ratings yet
HKSMM4 - Hong Kong Standard Method of Measurement of Building Works Fourth Edition Revised 2017
Document97 pages
HKSMM4 - Hong Kong Standard Method of Measurement of Building Works Fourth Edition Revised 2017
Bob Chin
No ratings yet
Privacy Policy of Tiktok
Document14 pages
Privacy Policy of Tiktok
elianah quioyo
No ratings yet
Partially Full Pipe Calculation Spreadsheet
Document17 pages
Partially Full Pipe Calculation Spreadsheet
Kenn Wahh
100% (1)
Business Finance Management
Document14 pages
Business Finance Management
Muhammad Sajid Saeed
No ratings yet
HW - Task - 7. Royal Wessanent
Document5 pages
HW - Task - 7. Royal Wessanent
bernadetta paradintya utami
No ratings yet
Web Security For Software Testing
Document6 pages
Web Security For Software Testing
guruannamalai
No ratings yet
EXEDY 2018 OE Catalog - Web Booklet PDF
Document101 pages
EXEDY 2018 OE Catalog - Web Booklet PDF
Stephano Santistevan
No ratings yet
Seven Deadliest Web Application Attacks
From Everand
Seven Deadliest Web Application Attacks
Mike Shema
No ratings yet
Misrep Prob 5
Document3 pages
Misrep Prob 5
alirajapervez8
No ratings yet
Social Problems, Continuity and Change - Attributed
Document868 pages
Social Problems, Continuity and Change - Attributed
Alfonso J Sintjago
100% (3)
Detection of Phishing E-Banking
Document12 pages
Detection of Phishing E-Banking
Muhammad Faraz Saleem
No ratings yet
Recruitment Agreement Signed PDF
Document3 pages
Recruitment Agreement Signed PDF
hyvoltz
No ratings yet
GST Registration Certificate
Document3 pages
GST Registration Certificate
commission sompo
0% (1)
MSDS Amerel
Document6 pages
MSDS Amerel
Deepak Goyal
No ratings yet
Project Report of Bharat
Document71 pages
Project Report of Bharat
Yachna Sharma
No ratings yet
Ism Final Review
Document54 pages
Ism Final Review
SPANDAN KUMAR
No ratings yet
Application of Machine Learning and Crowdsourcing To Detection of Cybersecurity Threats
Document12 pages
Application of Machine Learning and Crowdsourcing To Detection of Cybersecurity Threats
moonima
No ratings yet
A Machine Learning Approach For Web Application Vulnerability Detection Using Random Forest
Document9 pages
A Machine Learning Approach For Web Application Vulnerability Detection Using Random Forest
IJRASETPublications
No ratings yet
Ieee Paper
Document3 pages
Ieee Paper
rahuldaravid
No ratings yet
Lisa12 Final 22 #LoginInspector
Document15 pages
Lisa12 Final 22 #LoginInspector
smanzzz
No ratings yet
Sniffing Dtetction IEEE Paper
Document3 pages
Sniffing Dtetction IEEE Paper
rahuldaravid
No ratings yet
Web Application Attacks Detection: A Survey and Classification
Document6 pages
Web Application Attacks Detection: A Survey and Classification
crack wall
No ratings yet
Fraudulent Website Detection
Document3 pages
Fraudulent Website Detection
International Journal of Innovative Science and Research Technology
No ratings yet
Analysis Xss Exploitation Threat Advisory
Document6 pages
Analysis Xss Exploitation Threat Advisory
Rohit Kashmira
No ratings yet
15067CEM Resit
Document17 pages
15067CEM Resit
honey arguelles
No ratings yet
8862-28888-1-PB Vapt
Document8 pages
8862-28888-1-PB Vapt
Anwarb
No ratings yet
Web Application Vulnerability Detection Using Hybrid Algorithm
Document8 pages
Web Application Vulnerability Detection Using Hybrid Algorithm
IJRASETPublications
No ratings yet
XSS Finder For Web Application Security
Document3 pages
XSS Finder For Web Application Security
Editor IJTSRD
No ratings yet
Web Application Penetration Testing Roadmap
Document7 pages
Web Application Penetration Testing Roadmap
Gaming Roblox
No ratings yet
Static Detection of Cross-Site Scripting Vulnerabilities
Document10 pages
Static Detection of Cross-Site Scripting Vulnerabilities
Leo Lopez
No ratings yet
Phishing Website Detection Based On Multidimensional Features Driven by Deep Learning
Document14 pages
Phishing Website Detection Based On Multidimensional Features Driven by Deep Learning
likhith
No ratings yet
Machine Learning For Web Vulnerability Detection: The Case of Cross-Site Request Forgery
Document9 pages
Machine Learning For Web Vulnerability Detection: The Case of Cross-Site Request Forgery
Éder
No ratings yet
Iarjset 2022 9340
Document6 pages
Iarjset 2022 9340
Vijetha Devadiga
No ratings yet
11 V May 2023
Document6 pages
11 V May 2023
swetha r
No ratings yet
Technical Seminar: (Web Application Security)
Document20 pages
Technical Seminar: (Web Application Security)
harsha kulkarni
No ratings yet
Research Paper
Document9 pages
Research Paper
divinepeepee
No ratings yet
Machine Learning Feasibility Study
Document14 pages
Machine Learning Feasibility Study
nikhil vardhan
No ratings yet
Mayur Kumar Jain - (Resume)
Document3 pages
Mayur Kumar Jain - (Resume)
Anuvind Krishna Tiwari
No ratings yet
Priyal Keharia Is Exp 5
Document19 pages
Priyal Keharia Is Exp 5
Priyal Keharia
No ratings yet
Security in System Development
Document33 pages
Security in System Development
Yusifsuleiman
No ratings yet
A Framework For Predicting Phishing Websites Using Neural Networks
Document7 pages
A Framework For Predicting Phishing Websites Using Neural Networks
dhineshp
No ratings yet
Detection of Malicious Websites Using Machine Learning
Document4 pages
Detection of Malicious Websites Using Machine Learning
International Journal of Innovative Science and Research Technology
No ratings yet
Mobile Threats
Document4 pages
Mobile Threats
supptbuddy
No ratings yet
Assessment of Open Source Web Application Security Scanners
Document8 pages
Assessment of Open Source Web Application Security Scanners
aylinduba
No ratings yet
MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
Document14 pages
MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
Lưu Gia Huy
No ratings yet
Development of A Phishing Detection System Using Support Vector Machine
Document11 pages
Development of A Phishing Detection System Using Support Vector Machine
International Journal of Innovative Science and Research Technology
No ratings yet
Penetration Testing
Document25 pages
Penetration Testing
pulkitkhanna310
No ratings yet
Safeguarding Your Data From Malicious URLs Using Machine Learning
Document7 pages
Safeguarding Your Data From Malicious URLs Using Machine Learning
IJRASETPublications
No ratings yet
Applsci 12 12070
Document15 pages
Applsci 12 12070
21COB164 Aisha Tanvir
No ratings yet
Fuzz-Doc 1
Document26 pages
Fuzz-Doc 1
Afza Fathima
No ratings yet
Electronics 11 02212 PDF
Document13 pages
Electronics 11 02212 PDF
Daniel Mopo
No ratings yet
Electronics: Exploring Malware Behavior of Webpages Using Machine Learning Technique: An Empirical Study
Document20 pages
Electronics: Exploring Malware Behavior of Webpages Using Machine Learning Technique: An Empirical Study
Anandapriya Mohanta
No ratings yet
Detection of Phishing Website
Document12 pages
Detection of Phishing Website
Om Raut
No ratings yet
That Can Harm Your Site: Vulnerabilities
Document12 pages
That Can Harm Your Site: Vulnerabilities
srk_uk
No ratings yet
XSS Vulnerability Assessment and Prevention in Web Application
Document4 pages
XSS Vulnerability Assessment and Prevention in Web Application
Sana
No ratings yet
Applsci 13 04649
Document16 pages
Applsci 13 04649
venu
No ratings yet
Web Application Security Assessment
Document1 page
Web Application Security Assessment
Qais Saif Qassim
No ratings yet
Linear Support Vector Machine and Deep Learning Approaches For Cyber Security in The Edge of Big Data
Document9 pages
Linear Support Vector Machine and Deep Learning Approaches For Cyber Security in The Edge of Big Data
International Journal of Innovative Science and Research Technology
No ratings yet
Detection of Malicious Web Contents Using Machine and Deep Learning Approaches
Document6 pages
Detection of Malicious Web Contents Using Machine and Deep Learning Approaches
International Journal of Application or Innovation in Engineering & Management
No ratings yet
PS 27 - Xi 2021
Document11 pages
PS 27 - Xi 2021
einstein.ortiz27
No ratings yet
Application Security
Document223 pages
Application Security
satishkumarmani
No ratings yet
W3af Fuzzer
Document9 pages
W3af Fuzzer
jan
No ratings yet
Phishinpatterns: Measuring Elicited User Interactions at Scale On Phishing Websites
Document16 pages
Phishinpatterns: Measuring Elicited User Interactions at Scale On Phishing Websites
MUH.ALFIKRI TRI ANGGORO PAMUNGKAS
No ratings yet
Machine Learning For Detection and Mitigation of W
Document11 pages
Machine Learning For Detection and Mitigation of W
Faycel Messaoudi
No ratings yet
Ajcse 192 22 20230207 V1
Document5 pages
Ajcse 192 22 20230207 V1
BRNSS Publication Hub Info
No ratings yet
Infographic Explanation About Cyber Frauds
Document74 pages
Infographic Explanation About Cyber Frauds
Yedavelli Badrinath
No ratings yet
An Automated Detection System of Cross Site Request Forgery (CSRF) Vulnerability in Web Applications
Document5 pages
An Automated Detection System of Cross Site Request Forgery (CSRF) Vulnerability in Web Applications
International Journal of Innovative Science and Research Technology
100% (1)
Priyal Keharia Is Exp 8
Document13 pages
Priyal Keharia Is Exp 8
Priyal Keharia
No ratings yet
A Survey On Various Security Threats and Classification of Malware Attacks, Vulnerabilities and Detection Techniques
Document8 pages
A Survey On Various Security Threats and Classification of Malware Attacks, Vulnerabilities and Detection Techniques
AYESHA SHAZ
No ratings yet
2225-Article Text-9026-1-2-20240126
Document8 pages
2225-Article Text-9026-1-2-20240126
M Nur Faiz
No ratings yet
Technical Seminar: (Web Application Security)
Document20 pages
Technical Seminar: (Web Application Security)
harsha kulkarni
No ratings yet
ADS - Practical Material 2024
Document12 pages
ADS - Practical Material 2024
Vasanthi Muniasamy
No ratings yet
ADB - Practical Material 2024
Document12 pages
ADB - Practical Material 2024
Vasanthi Muniasamy
No ratings yet
Laudon Ec9e PP 1 GE
Document24 pages
Laudon Ec9e PP 1 GE
Vasanthi Muniasamy
No ratings yet
V.P. Jeya Harini - Flowcharts
Document3 pages
V.P. Jeya Harini - Flowcharts
Vasanthi Muniasamy
No ratings yet
Chapter 1, 2 - OOP
Document9 pages
Chapter 1, 2 - OOP
Vasanthi Muniasamy
No ratings yet
The Christmas Song (G)
Document2 pages
The Christmas Song (G)
jordanklapman
No ratings yet
E-Filling of Returns (Shivdas 10 Years)
Document122 pages
E-Filling of Returns (Shivdas 10 Years)
Unicorn Spider
No ratings yet
Affidavit of Two Disintrested Person
Document2 pages
Affidavit of Two Disintrested Person
Mark Ken
No ratings yet
Nirav Modi
Document6 pages
Nirav Modi
Rhythm Khetan
No ratings yet
Bengaluru Child Helpline Contacts
Document6 pages
Bengaluru Child Helpline Contacts
Citizen Matters
No ratings yet
Fim CRJ-200
Document6 pages
Fim CRJ-200
David Camilo Limachi Quispe
No ratings yet
Monthly Blank Format For PCPNDT
Document2 pages
Monthly Blank Format For PCPNDT
Rahul Singh
100% (1)
CFO COO VP Finance in Toronto Canada Resume Siva Cherla
Document2 pages
CFO COO VP Finance in Toronto Canada Resume Siva Cherla
SivaCherla
No ratings yet
Sumathi Organiser SPF
Document27 pages
Sumathi Organiser SPF
Palani Appan
No ratings yet
The Psychology of Terrorism - DR Kajumba Mayanja
Document24 pages
The Psychology of Terrorism - DR Kajumba Mayanja
Li An Rill
No ratings yet
Etowah County Sheriff's Office (Alabama) - NEW ICE 287 (G) MOA
Document21 pages
Etowah County Sheriff's Office (Alabama) - NEW ICE 287 (G) MOA
J Cox
No ratings yet
Swadeshi Movement Upsc Notes 40
Document4 pages
Swadeshi Movement Upsc Notes 40
Tanumay Naskar
No ratings yet
Foreign Exchange Management (Borroweing and Lending in Rupees) Regulations, 2000
Document7 pages
Foreign Exchange Management (Borroweing and Lending in Rupees) Regulations, 2000
BHARGAVI
No ratings yet
University of Derby: Research Prooposal
Document10 pages
University of Derby: Research Prooposal
Mozahid Sikder
No ratings yet
MPOS Installation Guide
Document40 pages
MPOS Installation Guide
varachartered283
No ratings yet
1992 Studies in Exodus
Document209 pages
1992 Studies in Exodus
Miriyum Yum
No ratings yet
IRSTE Journal July
Document22 pages
IRSTE Journal July
hari_hari_
No ratings yet