Analysis of Web Vulnerabilities using Burp Suite

-

 Analysis of Web Vulnerabilities

- June 19,2025




1. Introduction

Brief overview of web app vulnerabilities & their impact on security.

2. Goal of the Project
✔ Understand & identify common web vulnerabilities
✔ Use ethical testing tools like Burp Suite
✔ Learn OWASP Top 10 concepts through hands-on labs

3. OWASP Top 10 – Key Concepts

  • Injection (e.g., SQLi)

  • Cross-Site Scripting (XSS)

  • Information Disclosure

  • Broken Access Control

  • Security Misconfigurations

4. Tools Used – Burp Suite
Intercepts, modifies, and analyzes HTTP/S traffic
Used to test input validation and identify bugs

5. Ports Wigger Labs – Hands-On Practice
Lab 1: Reflected XSS
Lab 1: Reflected XSS into HTML context with nothing encoded.
Lab 2: SQL Injection in WHERE clause – Extract hidden data
Lab 3: Information Disclosure via error messages


Whether you are new or wants hands on experience, this is beginner friendly and guide you through each step:


Click Below Link to View Full presentation and guide:

Cybersecurity Project 4.pdf    



Helpful Sources:


6. Conclusion
🔸 Learned practical skills to detect & analyze vulnerabilities
🔸 Developed experience in real-world testing environments
🔸 Strengthened foundational cybersecurity knowledge


7. References

Comments

Post a Comment

Popular posts from this blog

Vulnerability Analysis using NESSUS and OPENVAS

-
Image
  🔍 Vulnerability Analysis using NESSUS and OPENVAS In this project, I dive into Vulnerability Analysis using two powerful tools: NESSUS and OPENVAS . These tools are widely used in cybersecurity for identifying security flaws in systems and networks. Whether you're new to vulnerability scanning or looking to improve your analysis skills, this guide will walk you through how to use these tools effectively. A Practical Guide from My Cybersecurity Training Want to learn how to perform vulnerability assessments like a pro? Check out my PowerPoint presentation that covers: ✅ What NESSUS & OPENVAS are ✅ How to conduct vulnerability scans ✅ How to analyze the results for potential risks 💡 Whether you're starting out in vulnerability analysis or looking to enhance your skills, this guide is beginner-friendly and hands-on! Click here to view full presentation:  Cybersecurity_Project2.pdf   Helpful Sources: You Tube Channel: GetCyber and Jon Good Sources:  Nes...
Read more

Exploring GNS3: A Comprehensive Overview

-
Image
  Introduction GNS3 (Graphical Network Simulator) is a software tool that simulates complex networks. It allows the combination of virtual and real devices. It is used by many large companies like Walmart, AT and T and NASA. You can also use GNS3 on any computer to experiment with various router configurations. It is helpful for network and Network Security certificates such as CCNA, CCNP, CCIE and so on. This allowed users to build, design and test networks without needing physical hardware. History It was first released in 2008, developed by Jeremy Grossman. His motivation on developing this was to provide graphical user interface for Dynamips, a cisco IOS emulator. Additionally, it was created to make network simulation more accessible and practical for learning and professional development. People who liked the program have supported making it even better and updating it with more features. Features and Benefits This allows users to create virtual labs and practice CCNA/C...
Read more

Wireshark Report

-
Image
 Introduction    An effective software program for examining network traffic is called Wireshark. It is a crucial tool for network troubleshooting, security research, and understanding how networks work since it enables users to record and examine data as it moves over a network. Students, IT workers, and cybersecurity specialists utilize it extensively for understanding data flow between devices.    History  Gerald Combs first created Wireshark in 1998 under the alias "Ethereal." Due to trademark concerns, it eventually changed its name to Wireshark in 2006. It has developed into a well-regarded network monitoring tool over time, and its features are constantly being enhanced by a vibrant community.   Features and Benefits  Users can record and thoroughly examine real-time network data with Wireshark. It is adaptable for various kinds of network analysis because it supports a wide range of network protocols, including HTTP, TCP, UDP...
Read more