Book Image

Network Vulnerability Assessment

By : Sagar Rahalkar
Book Image

Network Vulnerability Assessment

By: Sagar Rahalkar

Overview of this book

The tech world has been taken over by digitization to a very large extent, and so it’s become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing vulnerabilities can be one of the best ways to secure your network infrastructure. Network Vulnerability Assessment starts with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft Services, and mail services. You will also get to grips with various security best practices, which will help you build your network security mechanism. By the end of this book, you will be in a position to build a security framework fit for an organization.
Table of Contents (15 chapters)

Authorization

Once a user has been authenticated, the next task is to authorize the user to give him/her access to data. Based on the user role and privileges, the application grants authorization. To test for authorization vulnerabilities, we require valid credentials from each of the different roles present in an application. Using some preliminary tools, we can attempt to bypass the authorization schema and gain access to the superuser account while using the credentials of a normal user.

OWASP mapping

Authorization-related vulnerabilities are part of the OWASP Top 10 2017. They are covered under A5:2017 Broken Access Control. Some of the vulnerabilities listed under this category are as follows:

  • Bypassing access control...