Penetration Testing for the Cloud-Based Web Application

Al-Khannak, Rafid and Nehal, Sajjan Singh (2023) Penetration Testing for the Cloud-Based Web Application. WSEAS TRANSACTIONS ON COMPUTERS, 22. pp. 104-113. ISSN 2224-2872

Full text not available from this repository. (Request a copy)

Access this via: https://doi.org/10.37394/23205.2023.22.13

Abstract

This paper discusses methods, tools, approaches, and techniques used for the penetration testing on the cloud-based web application on Amazon AWS platform. The findings of a penetration test could be used to fix weaknesses and vulnerabilities, and significantly improve security. The testing is implemented by undertaking a malicious attack aiming to breach system networks and thereby confirm the presence of cloud infrastructure. The research focuses on cloud-based web applications' high-risk vulnerabilities such as unrestricted file upload, command injection, and cross-site scripting. The outcomes expose and approved some vulnerabilities, flaws, and mistakes in the utilised cloud based web application. It is concluded that some vulnerabilities haveto be considered before architecting the cloud system. Recommendations are proposing solutions to testing results.

Item Type:	Article
Additional Information:	Article version: AM From Crossref journal articles via Jisc Publications Router History: epub 29-08-2023; ppub 29-08-2023; issued 29-08-2023. Licence for AM version of this article starting on 29-08-2023: https://wseas.com/journals/computers/2023/a285105-012(2023).pdf
Keywords:	General Computer Science
SWORD Depositor:	JISC Router
Depositing User:	JISC Router
Date Deposited:	23 Oct 2023 10:16
Last Modified:	23 Oct 2023 10:18
URI:	https://bnu.repository.guildhe.ac.uk/id/eprint/18789

Actions (login required)

Edit Item