Audit and securing the website of the University of Souk Ahras

Abstract

Information, or the golden bit, has become the greatest source of power in the world today. And it's making people envious - everyone wants to get their hands on it, especially the Hackers (the Black Hats), network and systems experts who use their talents to break into the heart of our organizations and steal our data, destroying our information by injecting malware and vandalizing code. This master is a contribution to the enhancement of the University web site security through: the creation of a mirror site for the purpose of testing and development, the upgrade of the software packages used by the web site and the audit of the latter with state-of-the-art tools. Namely, we used the Zed Attack Proxy audit tool to detect and analyze the security vulnerabilities of the website that allow attacks such as Cross-Site Scripting (XSS). We then worked on immediate changes to the site to patch certain vulnerabilities and prevent possible attacks.