Research, Testing, and Mitigation Solutions for Web Application Firewalls Evasion Techniques
Pietro Andorno
Research, Testing, and Mitigation Solutions for Web Application Firewalls Evasion Techniques.
Rel. Alessandro Savino, Nicolò Maunero. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2024
|
Preview |
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (3MB) | Preview |
Abstract
In today's digital age, web application security is a priority for organizations of all sizes and industries. Web Application Firewalls (WAFs) are a critical component in defending web applications against threats and attacks. However, like all security tools, they are subject to different evasion techniques that put the security of web applications and sensitive data at risk. This thesis addresses the challenge of WAFs evasion techniques through a combination of research, experimentation and development of mitigation solutions. The first part of this thesis will introduce web applications security describing some of the most common vulnerabilities that can affect them such as SQL injection and Cross-Site Scripting (XSS).
Then, we will see how Web Application Firewalls can be used to stop attackers from exploiting some of those vulnerabilities while waiting for the developers to patch them
Tipo di pubblicazione
URI
 |
Modifica (riservato agli operatori) |
