Internet applications are interactive services that are used to perform
tasks over the internet. These applications can be either server-based
or client-based. There are millions of Internet applications over the
web.
Over the past decade or so, the web has been embraced by millions of
businesses as an inexpensive channel to communicate and exchange
information with prospects and transactions with customers.
In particular, the web provides a way for marketers to get to know
the people visiting their sites and start communicating with them. One
way of doing this is asking web visitors to subscribe to newsletters, to
submit an application form when requesting information on products or
provide details to customize their browsing experience when next
visiting a particular website.From a technical view-point, the web is a highly programmable environment that allows mass customization through the immediate deployment of a large and diverse range of applications, to millions of global users. Two important components of a modern website are flexible web browsers and web applications; both available to all and sundry at no expense.
Web browsers are software applications that allow users to retrieve data and interact with content located on web pages within a website.
Today’s websites are a far cry from the static text and graphics showcases of the early and mid-nineties: modern web pages allow personalized dynamic content to be pulled down by users according to individual preferences and settings. Furthermore, web pages may also run client-side scripts that “change” the Internet browser into an interface for such applications as web mail and interactive mapping software (e.g., Yahoo Mail and Google Maps).
Web applications are, therefore, computer programs allowing website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser. The data is then presented to the user within their browser as information is generated dynamically.
Web applications, therefore, are a gateway to databases especially custom applications which are not developed with security best practices and which do not undergo regular security audits. In general, you need to answer the question: “Which parts of a website we thought are secure are open to hack attacks?” and “what data can we throw at an application to cause it to perform something it shouldn’t do?”.
This is the work of a web vulnerability scanner.
No hay comentarios.:
Publicar un comentario