vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pdf

Browse Source
This commit is contained in:
vasco
2026-05-30 22:02:31 +01:00
parent 21c9633755
commit bd0f136ccc
7 changed files with 636 additions and 497 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
relatorio/relatorio.aux
View File

@@ -6,34 +6,30 @@
\providecommand\HyField@AuxAddToFields[1]{}
\providecommand\HyField@AuxAddToCoFields[2]{}
\babel@aux{portuguese}{}
\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{4}{section.1}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {2}Arquitecture considered for both stages}{4}{section.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Network structure}{4}{subsection.2.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Servers}{4}{subsection.2.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}Services}{4}{subsection.2.3}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {3}Web application security testing}{6}{section.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Information Gathering}{6}{subsection.3.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Configuration and Deployment Management Testing}{6}{subsection.3.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Identity Management Testing}{6}{subsection.3.3}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{3}{section.1}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {2}Architecture Considered for Both Stages}{3}{section.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Network structure}{3}{subsection.2.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Servers}{3}{subsection.2.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}Services}{3}{subsection.2.3}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {3}Web application security testing}{3}{section.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Information Gathering}{3}{subsection.3.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Configuration and Deployment Management Testing}{4}{subsection.3.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Identity Management Testing}{4}{subsection.3.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.4}Authentication Testing}{6}{subsection.3.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.5}Authorization Testing}{6}{subsection.3.5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.6}Session Management Testing}{6}{subsection.3.6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.7}Input Validation Testing}{6}{subsection.3.7}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.8}Testing for Error Handling}{6}{subsection.3.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.9}Testing for Weak Cryptography}{6}{subsection.3.9}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.10}Business Logic Testing}{6}{subsection.3.10}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.11}Client Side Testing}{6}{subsection.3.11}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {4}Web application security firewall}{6}{section.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Information Gathering}{6}{subsection.4.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{6}{subsection.4.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{6}{subsection.4.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Authentication Testing}{6}{subsection.4.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.5}Authorization Testing}{6}{subsection.4.5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.6}Session Management Testing}{6}{subsection.4.6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{6}{subsection.4.7}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{6}{subsection.4.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.9}Testing for Weak Cryptography}{6}{subsection.4.9}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.10}Business Logic Testing}{6}{subsection.4.10}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.11}Client Side Testing}{6}{subsection.4.11}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusions}{6}{section.5}\protected@file@percent }
\gdef \@abspage@last{6}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.8}Testing for Error Handling}{7}{subsection.3.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.9}Client Side Testing}{7}{subsection.3.9}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {4}Web Application Security Firewall}{8}{section.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Information Gathering}{8}{subsection.4.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{8}{subsection.4.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{8}{subsection.4.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Authentication Testing}{8}{subsection.4.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.5}Authorization Testing}{8}{subsection.4.5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.6}Session Management Testing}{8}{subsection.4.6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{8}{subsection.4.7}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{8}{subsection.4.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.9}Client Side Testing}{8}{subsection.4.9}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusions}{8}{section.5}\protected@file@percent }
\gdef \@abspage@last{8}

3
relatorio/relatorio.listing
View File

@@ -1 +1,2 @@
openssl ca -revoke user.crt -config cheese.cfg -keyfile ca.key -cert ca.crt
{}
<img src="x" onerror="alert(localStorage.getItem('token'))">apple

1002
relatorio/relatorio.log
View File

File diff suppressed because it is too large Load Diff

30
relatorio/relatorio.out
View File

@@ -1,5 +1,5 @@
\BOOKMARK [1][-]{section.1}{\376\377\000I\000n\000t\000r\000o\000d\000u\000c\000t\000i\000o\000n}{}% 1
\BOOKMARK [1][-]{section.2}{\376\377\000A\000r\000q\000u\000i\000t\000e\000c\000t\000u\000r\000e\000\040\000c\000o\000n\000s\000i\000d\000e\000r\000e\000d\000\040\000f\000o\000r\000\040\000b\000o\000t\000h\000\040\000s\000t\000a\000g\000e\000s}{}% 2
\BOOKMARK [1][-]{section.2}{\376\377\000A\000r\000c\000h\000i\000t\000e\000c\000t\000u\000r\000e\000\040\000C\000o\000n\000s\000i\000d\000e\000r\000e\000d\000\040\000f\000o\000r\000\040\000B\000o\000t\000h\000\040\000S\000t\000a\000g\000e\000s}{}% 2
\BOOKMARK [2][-]{subsection.2.1}{\376\377\000N\000e\000t\000w\000o\000r\000k\000\040\000s\000t\000r\000u\000c\000t\000u\000r\000e}{section.2}% 3
\BOOKMARK [2][-]{subsection.2.2}{\376\377\000S\000e\000r\000v\000e\000r\000s}{section.2}% 4
\BOOKMARK [2][-]{subsection.2.3}{\376\377\000S\000e\000r\000v\000i\000c\000e\000s}{section.2}% 5
@@ -12,19 +12,15 @@
\BOOKMARK [2][-]{subsection.3.6}{\376\377\000S\000e\000s\000s\000i\000o\000n\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.3}% 12
\BOOKMARK [2][-]{subsection.3.7}{\376\377\000I\000n\000p\000u\000t\000\040\000V\000a\000l\000i\000d\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.3}% 13
\BOOKMARK [2][-]{subsection.3.8}{\376\377\000T\000e\000s\000t\000i\000n\000g\000\040\000f\000o\000r\000\040\000E\000r\000r\000o\000r\000\040\000H\000a\000n\000d\000l\000i\000n\000g}{section.3}% 14
\BOOKMARK [2][-]{subsection.3.9}{\376\377\000T\000e\000s\000t\000i\000n\000g\000\040\000f\000o\000r\000\040\000W\000e\000a\000k\000\040\000C\000r\000y\000p\000t\000o\000g\000r\000a\000p\000h\000y}{section.3}% 15
\BOOKMARK [2][-]{subsection.3.10}{\376\377\000B\000u\000s\000i\000n\000e\000s\000s\000\040\000L\000o\000g\000i\000c\000\040\000T\000e\000s\000t\000i\000n\000g}{section.3}% 16
\BOOKMARK [2][-]{subsection.3.11}{\376\377\000C\000l\000i\000e\000n\000t\000\040\000S\000i\000d\000e\000\040\000T\000e\000s\000t\000i\000n\000g}{section.3}% 17
\BOOKMARK [1][-]{section.4}{\376\377\000W\000e\000b\000\040\000a\000p\000p\000l\000i\000c\000a\000t\000i\000o\000n\000\040\000s\000e\000c\000u\000r\000i\000t\000y\000\040\000f\000i\000r\000e\000w\000a\000l\000l}{}% 18
\BOOKMARK [2][-]{subsection.4.1}{\376\377\000I\000n\000f\000o\000r\000m\000a\000t\000i\000o\000n\000\040\000G\000a\000t\000h\000e\000r\000i\000n\000g}{section.4}% 19
\BOOKMARK [2][-]{subsection.4.2}{\376\377\000C\000o\000n\000f\000i\000g\000u\000r\000a\000t\000i\000o\000n\000\040\000a\000n\000d\000\040\000D\000e\000p\000l\000o\000y\000m\000e\000n\000t\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 20
\BOOKMARK [2][-]{subsection.4.3}{\376\377\000I\000d\000e\000n\000t\000i\000t\000y\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 21
\BOOKMARK [2][-]{subsection.4.4}{\376\377\000A\000u\000t\000h\000e\000n\000t\000i\000c\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 22
\BOOKMARK [2][-]{subsection.4.5}{\376\377\000A\000u\000t\000h\000o\000r\000i\000z\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 23
\BOOKMARK [2][-]{subsection.4.6}{\376\377\000S\000e\000s\000s\000i\000o\000n\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 24
\BOOKMARK [2][-]{subsection.4.7}{\376\377\000I\000n\000p\000u\000t\000\040\000V\000a\000l\000i\000d\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 25
\BOOKMARK [2][-]{subsection.4.8}{\376\377\000T\000e\000s\000t\000i\000n\000g\000\040\000f\000o\000r\000\040\000E\000r\000r\000o\000r\000\040\000H\000a\000n\000d\000l\000i\000n\000g}{section.4}% 26
\BOOKMARK [2][-]{subsection.4.9}{\376\377\000T\000e\000s\000t\000i\000n\000g\000\040\000f\000o\000r\000\040\000W\000e\000a\000k\000\040\000C\000r\000y\000p\000t\000o\000g\000r\000a\000p\000h\000y}{section.4}% 27
\BOOKMARK [2][-]{subsection.4.10}{\376\377\000B\000u\000s\000i\000n\000e\000s\000s\000\040\000L\000o\000g\000i\000c\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 28
\BOOKMARK [2][-]{subsection.4.11}{\376\377\000C\000l\000i\000e\000n\000t\000\040\000S\000i\000d\000e\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 29
\BOOKMARK [1][-]{section.5}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s}{}% 30
\BOOKMARK [2][-]{subsection.3.9}{\376\377\000C\000l\000i\000e\000n\000t\000\040\000S\000i\000d\000e\000\040\000T\000e\000s\000t\000i\000n\000g}{section.3}% 15
\BOOKMARK [1][-]{section.4}{\376\377\000W\000e\000b\000\040\000A\000p\000p\000l\000i\000c\000a\000t\000i\000o\000n\000\040\000S\000e\000c\000u\000r\000i\000t\000y\000\040\000F\000i\000r\000e\000w\000a\000l\000l}{}% 16
\BOOKMARK [2][-]{subsection.4.1}{\376\377\000I\000n\000f\000o\000r\000m\000a\000t\000i\000o\000n\000\040\000G\000a\000t\000h\000e\000r\000i\000n\000g}{section.4}% 17
\BOOKMARK [2][-]{subsection.4.2}{\376\377\000C\000o\000n\000f\000i\000g\000u\000r\000a\000t\000i\000o\000n\000\040\000a\000n\000d\000\040\000D\000e\000p\000l\000o\000y\000m\000e\000n\000t\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 18
\BOOKMARK [2][-]{subsection.4.3}{\376\377\000I\000d\000e\000n\000t\000i\000t\000y\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 19
\BOOKMARK [2][-]{subsection.4.4}{\376\377\000A\000u\000t\000h\000e\000n\000t\000i\000c\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 20
\BOOKMARK [2][-]{subsection.4.5}{\376\377\000A\000u\000t\000h\000o\000r\000i\000z\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 21
\BOOKMARK [2][-]{subsection.4.6}{\376\377\000S\000e\000s\000s\000i\000o\000n\000\040\000M\000a\000n\000a\000g\000e\000m\000e\000n\000t\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 22
\BOOKMARK [2][-]{subsection.4.7}{\376\377\000I\000n\000p\000u\000t\000\040\000V\000a\000l\000i\000d\000a\000t\000i\000o\000n\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 23
\BOOKMARK [2][-]{subsection.4.8}{\376\377\000T\000e\000s\000t\000i\000n\000g\000\040\000f\000o\000r\000\040\000E\000r\000r\000o\000r\000\040\000H\000a\000n\000d\000l\000i\000n\000g}{section.4}% 24
\BOOKMARK [2][-]{subsection.4.9}{\376\377\000C\000l\000i\000e\000n\000t\000\040\000S\000i\000d\000e\000\040\000T\000e\000s\000t\000i\000n\000g}{section.4}% 25
\BOOKMARK [1][-]{section.5}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s}{}% 26

BIN
relatorio/relatorio.pdf
View File

Binary file not shown.

BIN
relatorio/relatorio.synctex.gz Normal file
View File

Binary file not shown.

48
relatorio/relatorio.toc
View File

@@ -1,31 +1,27 @@
\babel@toc {portuguese}{}\relax
\contentsline {section}{\numberline {1}Introduction}{4}{section.1}%
\contentsline {section}{\numberline {2}Arquitecture considered for both stages}{4}{section.2}%
\contentsline {subsection}{\numberline {2.1}Network structure}{4}{subsection.2.1}%
\contentsline {subsection}{\numberline {2.2}Servers}{4}{subsection.2.2}%
\contentsline {subsection}{\numberline {2.3}Services}{4}{subsection.2.3}%
\contentsline {section}{\numberline {3}Web application security testing}{6}{section.3}%
\contentsline {subsection}{\numberline {3.1}Information Gathering}{6}{subsection.3.1}%
\contentsline {subsection}{\numberline {3.2}Configuration and Deployment Management Testing}{6}{subsection.3.2}%
\contentsline {subsection}{\numberline {3.3}Identity Management Testing}{6}{subsection.3.3}%
\contentsline {section}{\numberline {1}Introduction}{3}{section.1}%
\contentsline {section}{\numberline {2}Architecture Considered for Both Stages}{3}{section.2}%
\contentsline {subsection}{\numberline {2.1}Network structure}{3}{subsection.2.1}%
\contentsline {subsection}{\numberline {2.2}Servers}{3}{subsection.2.2}%
\contentsline {subsection}{\numberline {2.3}Services}{3}{subsection.2.3}%
\contentsline {section}{\numberline {3}Web application security testing}{3}{section.3}%
\contentsline {subsection}{\numberline {3.1}Information Gathering}{3}{subsection.3.1}%
\contentsline {subsection}{\numberline {3.2}Configuration and Deployment Management Testing}{4}{subsection.3.2}%
\contentsline {subsection}{\numberline {3.3}Identity Management Testing}{4}{subsection.3.3}%
\contentsline {subsection}{\numberline {3.4}Authentication Testing}{6}{subsection.3.4}%
\contentsline {subsection}{\numberline {3.5}Authorization Testing}{6}{subsection.3.5}%
\contentsline {subsection}{\numberline {3.6}Session Management Testing}{6}{subsection.3.6}%
\contentsline {subsection}{\numberline {3.7}Input Validation Testing}{6}{subsection.3.7}%
\contentsline {subsection}{\numberline {3.8}Testing for Error Handling}{6}{subsection.3.8}%
\contentsline {subsection}{\numberline {3.9}Testing for Weak Cryptography}{6}{subsection.3.9}%
\contentsline {subsection}{\numberline {3.10}Business Logic Testing}{6}{subsection.3.10}%
\contentsline {subsection}{\numberline {3.11}Client Side Testing}{6}{subsection.3.11}%
\contentsline {section}{\numberline {4}Web application security firewall}{6}{section.4}%
\contentsline {subsection}{\numberline {4.1}Information Gathering}{6}{subsection.4.1}%
\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{6}{subsection.4.2}%
\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{6}{subsection.4.3}%
\contentsline {subsection}{\numberline {4.4}Authentication Testing}{6}{subsection.4.4}%
\contentsline {subsection}{\numberline {4.5}Authorization Testing}{6}{subsection.4.5}%
\contentsline {subsection}{\numberline {4.6}Session Management Testing}{6}{subsection.4.6}%
\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{6}{subsection.4.7}%
\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{6}{subsection.4.8}%
\contentsline {subsection}{\numberline {4.9}Testing for Weak Cryptography}{6}{subsection.4.9}%
\contentsline {subsection}{\numberline {4.10}Business Logic Testing}{6}{subsection.4.10}%
\contentsline {subsection}{\numberline {4.11}Client Side Testing}{6}{subsection.4.11}%
\contentsline {section}{\numberline {5}Conclusions}{6}{section.5}%
\contentsline {subsection}{\numberline {3.8}Testing for Error Handling}{7}{subsection.3.8}%
\contentsline {subsection}{\numberline {3.9}Client Side Testing}{7}{subsection.3.9}%
\contentsline {section}{\numberline {4}Web Application Security Firewall}{8}{section.4}%
\contentsline {subsection}{\numberline {4.1}Information Gathering}{8}{subsection.4.1}%
\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{8}{subsection.4.2}%
\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{8}{subsection.4.3}%
\contentsline {subsection}{\numberline {4.4}Authentication Testing}{8}{subsection.4.4}%
\contentsline {subsection}{\numberline {4.5}Authorization Testing}{8}{subsection.4.5}%
\contentsline {subsection}{\numberline {4.6}Session Management Testing}{8}{subsection.4.6}%
\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{8}{subsection.4.7}%
\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{8}{subsection.4.8}%
\contentsline {subsection}{\numberline {4.9}Client Side Testing}{8}{subsection.4.9}%
\contentsline {section}{\numberline {5}Conclusions}{8}{section.5}%