Web Security

The following tasks were performed as part of an assignment for "Application Security" course at New York University

Perform one attack that exploits a Cross-site scripting (XSS) vulnerability
Perform one attack that exploits a Cross-site request forgery (CSRF) vulnerability
Perform one attack that exploits an SQL injection vulnerability
Break a salted password using a dictionary and retrive the original password
Fix the vulnerabilities
Use Travis CI to perform regression tests
Write a bugs.txt explaining the bug code, payload used to exploit it and the fix.

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
GiftcardSite		GiftcardSite
LegacySite		LegacySite
images		images
part1		part1
part2		part2
templates		templates
.gitignore		.gitignore
.travis.yml		.travis.yml
HW2_Instructions.md		HW2_Instructions.md
LICENSE		LICENSE
README.md		README.md
import_dbs.py		import_dbs.py
import_dbs.sh		import_dbs.sh
manage.py		manage.py
products.csv		products.csv
requirements.txt		requirements.txt
users.csv		users.csv