- Security Testing - Home
- Security Testing - Overview
- Security Testing - Process
- Security Testing - Malicious Software
- HTTP Protocol Basics
- HTTPS Protocol Basics
- Encoding and Decoding
- Security Testing - Cryptography
- Security Testing - Same Origin Policy
- Security Testing - Cookies
- Hacking Web Applications
- Security Testing - Injection
- Testing Broken Authentication
- Testing Cross Site Scripting
- Insecure Direct Object Reference
- Testing Security Misconfiguration
- Testing Sensitive Data Exposure
- Missing Function Level Access Control
- Cross Site Request Forgery
- Components with Vulnerabilities
- Unvalidated Redirects and Forwards
- Security Testing - Ajax Security
- Testing Security - Web Service
- Security Testing - Buffer Overflows
- Security Testing - Denial of Service
- Testing Malicious File Execution
- Security Testing - Automation Tools
Security Testing - Malacious Software
Malicious software (malware) is any software that gives partial to full control of the system to the attacker/malware creator. Various forms of Malware are listed below :
Viruses - Virus, a self inserting copies of itself into other computer programs into data file or the boot sector of the hard drive. Upon succesful replication, viruses cause harmful activity on infected hosts such as stealing hard disk space or CPU time.
Worms - A worm is a type of malware which leaves a copy of itself in the memory of each computer in its path.
Trojans - Trojan, non-self-replicating type of malware that contains malicious code which upon execution results in loss or theft of data or possible system harm
Adware Adware also known as freeware or pitchware is a free computer software that contains commercial advertisements that include games, desktop toolbars and utilities. It is a Web-based app and collects Web browser data to target advertisements especially pop-ups.
Spyware - Spyware is infiltration software that anonymously monitors users which enables a hacker to obtain sensitive information from the user's computer. Spyware exploits users and application vulnerabilities that is quite often attached to free online software downloads or to links that are clicked by users.
Root kit - A rootkit is a software used by a hacker to gain admin level access to a computer/network which is installed through a stolen password or by exploiting a system vulnerability without the victim's knowledge.
Preventing Measures:
Ensure that the operating system and any program you are using is upto date with patches/updates.
DONOT open strange e-mails, especially ones with attachments which might be any of the malware as mentioned above.
When downloaded from internet, always check what you install. Do not simply click OK to dismiss pop-up windows. Verify the publisher before you install them.
Install anti-virus software; and also ensure you scan and update them regularly. In most cases anti-virus programs remove and prevent viruses, worms, trojans, and some spyware.
Anti Malware Softwares
Microsoft Security Essentials
Microsoft Windows Defender
AVG Internet Security
Spybot - Search & Destroy
Avast! Home Edition for personal use
Panda Internet Security
MacScan for Mac OS and Mac OS X