0% found this document useful (0 votes)

97 views

Developer Report

The document provides a summary of a website security scan. It found 22 alerts total, including 4 high severity issues. The high severity issues allow directory traversal, expose error messages containing sensitive information, send user credentials in clear text, and could enable a slow HTTP denial of service attack. The document lists files, technologies, and other details discovered on the site to help understand its structure and potential vulnerabilities.

Uploaded by

Santosh Basnet

Available Formats

Download as RTF, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

97 views

Developer Report

Uploaded by

Santosh Basnet

Available Formats

Download as RTF, PDF, TXT or read online on Scribd

You are on page 1/ 33

Acunetix Website Audit

18 June, 2019

Developer Report

Generated by Acunetix WVS Reporter (v10.5 Build 20160217)

Scan of http://192.168.1.67:8080/
Scan details

Scan information
Start time 6/18/2019 11:38:38 AM
Finish time 6/18/2019 11:42:22 AM
Scan time 3 minutes, 44 seconds
Profile Default
Server information
Responsive True
Server banner GlassFish Server Open Source Edition 4.1
Server OS Unknown

Threat level
Acunetix Threat Level 3
One or more high-severity type vulnerabilities have been discovered by the
scanner. A malicious user can exploit these vulnerabilities and compromise the
backend database and/or deface your website.

Alerts distribution

Total alerts 22
found
High 4
Medium 8
Low 0
Information 10
al

Knowledge base
List of file extensions
File extensions can provide information on what technologies are being used on this website.
List of file extensions detected:

- xhtml => 1 file(s)

- css => 2 file(s)
- js => 2 file(s)
- woff2 => 1 file(s)
- jsp => 1 file(s)
List of client scripts
These files contain Javascript code referenced from the website.

- /faces/javax.faces.resource/watermark/watermark.js
- /faces/javax.faces.resource/jsf.js
- /faces/javax.faces.resource/jquery/jquery.js
- /faces/javax.faces.resource/jquery/jquery-plugins.js
- /faces/javax.faces.resource/core.js
- /faces/javax.faces.resource/components.js
- /js/jquery.validate.js
- /js/form.validator.js
List of files with inputs
These files have at least one input (GET or POST).
Acunetix Website Audit 2

- / - 4 inputs
- /faces/pages/login.xhtml - 1 inputs
- /fonts/fontawesome-webfont.woff2 - 1 inputs
List of authentication pages
This is a list of pages that require HTTP authentication.

- /j_security_check

Alerts summary

Directory traversal
Classification
CVSS Base Score: 6.8

- Access Vector: Network

- Access Complexity: Medium
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: Partial
- Availability Impact: Partial
CVSS3 Base Score: 5.3

Apache JServ protocol service

Classification
CVSS Base Score: 0.0

Error message on page

Classification
CVSS Base Score: 5.0

- Access Vector: Network

- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: None
- Availability Impact: None
CVSS3 Base Score: 7.5

Slow HTTP Denial of Service Attack

Classification
CVSS3 Base Score: 5.3

User credentials are sent in clear text

Classification
CVSS Base Score: 5.0

- Access Vector: Network

- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: None
- Availability Impact: None
CVSS3 Base Score: 9.1

Broken links
Classification
CVSS Base Score: 0.0

- Access Vector: Network

- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: None
CWE CWE-16
Affected items Variation
/faces/javax.faces.resource/components.css s
1
/faces/javax.faces.resource/components.js 1
/faces/javax.faces.resource/core.js 1
/faces/javax.faces.resource/jquery/jquery.js 1
/faces/javax.faces.resource/jquery/jquery-plugins.js 1
/faces/javax.faces.resource/jsf.js 1
/faces/javax.faces.resource/theme.css 1
/faces/javax.faces.resource/watermark/watermark.css 1
/faces/javax.faces.resource/watermark/watermark.js 1

Acunetix Website Audit 5

Possible username or password disclosure

Classification
CVSS Base Score: 5.0

- Access Vector: Network

- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: None
- Availability Impact: None
CVSS3 Base Score: 7.5

Alert details

Directory traversal

Severity High
Type Validation
Reported by Scripting (Server_Directory_Traversal.script)
module
Description
This script is possibly vulnerable to directory traversal attacks.

Directory Traversal is a vulnerability which allows attackers to access restricted directories and execute
commands outside of the web server's root directory.
Impact
By exploiting directory traversal vulnerabilities, attackers step out of the root directory and access files in
other directories. As a result, attackers might view restricted files or execute commands, leading to a full
compromise of the Web server.
Recommendation
Your script should filter metacharacters from user input.
References
Acunetix Directory Traversal Attacks
Affected items

/css
Details
This file was found using the pattern ${dirName}/%C0%AE%C0%AE/WEB-INF/web.xml?.
Original directory: /css
Directory traversal pattern found: <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-
app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<context-param>
<param-name>javax.faces.application.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>



<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
Acunetix Website Audit 7
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>
org.primefaces.webapp.filter.FileUploadFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>

<filter>
<filter-name>XSSFilter</filter-name>
<filter-class>com.f1soft.fonebank.adminweb.controllerbean.XSSFilter</filter-class>
</filter>
<filter>
<filter-name>ClickjackingPreventionFilter</filter-name>
<filter-class>com.f1soft.fonebank.adminweb.controllerbean.ClickjackingPreventionFilter</filter-
class>
</filter>

<filter-mapping>
<filter-name>XSSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ClickjackingPreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<context-param>
<param-name>uploadDirectory</param-name>
<param-value>E:/uploaded file</param-value>
</context-param>

<context-param>
<param-
name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
<param-value>true</param-value>
</context-param>


<session-config>
<session-timeout>
10
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/pages/login.xhtml</welcome-file>
</welcome-file-list>
<listener>
<listener-class>
com.sun.faces.config.ConfigureListener
</listener-class>
</listener>
</web-app>
Acunetix Website Audit 8
Request headers
GET /css/%C0%AE%C0%AE/WEB-INF/web.xml? HTTP/1.1
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/fonts
Details
This file was found using the pattern ${dirName}/%C0%AE%C0%AE/WEB-INF/web.xml?.
Original directory: /fonts
Directory traversal pattern found: <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-
app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<context-param>
<param-name>javax.faces.application.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>



<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>
org.primefaces.webapp.filter.FileUploadFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>

<filter>
Acunetix Website Audit 9

<filter-name>XSSFilter</filter-name>
<filter-class>com.f1soft.fonebank.adminweb.controllerbean.XSSFilter</filter-class>
</filter>
<filter>
<filter-name>ClickjackingPreventionFilter</filter-name>
<filter-class>com.f1soft.fonebank.adminweb.controllerbean.ClickjackingPreventionFilter</filter-
class>
</filter>

<context-param>
<param-name>uploadDirectory</param-name>
<param-value>E:/uploaded file</param-value>
</context-param>

<context-param>
<param-
name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
<param-value>true</param-value>
</context-param>


<session-config>
<session-timeout>
10
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/pages/login.xhtml</welcome-file>
</welcome-file-list>
<listener>
<listener-class>
com.sun.faces.config.ConfigureListener
</listener-class>
</listener>
</web-app>
Request headers
GET /fonts/%C0%AE%C0%AE/WEB-INF/web.xml? HTTP/1.1
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/images
Details
This file was found using the pattern ${dirName}/%C0%AE%C0%AE/WEB-INF/web.xml?.
Original directory: /images
Directory traversal pattern found: <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-
app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
Acunetix Website Audit 10
</context-param>
<context-param>
<param-name>javax.faces.application.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>



<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>

<context-param>
<param-name>uploadDirectory</param-name>
<param-value>E:/uploaded file</param-value>
</context-param>
Acunetix Website Audit 11
<context-param>
<param-
name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
<param-value>true</param-value>
</context-param>


<session-config>
<session-timeout>
10
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/pages/login.xhtml</welcome-file>
</welcome-file-list>
<listener>
<listener-class>
com.sun.faces.config.ConfigureListener
</listener-class>
</listener>
</web-app>
Request headers
GET /images/%C0%AE%C0%AE/WEB-INF/web.xml? HTTP/1.1
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/js
Details
This file was found using the pattern ${dirName}/%C0%AE%C0%AE/WEB-INF/web.xml?.
Original directory: /js
Directory traversal pattern found: <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-
app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<context-param>
<param-name>javax.faces.application.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>



<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
Acunetix Website Audit 12
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>
org.primefaces.webapp.filter.FileUploadFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>

<context-param>
<param-name>uploadDirectory</param-name>
<param-value>E:/uploaded file</param-value>
</context-param>

<context-param>
<param-
name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
<param-value>true</param-value>
</context-param>


<session-config>
<session-timeout>
10
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/pages/login.xhtml</welcome-file>
</welcome-file-list>
<listener>
<listener-class>
Acunetix Website Audit 13
com.sun.faces.config.ConfigureListener
</listener-class>
</listener>
</web-app>
Request headers
GET /js/%C0%AE%C0%AE/WEB-INF/web.xml? HTTP/1.1
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Acunetix Website Audit 14

Apache JServ protocol service

Severity Medium
Type Configuration
Reported by Scripting (AJP_Audit.script)
module
Description
The Apache JServ Protocol (AJP) is a binary protocol that can proxy inbound requests from a web server
through to an application server that sits behind the web server. It's not recommended to have AJP
services publicly accessible on the internet. If AJP is misconfigured it could allow an attacker to access to
internal resources.
Impact
No impact is associated with this alert.
Recommendation
It's recommended to restrict access to this service on production systems.
References
The Apache Tomcat Connector
Affected items

Server
Details
The AJP service is running on TCP port 8009.
Acunetix Website Audit 15

Error message on page

Severity Medium
Type Validation
Reported by Scripting (Text_Search_Dir.script)
module
Description
This page contains an error/warning message that may disclose sensitive information. The message can
also contain the location of the file that produced the unhandled exception.

This may be a false positive if the error message is found in documentation pages.
Impact
The error messages may disclose sensitive information. This information can be used to launch further
attacks.
Recommendation
Review the source code for this script.
References
PHP Runtime Configuration
Affected items

/bea_wls_internal/classes
Details
Pattern found: Exception reportmessageInternal Server
ErrordescriptionThe server encountered an internal error that prevented it from
fulfilling this request.exception
<pre>java.lang.IllegalStateException</pre>note The full stack traces of the
exception and its root causes are available in the GlassFish Server Open Source Edition 4.1
logs.<hr/><h3>GlassFish
Request headers Server Open Source Edition 4.1 </h3></body></html>[/ ... (line
GET /bea_wls_internal/classes/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/bea_wls_internal/classes
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/css
Details
Pattern found: Exception reportmessageInternal Server
ErrordescriptionThe server encountered an internal error that prevented it from
fulfilling this request.exception
<pre>java.lang.IllegalStateException</pre>note The full stack traces of the
exception and its root causes are available in the GlassFish Server Open Source Edition 4.1
logs.<hr/><h3>GlassFish
Request headers Server Open Source Edition 4.1 </h3></body></html>[/ ... (line
GET /css/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/css/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Acunetix Website Audit 16

Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/fonts
Details
Pattern found: Exception reportmessageInternal Server
ErrordescriptionThe server encountered an internal error that prevented it from
fulfilling this request.exception
<pre>java.lang.IllegalStateException</pre>note The full stack traces of the
exception and its root causes are available in the GlassFish Server Open Source Edition 4.1
logs.<hr/><h3>GlassFish
Request headers Server Open Source Edition 4.1 </h3></body></html>[/ ... (line
GET /fonts/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/fonts/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/images
Details
Pattern found: Exception reportmessageInternal Server
ErrordescriptionThe server encountered an internal error that prevented it from
fulfilling this request.exception
<pre>java.lang.IllegalStateException</pre>note The full stack traces of the
exception and its root causes are available in the GlassFish Server Open Source Edition 4.1
logs.<hr/><h3>GlassFish
Request headers Server Open Source Edition 4.1 </h3></body></html>[/ ... (line
GET /images/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/images/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/js
Details
Pattern found: Exception reportmessageInternal Server
ErrordescriptionThe server encountered an internal error that prevented it from
fulfilling this request.exception
<pre>java.lang.IllegalStateException</pre>note The full stack traces of the
exception and its root causes are available in the GlassFish Server Open Source Edition 4.1
logs.<hr/><h3>GlassFish
Request headers Server Open Source Edition 4.1 </h3></body></html>[/ ... (line
GET /js/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/js/
Acunetix Website Audit 17

Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Acunetix Website Audit 18

Slow HTTP Denial of Service Attack

Severity Medium
Type Configuration
Reported by Slow_HTTP_DOS
module
Description
Your web server is vulnerable to Slow HTTP DoS (Denial of Service) attacks.

Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires
requests to be completely received by the server before they are processed. If an HTTP request is not
complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the
data. If the server keeps too many resources busy, this creates a denial of service.
Impact
A single machine can take down another machine's web server with minimal bandwidth and side effects
on unrelated services and ports.
Recommendation
Consult Web references for information about protecting your web server against this type of attack.
References
Protect Apache Against Slowloris Attack
Slowloris DOS Mitigation Guide
Slowloris HTTP DoS
Affected items

Web Server
Details
Time difference between connections: 10000 ms

Acunetix Website Audit 19

User credentials are sent in clear text

Severity Medium
Type Configuration
Reported by Crawler
module
Description
User credentials are transmitted over an unencrypted channel. This information should always be
transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.
Impact
A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.
Recommendation
Because user credentials are considered sensitive information, should always be transferred to the server
over an encrypted connection (HTTPS).

Affected items

/
Details
Form name: loginForm
Form action: http://192.168.1.67:8080/faces/pages/login.xhtml
Form method: POST

Form inputs:

- loginForm [Hidden]
- somefakename [Text]
- loginForm:username [Text]
- anotherfakename [Password]
- loginForm:password [Password]
- loginForm:ajax [Submit]
- javax.faces.ViewState [Hidden]
Request headers
GET / HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

Acunetix Website Audit 20

Broken links

Severity Informational
Type Informational
Reported by Crawler
module
Description
A broken link refers to any link that should take you to a document, image or webpage, that actually
results in an error. This page was linked from the website but it is inaccessible.
Impact
Problems navigating the site.
Recommendation
Remove the links to this file or make it accessible.

Affected items

/faces/javax.faces.resource/components.css
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/components.css HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/components.js
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/components.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/core.js

Acunetix Website Audit 21

Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/core.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/jquery/jquery.js
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/jquery/jquery.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/jquery/jquery-plugins.js
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/jquery/jquery-plugins.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/jsf.js
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
Acunetix Website Audit 22
GET /faces/javax.faces.resource/jsf.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/theme.css
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/theme.css HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/watermark/watermark.css
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/watermark/watermark.css HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*

/faces/javax.faces.resource/watermark/watermark.js
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as
"Not Found") > select Referrers Tab from the bottom of the Information pane.
Request headers
GET /faces/javax.faces.resource/watermark/watermark.js HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix Website Audit 23
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Acunetix Website Audit 24

Possible username or password disclosure

Severity Informational
Type Informational
Reported by Scripting (Text_Search_File.script)
module
Description
A username and/or password was found in this file. This information could be sensitive.

This alert may be a false positive, manual confirmation is required.

Impact
Possible sensitive information disclosure.
Recommendation
Remove this file from your website or change its permissions to remove access.

Affected items

/css/font-awesome.min.css
Details
Pattern found: pass:before
Request headers
GET /css/font-awesome.min.css HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://192.168.1.67:8080/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=925e86be77cb8bf0cd49eb580889
Host: 192.168.1.67:8080
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko)
Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Acunetix Website Audit 25

Scanned items (coverage report)

Scanned 31 URLs. Found 16 vulnerable.

URL: http://192.168.1.67:8080/
Vulnerabilities have been identified for this URL
6 input(s) found for this URL
Inputs
Input scheme 1
Input name Input type
/ Path Fragment (suffix /)
Input scheme 2
Input name Input type
/ Path Fragment
/ Path Fragment
Input scheme 3
Input name Input type
/ Path Fragment (suffix /)
/ Path Fragment (suffix /)
Input scheme 4
Input name Input type
Host HTTP Header
URL: http://192.168.1.67:8080/faces
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/pages
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/pages/login.xhtml
No vulnerabilities have been identified for this URL
7 input(s) found for this URL
Inputs
Input scheme 1
Input name Input type
URL encoded POST
anotherfakename URL encoded POST
javax.faces.ViewState URL encoded POST
loginForm URL encoded POST
loginForm:password URL encoded POST
loginForm:username URL encoded POST
somefakename URL encoded POST
URL: http://192.168.1.67:8080/faces/javax.faces.resource
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/theme.css
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/components.css
Vulnerabilities have been identified for this URL
No input(s) found for this URL

Acunetix Website Audit 26

URL: http://192.168.1.67:8080/faces/javax.faces.resource/watermark
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/watermark/watermark.css
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/watermark/watermark.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/jsf.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/jquery
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/jquery/jquery.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/jquery/jquery-plugins.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/core.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/faces/javax.faces.resource/components.js
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/images/
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/css/
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/css/mainStyler.css
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/css/font-awesome.min.css
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/js/
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/js/jquery.validate.js
No vulnerabilities have been identified for this URL
No input(s) found for this URL

Acunetix Website Audit 27

URL: http://192.168.1.67:8080/js/form.validator.js
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/fonts/
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/fonts/fontawesome-webfont.woff2
No vulnerabilities have been identified for this URL
1 input(s) found for this URL
Inputs
Input scheme 1
Input name Input type
v URL encoded GET
URL: http://192.168.1.67:8080/META-INF/
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/WEB-INF/
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/bea_wls_internal
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/bea_wls_internal/classes/
Vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/j_security_check
No vulnerabilities have been identified for this URL
No input(s) found for this URL
URL: http://192.168.1.67:8080/index.jsp
No vulnerabilities have been identified for this URL
No input(s) found for this URL

Acunetix Website Audit 28

Finlatics - Project 1
100% (1)
Finlatics - Project 1
10 pages
Advanced Web Attacks and Exploitation: Offensive Security
100% (1)
Advanced Web Attacks and Exploitation: Offensive Security
9 pages
Web Vuln
No ratings yet
Web Vuln
26 pages
Summative Css 11 - Q2 1
100% (2)
Summative Css 11 - Q2 1
3 pages
Developer Report: Acunetix Website Audit 19 November, 2018
No ratings yet
Developer Report: Acunetix Website Audit 19 November, 2018
30 pages
Testphp Acunetics PDF
No ratings yet
Testphp Acunetics PDF
98 pages
Acunetix Test Report
No ratings yet
Acunetix Test Report
16 pages
Executive Report
No ratings yet
Executive Report
79 pages
Developer Report1 PDF
No ratings yet
Developer Report1 PDF
15 pages
Site Audit Report
No ratings yet
Site Audit Report
31 pages
Acuetix Swastik
No ratings yet
Acuetix Swastik
89 pages
!DOCTYPE HTML PUBLIC - W3CDTD HTML 4.01 TransitionalEN - 20231028 - 014819 - 0000
No ratings yet
!DOCTYPE HTML PUBLIC - W3CDTD HTML 4.01 TransitionalEN - 20231028 - 014819 - 0000
12 pages
Comparative Study of Web Application Penetration Testing Tools
No ratings yet
Comparative Study of Web Application Penetration Testing Tools
5 pages
Domain Centric Security
No ratings yet
Domain Centric Security
22 pages
Is Your Website Hackable?: Check With
No ratings yet
Is Your Website Hackable?: Check With
4 pages
Acunetix
No ratings yet
Acunetix
72 pages
AWS Manual
No ratings yet
AWS Manual
53 pages
How Do I Shot Web
No ratings yet
How Do I Shot Web
82 pages
HSE Local Report 172.16.1.48
No ratings yet
HSE Local Report 172.16.1.48
3 pages
Is Your Website Hackable?: Check With Acunetix Web Vulnerability Scanner
No ratings yet
Is Your Website Hackable?: Check With Acunetix Web Vulnerability Scanner
3 pages
Is Your Website Hackable?: Check With Acunetix Web Vulnerability Scanner
No ratings yet
Is Your Website Hackable?: Check With Acunetix Web Vulnerability Scanner
3 pages
Acunetix v12: Is Your Website Hackable?
No ratings yet
Acunetix v12: Is Your Website Hackable?
32 pages
Acunetix 2020 Web Application Vulnerability Report
No ratings yet
Acunetix 2020 Web Application Vulnerability Report
27 pages
Developer Example
No ratings yet
Developer Example
87 pages
Is Your Website Hackable?: 70% Are. Detect and Action With Acunetix
No ratings yet
Is Your Website Hackable?: 70% Are. Detect and Action With Acunetix
4 pages
0000
No ratings yet
0000
8 pages
Week10 P
No ratings yet
Week10 P
37 pages
v11 Product Manual
No ratings yet
v11 Product Manual
47 pages
accunetix
No ratings yet
accunetix
103 pages
Acunetix Standard and Premium Quick Start Guide F
No ratings yet
Acunetix Standard and Premium Quick Start Guide F
11 pages
Acunetix V11 Brochure
No ratings yet
Acunetix V11 Brochure
4 pages
Developer Https Online Assessment Apidataserv Com Login
No ratings yet
Developer Https Online Assessment Apidataserv Com Login
18 pages
Developer HTTP Testphp Vulnweb Com
No ratings yet
Developer HTTP Testphp Vulnweb Com
188 pages
Sample DRDIS
No ratings yet
Sample DRDIS
34 pages
Recon
No ratings yet
Recon
4 pages
Padding Oracle Test
No ratings yet
Padding Oracle Test
4 pages
Copyright of Bangladesh Scan Result
No ratings yet
Copyright of Bangladesh Scan Result
65 pages
ETHICAL HACKING Web Security.
No ratings yet
ETHICAL HACKING Web Security.
25 pages
Topic 6 - Web Applications Security
No ratings yet
Topic 6 - Web Applications Security
36 pages
Top Ten Web Attacks: Saumil Shah Net-Square
No ratings yet
Top Ten Web Attacks: Saumil Shah Net-Square
46 pages
Plantilla Reporte Certificación
No ratings yet
Plantilla Reporte Certificación
156 pages
ETI - PPT (Application Hacking) (Autosaved)
No ratings yet
ETI - PPT (Application Hacking) (Autosaved)
7 pages
03 - Web Application Penetration Testing (1)
No ratings yet
03 - Web Application Penetration Testing (1)
25 pages
Resume Web PenTest by Joas
No ratings yet
Resume Web PenTest by Joas
1 page
Secure Web Application Ch4
No ratings yet
Secure Web Application Ch4
82 pages
12 Ceh Hacking Web Applications
0% (1)
12 Ceh Hacking Web Applications
111 pages
Acunetix Web Vulnerability Scanner
No ratings yet
Acunetix Web Vulnerability Scanner
8 pages
Compliance Report
No ratings yet
Compliance Report
296 pages
Server-side web applications attack
No ratings yet
Server-side web applications attack
4 pages
Trend Report
No ratings yet
Trend Report
21 pages
OWASP TOP 10 2017: Compliance Report
No ratings yet
OWASP TOP 10 2017: Compliance Report
20 pages
Web Pentesting Sample Report
No ratings yet
Web Pentesting Sample Report
25 pages
Developer: Acunetix Security Audit
No ratings yet
Developer: Acunetix Security Audit
15 pages
2020-02-09 - Introduction To The OWASP Top Ten
No ratings yet
2020-02-09 - Introduction To The OWASP Top Ten
45 pages
Wvs Getting Started
No ratings yet
Wvs Getting Started
10 pages
Rapid7 Insightappsec Appspider Attack Types Datasheet2
No ratings yet
Rapid7 Insightappsec Appspider Attack Types Datasheet2
1 page
Tugas Testing Keamaan Komputer M. Almepal Wanda 192321015 - 35A
No ratings yet
Tugas Testing Keamaan Komputer M. Almepal Wanda 192321015 - 35A
24 pages
Nullc0nbountyhuntingtechniques-160314053844 2 PDF
No ratings yet
Nullc0nbountyhuntingtechniques-160314053844 2 PDF
82 pages
OWASP WSTG Checklist
No ratings yet
OWASP WSTG Checklist
74 pages
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
From Everand
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
Devi Prasad
No ratings yet
Owasp Report
No ratings yet
Owasp Report
10 pages
The Browser Hacker's Handbook
From Everand
The Browser Hacker's Handbook
Wade Alcorn
No ratings yet
Building Retrofit Checklist
100% (1)
Building Retrofit Checklist
5 pages
Fake Name
No ratings yet
Fake Name
2 pages
Model Properties: 1.1 Design of Footing Using CSI-SAFE 2016 (Sample)
No ratings yet
Model Properties: 1.1 Design of Footing Using CSI-SAFE 2016 (Sample)
7 pages
Section A-A Detail At-B Section X-X
No ratings yet
Section A-A Detail At-B Section X-X
1 page
Analysis & Design By: Er. Bishnu Pandey Civil Engineer NEC Regd. No. 8547 "A"
No ratings yet
Analysis & Design By: Er. Bishnu Pandey Civil Engineer NEC Regd. No. 8547 "A"
5 pages
Design of Slab (8mm Bar)
No ratings yet
Design of Slab (8mm Bar)
5 pages
Townhall
No ratings yet
Townhall
19 pages
Isolated Footing Design (Square Footing)
No ratings yet
Isolated Footing Design (Square Footing)
5 pages
Bhedetar Truss
No ratings yet
Bhedetar Truss
7 pages
Figure 1 3D Model of Block A
No ratings yet
Figure 1 3D Model of Block A
3 pages
Cover Page of Mapdanda 2063
No ratings yet
Cover Page of Mapdanda 2063
3 pages
Data Entry Topographic Map
No ratings yet
Data Entry Topographic Map
15 pages
Symbol Common Name Scientific Name Type Height Use
No ratings yet
Symbol Common Name Scientific Name Type Height Use
2 pages
Data Entry Road Survey
No ratings yet
Data Entry Road Survey
21 pages
Cover Page
No ratings yet
Cover Page
6 pages
S PDF
No ratings yet
S PDF
1 page
Information Security
No ratings yet
Information Security
6 pages
Security
No ratings yet
Security
15 pages
Arcsight Complete Overview
No ratings yet
Arcsight Complete Overview
46 pages
252a - Management Information System
No ratings yet
252a - Management Information System
21 pages
Openssl Commands To Convert Certificate Format
No ratings yet
Openssl Commands To Convert Certificate Format
3 pages
Authentication (Portswigger Apprentice Manual)
No ratings yet
Authentication (Portswigger Apprentice Manual)
12 pages
8 4 1 3 Lab Configure Site To Site VPN Using CLI Instructor
No ratings yet
8 4 1 3 Lab Configure Site To Site VPN Using CLI Instructor
15 pages
Unit-5 CNS Notes
No ratings yet
Unit-5 CNS Notes
59 pages
RAPID_SOL_25_119_FINAL+Amendment+1+March+14+2025
No ratings yet
RAPID_SOL_25_119_FINAL+Amendment+1+March+14+2025
65 pages
Payroll/Personnel System Overview (PPSO) : Procedures
No ratings yet
Payroll/Personnel System Overview (PPSO) : Procedures
41 pages
Qlik Sense Shared Persistence 31 SR2
No ratings yet
Qlik Sense Shared Persistence 31 SR2
30 pages
Full Chapter Advances in Computer Communication and Computational Sciences Proceedings of Ic4S 2019 Sanjiv K Bhatia PDF
100% (13)
Full Chapter Advances in Computer Communication and Computational Sciences Proceedings of Ic4S 2019 Sanjiv K Bhatia PDF
54 pages
ITM Unit 1 Notes
No ratings yet
ITM Unit 1 Notes
16 pages
Nveo 9 (1) - 156 PDF
No ratings yet
Nveo 9 (1) - 156 PDF
14 pages
2.2.5 Lab - Becoming A Defender
No ratings yet
2.2.5 Lab - Becoming A Defender
2 pages
MD101
No ratings yet
MD101
1 page
Information Technology Act 2000
No ratings yet
Information Technology Act 2000
7 pages
Fortinet Single Sign On Polling Mode Windows AD Network
No ratings yet
Fortinet Single Sign On Polling Mode Windows AD Network
6 pages
Url .TXT Log
No ratings yet
Url .TXT Log
7,310 pages
What's New in PAN-OS 4.0: Application Identification Features
No ratings yet
What's New in PAN-OS 4.0: Application Identification Features
4 pages
FortiOS 7.2 Best Practices
No ratings yet
FortiOS 7.2 Best Practices
44 pages
Subsidiaries - A Guide To Pentex
100% (12)
Subsidiaries - A Guide To Pentex
138 pages
Full Download (eTextbook PDF) for Essentials of MIS 13th Edition by Kenneth PDF DOCX
No ratings yet
Full Download (eTextbook PDF) for Essentials of MIS 13th Edition by Kenneth PDF DOCX
41 pages
CP R77 Multi-DomainSecurityManagement AdminGuide
No ratings yet
CP R77 Multi-DomainSecurityManagement AdminGuide
157 pages
fortinet.ucertify.nse4_fgt-70.study.guide.2022-aug-03.by.mark.77q.vce
No ratings yet
fortinet.ucertify.nse4_fgt-70.study.guide.2022-aug-03.by.mark.77q.vce
18 pages
Itma
No ratings yet
Itma
12 pages
Paradoxes of The Problem of Critical Infrastructure Protection Against EMP: The Truth Is Out There
No ratings yet
Paradoxes of The Problem of Critical Infrastructure Protection Against EMP: The Truth Is Out There
74 pages