A Study in Advanced Methods for Website Security: Application of Tor and OWASP Zed Attack Proxy
Huy, Le Quang (2023)
Huy, Le Quang
2023
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023082324896
https://urn.fi/URN:NBN:fi:amk-2023082324896
Tiivistelmä
The primary purpose of the thesis was to study the application of Information Security by using specific examples of a comparison of two network technologies which were Tor and VPN and a web app testing tool namely OWASP ZAP. These topics were explained in detail by discussing their definition, advantage and disadvantage, and practical usage, followed by clear implementation examples.
The working process started with research on the general idea of information security. Then, the technologies, Tor, VPN, and OWASP, were presented as subjects to learn since they were related to the field of study, website development. To implement these topics, Tor Browser and OWASP ZAP were used as traffic of research. In addition, PHP and Java were used as high-level programming languages and Visual Studio Code was used as a source-code editor. The reason for using Tor Browser and OWASP ZED ATTACK PROXY was that they were well-known tools and free applications which were beneficial in the way that documents supporting the process of the thesis were quickly found and approached.
The thesis was successful in pointing out the importance of information security which was not carefully noticed due to the limitation of access to data on the internet for daily users. The result of the study revealed the fact that Tor Browser provided better security for website reaching, while it was proven that several vulnerabilities were successfully found by OWASP ZAP.
The working process started with research on the general idea of information security. Then, the technologies, Tor, VPN, and OWASP, were presented as subjects to learn since they were related to the field of study, website development. To implement these topics, Tor Browser and OWASP ZAP were used as traffic of research. In addition, PHP and Java were used as high-level programming languages and Visual Studio Code was used as a source-code editor. The reason for using Tor Browser and OWASP ZED ATTACK PROXY was that they were well-known tools and free applications which were beneficial in the way that documents supporting the process of the thesis were quickly found and approached.
The thesis was successful in pointing out the importance of information security which was not carefully noticed due to the limitation of access to data on the internet for daily users. The result of the study revealed the fact that Tor Browser provided better security for website reaching, while it was proven that several vulnerabilities were successfully found by OWASP ZAP.