-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLoremIpsumForum.html
179 lines (164 loc) · 8.1 KB
/
LoremIpsumForum.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta content="width=device-width, initial-scale=1.0" name="viewport">
<title>Ennaayattulla | Projects</title>
<meta content="" name="description">
<meta content="" name="keywords">
<!-- Favicons -->
<link href="assets/img/icon.png" rel="icon">
<!-- Google Fonts -->
<link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i" rel="stylesheet">
<!-- Vendor CSS Files -->
<link href="assets/vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="assets/vendor/icofont/icofont.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link href="assets/vendor/remixicon/remixicon.css" rel="stylesheet">
<link href="assets/vendor/owl.carousel/assets/owl.carousel.min.css" rel="stylesheet">
<link href="assets/vendor/boxicons/css/boxicons.min.css" rel="stylesheet">
<link href="assets/vendor/venobox/venobox.css" rel="stylesheet">
<!-- Template Main CSS File -->
<link href="assets/css/style.css" rel="stylesheet">
</head>
<!-- ======= Header ======= -->
<header id="header" class="header-tops header-top">
<div class="container">
<h1><a href="https://mehxa.github.io/">M. Ennaayattulla</a></h1>
<nav class="nav-menu d-none d-lg-block">
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="index.html#about">About</a></li>
<li><a href="index.html#certificates">Certificates</a></li>
<li class="active"><a href="index.html#projects">Projects</a></li>
</ul>
</nav>
</div>
</header>
<!-- End Header -->
<body>
<section class="section-show" >
<div class="container">
<div class="section-title">
<h2><a href="index.html#projects">Back</a></h2>
<p>Lorem Ipsum Forum</p>
</div>
<div class="container">
<div class="container-fluid">
<div id="ASPJIndicators" class="carousel slide" data-ride="carousel">
<ol class="carousel-indicators mb-4">
<li data-target="#ASPJIndicators" data-slide-to="0" class="active"></li>
<li data-target="#ASPJIndicators" data-slide-to="1"></li>
<li data-target="#ASPJIndicators" data-slide-to="2"></li>
<li data-target="#ASPJIndicators" data-slide-to="3"></li>
<li data-target="#ASPJIndicators" data-slide-to="4"></li>
</ol>
<div class="carousel-inner">
<div class="carousel-item active">
<img class="d-block w-100" src="assets\img\portfolio\ASPJ(Vulnerable)Home.png" alt="First slide">
<div class="caption">
<h5>Homepage</h5>
</div>
</div>
<div class="carousel-item">
<img class="d-block w-100" src="assets\img\portfolio\ASPJ(XSS).png" alt="First slide">
<div class="caption">
<h5>Cross-Site Scripting Test</h5>
</div>
</div>
<div class="carousel-item">
<img class="d-block w-100" src="assets\img\portfolio\ASPJ(Report).png" alt="Second slide">
<div class="caption">
<h5>Vulnerability Scan Report</h5>
</div>
</div>
<div class="carousel-item">
<img class="d-block w-100" src="assets\img\portfolio\ASPJ(UserPage).png" alt="First slide">
<div class="caption">
<h5>User Page</h5>
</div>
</div>
<div class="carousel-item">
<img class="d-block w-100" src="assets\img\portfolio\ASPJ(HTTPS).png" alt="Third slide">
<div class="caption">
<h5>Encrypted traffic</h5>
</div>
</div>
</div>
<a class="carousel-control-prev" href="#ASPJIndicators" role="button" data-slide="prev">
<span class="carousel-control-prev-icon" aria-hidden="true"></span>
<span class="sr-only">Previous</span>
</a>
<a class="carousel-control-next" href="#ASPJIndicators" role="button" data-slide="next">
<span class="carousel-control-next-icon" aria-hidden="true"></span>
<span class="sr-only">Next</span>
</a>
</div>
</div>
</div>
<div class="row container project-showcase" style="background:none;">
<div class="col-lg-7">
<h4>Project Description:</h4>
<p>For this project, our team was tasked to create two versions of a website. A secure and vulnerable version.</p>
<p>Our team was tasked to exploit the 2 vulnerabilities that we chose from the OWASP Top 10 Web vulnerabilities in the vulnerable version of the website, while the secure version should protect against chosen vulnerabilities. The team members and our chosen vulnerabilities are as follows:</p>
<ul>
<li><i class="icofont-rounded-right"></i>Sarah Bagarib – Broken Authentication, Security Misconfiguration</li>
<li><i class="icofont-rounded-right"></i>Ko Jia Ling – Broken Access Control, Injection</li>
<li><i class="icofont-rounded-right"></i>Muhammad Ennaayattulla – Cross Site Scripting, Sensitive Data Exposure</li>
</ul>
<p>We were also motivated to add in additional security features and mitigate more than the chosen 2 vulnerabilities in the secure version of the website.</p>
<div class="mt-4">
<h4>My Contributions:</h4>
<ul>
<li><i class="icofont-rounded-right"></i>Enabled Flask's autoescape functionality to escape special characters to protect against Cross Site Scripting</li>
<li><i class="icofont-rounded-right"></i>Hashed passwords in the MySQL database using Bcrypt</li>
<li><i class="icofont-rounded-right"></i>Enabled HTTPS for the website to ensure that web traffic is encrypted</li>
<li><i class="icofont-rounded-right"></i>Implemented sending OTPs to email and creating temporary URLs for changing passwords</li>
</ul>
<p>Detailed Report on Implemented Features: <a class="btn btn-sec" href="assets\pdf\ASPJ Project Report.pdf" target="_blank">Report</a></p>
</div>
</div>
<div class="col-lg-1">
</div>
<div class="col-lg-4">
<h5>Github Repositories:</h5>
<ul>
<li><i class="icofont-rounded-right"></i>Vulnerable Version: <a href="https://github.com/Mehxa/ASPJ-Project" target="_blank">github.com/Mehxa/ASPJ-Project</a></li>
<li><i class="icofont-rounded-right"></i>Secure Version: <a href="https://github.com/Mehxa/ASPJ-Project-Secure" target="_blank">github.com/Mehxa/ASPJ-Project-Secure</a></li>
</ul>
<h5>Vulnerability Scanning Tool:</h5>
<ul>
<li><i class="icofont-rounded-right"></i>OWASP ZAP</li>
</ul>
<h5>Created Using:</h5>
<ul>
<li><i class="icofont-rounded-right"></i>MySQL</li>
<li><i class="icofont-rounded-right"></i>Python</li>
</ul>
<h5>Python Modules:</h5>
<ul>
<li><i class="icofont-rounded-right"></i>Flask</li>
<li><i class="icofont-rounded-right"></i>MySQL Connector</li>
<li><i class="icofont-rounded-right"></i>Flask-Bcrypt</li>
<li><i class="icofont-rounded-right"></i>Secrets</li>
<li><i class="icofont-rounded-right"></i>Requests</li>
</ul>
</div>
</div>
</section>
<div class="credits">
Muhammad Ennaayattulla <span style="color:#18d26e;">©</span> 2023</a>
</div>
</body>
<!-- Vendor JS Files -->
<script src="assets/vendor/jquery/jquery.min.js"></script>
<script src="assets/vendor/bootstrap/js/bootstrap.bundle.min.js"></script>
<script src="assets/vendor/jquery.easing/jquery.easing.min.js"></script>
<script src="assets/vendor/waypoints/jquery.waypoints.min.js"></script>
<script src="assets/vendor/counterup/counterup.min.js"></script>
<script src="assets/vendor/owl.carousel/owl.carousel.min.js"></script>
<script src="assets/vendor/isotope-layout/isotope.pkgd.min.js"></script>
<script src="assets/vendor/venobox/venobox.min.js"></script>
<script src="assets/vendor/typed.js/typed.min.js"></script>
<!-- Template Main JS File -->
<script src="assets/js/main.js"></script>