This is a technical reportFirstly, I would kindly request someone with a good subject knowledge in Computer System Security, to do this assignment. (unlike last time that I have to redo everything again due to no subject knowledge on that person who did the assignment).I have already selected 3 errors from CWE/SANS Top 25 for this technical report. (which we’ve been advised at the lectures and I have an idea of those error). Therefore, I only need the technical report on following 3 only.[1]CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer
[6]CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
[9]CWE-352Cross-Site Request Forgery (CSRF)
Our Lecturer of this unit said this assignment must be according to the rubrics and Citations/reference must be 100% correct. Assessors may go into those citations and verify.That is why I someone with a good subject knowledge of “Computer System Security”, to help with this assignment.
Page 2 of 2 SIT382 Assignment 2 Total marks: 40 The SANS institute released the newest version of CWE/SANS Top 25 Most Dangerous Software Errors in 2019. The list consists of top-rated and critical software weaknesses that may lead to vulnerabilities being exploited by attackers. In this assignment, you are required to choose a subset of CWE/SANS Top 25 Most Dangerous Software Errors listed on SANS website (https://www.sans.org/top25-software-errors) and identify these vulnerabilities in selected systems. You need to complete a technical report to document your experimental outcomes and findings. The report should consist of 3000-3500 words (minimum 3000 words, single spaced, 12pt font, on the A4-sized paper). The findings should include exploitation of minimal 3 software errors chosen from the top 25 list. Each error should have a different CWE ID. This report needs to consist of following items: · an overview of the chosen software errors · description of the hacking environment · description of technical findings and supporting evidence in screenshots · critical analysis of technical findings · discussion and justification of potential remedy actions based on findings You are free to use the NetLab environment and any online pen testing platforms and follow any instructions. The requirement is you will need to conduct the attacks by yourself. If we find any content (e.g., screenshots) copied from lab instructions or online resources, we will consider it as plagiarism. Notes: This is a technical report Firstly, I would kindly request someone with a good subject knowledge in Computer System Security, to do this assignment. (unlike last time that I have to redo everything again due to no subject knowledge on that person who did the assignment). I have already selected 3 errors from CWE/SANS Top 25 for this technical report. (which we’ve been advised at the lectures and I have an idea of those error). Therefore, I only need the technical report on following 3 only. [1] CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer [6] CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') [9] CWE-352 Cross-Site Request Forgery (CSRF) Our Lecturer of this unit said this assignment must be according to the rubrics and Citations/reference must be 100% correct. Assessors may go into those citations and verify. That is why I someone with a good subject knowledge of “Computer System Security”, to help with this assignment.