Software dev, network analysis and risk assessment. (code & report 1500-2000 words)

In Progress

Task consists of software development task, an network analysis task and a risk

assessment. It will test the following module level learning outcomes:

Task details Instructions

Read the entire Task specification sheet thoroughly.

Task specification

You must choose one of the projects detailed below and use that for their

Task, unless you have been given permission otherwise.

Each Candidate must identify at least 4 security issues with their chosen project and fix at

least 2 major issues. You find and fix more security issues if you wish and credit will be

given for the range of security issues that you have identified. Credit will also be given

for finding vulnerabilities that nobody else has found

The security issues may be design issues, implementation issues or a mixture of the

two.

All fixes must be implemented in a secure manner. The design, implementation and

testing of the fixes must be given in your final report.

All Candidates must perform a pen test of their DVL VM (with all the services running)

using, as far as possible, the framework given in the lecture (some stages will obviously

not be appropriate and you may omit those stages).

All Candidates must present a technical and a management report of their findings. The

reports should contain the following

o An overall summary of what the software chosen does (both reports)

o An overall summary of the results of the pentest (both reports)

o A high level design of the software (technical report)

o A detailed design of changes made (technical report)

o A detailed justification of changes made, showing how they comply with secure

coding guidelines (technical report)

o A detailed list of services running on DVL (technical report)

o A detailed summary of the implications of the vulnerabilities found in the pentest,

grouped in a logical manner (technical report)

o A high level list of recommended actions to take to resolve the vulnerabilities

(management report)

o A detailed list of recommended actions to take to resolve the vulnerabilities

(technical report)

o A discussion of implications of not fixing the vulnerabilities (both pentest and

software) and of the resources required to fix the issues (management report)

All Candidates must hand in a short additional reflective report, reflecting on their learning

experience

Project choice

For this piece of Task you are expected to develop a system that closely follows the secure coding requirements. You can choose any of the following three projects:

Shimmer [url removed, login to view]

Shimmer is a pair of small programs (a client and a server) that provide an

alternative to port knocking program and are used to hide a valuable port (such as

a hidden web server or SSH) on a public IP address.

Unlesbar [url removed, login to view]

Unlesbar is thought to be an electronic safe for sensitive data you want to keep in

a safe place.

OpenStego [url removed, login to view]

OpenStego is the free Steganography solution. Steganography is the science of

hiding secret message inside another larger and harmless looking message. You

should use the latest version of OpenStego

These projects have been chosen because they are known to have security issues. If you want to choose a different project altogether, you will need to get approval from Faye Mitchell or Mark Green in advance. Note that Task submissions that have not been approved will be severely marked down for not obeying Task guidelines.

Submission details

You must submit paper and electronic copies of the technical and management reports and electronic copies of the code and reflective report.

Electronic copies of the original code and your modifications (clearly commented)

The Technical report

The Management report

The reflective report

55% of the marks will be allocated to the software aspects. 35%of the marks to the penetration aspect. 10% to the reflective report.

Please see attachment.

Skills: Java, Software Architecture, Software Development, Technical Writing, Web Security

See more: web dev free, web development software list, web development learning projects, web design programs free, web design dev, web design assessment, web analysis services, vm management, vm for web development, the design network, system level architecture, software development resources, software development coding, software coding guidelines, short hand for management, risk assessment design, requirements for it software development, requirements and specification, range resources, projects software development, project management software free, piece of software for short, network testing services, network system architecture, network design architecture

Project ID: #5178047

Awarded to:

mdakteruzzaman

Hi, Omer I want to work this project for you again. This is my core subject. You can award me now. I will be very happy to work for you again. Thanks

$70 USD in 3 days
(6 Reviews)
3.6

4 freelancers are bidding on average $207 for this job

muzzamilnoor

Hi, I am a masters in Info sec with more than seven years of software development (using multiple languages) and security including pentesting and software security issues. My experience and technical writing skills More

$250 USD in 10 days
(17 Reviews)
5.1
Emam9109

Hi, I am here expert academic writer. I have so many expert professional academic writers. You can rely on me. I will provide you work in time I am eagerly awaiting for your response. Thanks with best regards Hasan

$144 USD in 3 days
(40 Reviews)
5.0
AndroidAll

Dear Sir, I'm interesting in your job. I have much experience in developing the software and network analysis. I can do this job. Regards.

$250 USD in 7 days
(4 Reviews)
3.8
C0RETECHIES

Greetings,Hello Sir, I have gone through your project requirements and we have highly skilled and qualified team who own all the right credentials to execute this job in a very proficient manner as per your exact requi More

$257 USD in 15 days
(2 Reviews)
3.2