Nidan - A Security Search Engine for The World Wide Web

Studenteropgave: Speciale (inkl. HD afgangsprojekt)

  • Mathias Jørgen Bjørnum Leding
  • Jesper Windelborg Nielsen
4. semester, Software, Kandidat (Kandidatuddannelse)
In this report, the development and usage of Nidan and KNAS are described. Nidan is a systematic webcrawler which collects all loaded JavaScript, cookies, and related metadata and stores it in a well-strutured relational database. KNAS is a data-processing tool that detects vulnerabilities connected to each visted website. These include vulnerabilities in the implemented JavaScript libraries, CMSs, and server software.
Nidan and KNAS has been tested on around 2 % of the entire .dk zone file. This test showed that KNAS detected vulnerable software on 40.47 % of the websites. 92.49 % of the vulnerable websites have vulnerabilities from last year or older, meaning that the vast majority of vulnerable sites rarely update their software. From the data collected by Nidan, it is also possible to analyze the cookies. Since Nidan makes no interaction with the websites other than visiting, all tracking cookies sat break the GDPR and EU's cookie law.
Udgivelsesdato3 jun. 2019
Antal sider43
ID: 304981405