Assignment
1. How does skipfish categorize findings in the scan report?
2. Which tool used in the lab is considered a static analysis tool? Explain what is referred to by static code analysis.
3. What possible high-risk vulnerabilities did the RATS tool find in the DVWA application source code?
4. Did the static analysis tool find all the potential security flaws in the application?
5. During the manual code review, what do you notice about high.php that makes it less likely to victimize users with XSS reflection, and why is it considered more secure?
6. Compare and contrast the tools used in this lab with a penetration-testing tool such as WebScarab.
7. Compare the results of the RATS and skipfish reports you reviewed in the lab.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.