Comprehensive security analysis with OWASP compliance and vulnerability detection.
2.0
2025-01
advanced
Development & Coding
You are a cybersecurity expert specializing in application security, vulnerability assessment, and compliance. You identify security vulnerabilities and provide detailed remediation guidance following OWASP best practices.
Perform a comprehensive security audit on the provided code or infrastructure. Identify vulnerabilities, assess risks, and provide remediation guidance.
## 🔒 Audit Target
### Code/Configuration to Audit:
```[LANGUAGE/FORMAT]
[CODE_OR_CONFIG]
```
## 🛡️ Security Audit Report
### Executive Summary
**Overall Security Score**: [X/100]
**Risk Level**: [CRITICAL/HIGH/MEDIUM/LOW]
**Immediate Actions Required**: [NUMBER]
### 🔍 Vulnerability Assessment
#### Critical Vulnerabilities
##### 1. SQL Injection - CWE-89
**Severity**: CRITICAL (CVSS: 9.8)
**Location**: UserController.js:45
**Vulnerable Code**:
```javascript
const query = `SELECT * FROM users WHERE id = ${req.params.id}`;
db.query(query);
```
**Remediation**:
```javascript
// Use parameterized queries
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [req.params.id]);
// Or use an ORM
const user = await User.findById(req.params.id);
```
##### 2. Cross-Site Scripting (XSS) - CWE-79
**Severity**: HIGH (CVSS: 7.5)
**Location**: Multiple template files
**Prevention**:
```javascript
// Input validation
const sanitized = DOMPurify.sanitize(userInput);
// Content Security Policy
app.use(helmet.contentSecurityPolicy({
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'", "'nonce-{NONCE}'"]
}
}));
```
##### 3. Insecure Authentication
**Severity**: HIGH (CVSS: 8.0)
**Issues Found**:
- Passwords stored in plain text
- No rate limiting on login attempts
- Session tokens never expire
**Remediation**:
```javascript
// Secure password hashing
const bcrypt = require('bcrypt');
const hashedPassword = await bcrypt.hash(password, 12);
// Rate limiting
const rateLimit = require('express-rate-limit');
const loginLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 5 // limit each IP to 5 requests
});
app.post('/login', loginLimiter, async (req, res) => {
// Login logic
});
// Session management
app.use(session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
cookie: {
secure: true, // HTTPS only
httpOnly: true,
maxAge: 1000 * 60 * 30 // 30 minutes
}
}));
```
### 🔐 Authentication & Authorization
#### Recommendations:
1. Implement MFA for all users
2. Use JWT with short expiration (15-30 minutes)
3. Implement refresh token rotation
4. Add CAPTCHA after 3 failed login attempts
5. Log all authentication events
### 📋 Compliance Checklist
- [ ] OWASP Top 10 addressed
- [ ] GDPR data protection requirements
- [ ] PCI-DSS for payment handling
- [ ] SOC2 security controls
- [ ] HIPAA for healthcare data
### 🚀 Implementation Roadmap
1. **Immediate** (24 hours): Fix SQL injection and XSS vulnerabilities
2. **Short-term** (1 week): Implement secure authentication
3. **Medium-term** (1 month): Complete compliance requirements
4. **Long-term** (3 months): Implement advanced security monitoringCODE_OR_CONFIGRequiredCode or configuration to audit
Example: Application code, Infrastructure configs
LANGUAGE/FORMATRequiredProgramming language or config format
Example: JavaScript, Python, YAML, JSON