Browsing by Author "Rojas Montes, Javier Salvador (Director)"
Now showing 1 - 4 of 4
Results Per Page
Sort Options
Item Análisis de la vulnerabilidad XSS persistente: Estado actual, medidas de mitigación y herramientas de detección(Universidad Santiago de Cali, 2025) Pinta Higuita, Sergio Iván; Ordoñez Serna, Farid; Rojas Montes, Javier Salvador (Director)This review article focuses on the threat of persistent Cross-Site Scripting (XSS) in web applications, covering its emergence, evolution, exploitation methods, emerging trends, and impact on the IT sector. A systematic literature review was conducted following the PRISMA methodology (Preferred Reporting Items for Systematic Reviews and Meta-Analyses), selecting relevant sources from academic databases such as SpringerLink, Taylor & Francis Online, Scopus, Google Scholar, IEEE Xplore, ACM Digital Library, and ScienceDirect. Studies were evaluated based on relevance, timeliness, and data quality. Subsequently, detection tools such as OWASP ZAP, Burp Suite, and Acunetix are reviewed, highlighting their role in the early identification of vulnerabilities. Prevention and mitigation strategies are also examined, including rigorous data validation, secure encoding, the use of frameworks and security tools, and the importance of training IT security personnel to raise awareness of cybersecurity's importance within organizations. Additionally, integrating security practices throughout the software lifecycle is proposed to ensure a robust defense against persistent XSS. The information collected was analyzed and synthesized to provide a comprehensive view of the persistent XSS vulnerability. The most relevant conclusion emphasizes the importance of a defense-in-depth approach, using detection tools, well-defined security policies, and continuous staff training as critical approaches to effectively mitigate the risks associated with persistent XSS in web applications.Item Análisis de pruebas de penetración en sistemas y servicios web(Universidad Santiago de Cali, 2024) Mateus Rendon, Erick Steven; Chaves Cárdenas, Dalessandro; González Mejía, Erick Santiago; Rojas Montes, Javier Salvador (Director)IT services face various risks, mainly from cyber attacks. Web penetration testing determines whether a web system is vulnerable to attacks using tools and techniques that are usually used by penetration specialists who are dedicated to identifying vulnerabilities in these. Case studies are presented in order to expose an adequate management of cybersecurity, using specialized tools such as Nessus, which includes a practical case of a university where this tool is used to evaluate the security of its websites, and also Metasploit, which together with the Kali Linux operating system addresses a practical case where IoT devices are completely compromised. The review was prepared using the PRISMA methodology, selecting 70 articles and of which 26 articles were used. This methodology guarantees the quality and reliability of the sources. Web penetration testing evaluated vulnerabilities using black, white and gray box approaches, using manual and/or automated techniques. Web penetration testing consists of a 5-phase methodology: planning, scanning, exploitation, maintaining access and generating reports. In conclusion, it was found that the combination of penetration testing approaches (black, white and grey box), together with the use of emerging technologies such as artificial intelligence, not only optimizes vulnerability detection, but also strengthens system security. The incorporation of automated tools and advanced attack simulation allows organizations to mitigate potential impacts and protect their systems more efficiently.Item Integración de modelos de inteligencia artificial y tecnología cisco IoT: Una revisión bibliográfica para la definición de requisitos y configuración de modelos AIoT(Universidad Santiago de Cali, 2025) Tobón González, Luis Miguel; Mina Guevara, Cristian; Rojas Montes, Javier Salvador (Director)Internet of Things systems are widely used in various applications. However, these systems still have limitations, such as high latency for sending information to the cloud and real-time responses. This paper aims to conduct a review of the integration of edge computing and blockchain in IoT systems and document how Artificial Intelligence combined with the Internet of Things harnesses the power of both technologies for efficient data management. It also examines different models and infrastructures for proper implementation with fog computing and edge computing, where it highlights the need for strategic planning and ongoing training. The paper highlights that AIoT is crucial for improving operational efficiency and promoting innovation in an increasingly connected and data-driven world. A systematic literature review was conducted following the guidelines established by the PRISMA methodology, ensuring a rigorous and structured approach. Relevant sources were identified using academic databases and studies were selected according to criteria of relevance, timeliness and data quality.Item Posibles impactos del metaverso en las pymes colombianas del sector de marketing digital(Universidad Santiago de Cali, 2023) Giraldo Gómez, Luis Enrique; Acosta Méndez, Jesús Enrique; Rojas Montes, Javier Salvador (Director)This article aims to analyze the possible impacts of the Metaverse and associated Hardware and Software technologies on Colombian small and medium-sized enterprises (SMEs), especially in the field of Digital Marketing. SMEs play a fundamental role in the Colombian economy, representing 90% of the productive sector, contributing 40% of GDP and generating around 80% of employment. The exploratory research methodology was developed, in which about thirty-five articles were taken into account, which were related to metaverse, definition of SMEs, digital marketing, among other topics of interest and for what allowed to deepen the relationship between Metaverso and Colombian SMEs in the field of digital marketing. The implementation of these emerging technologies and trends by SMEs will allow them to improve their competitiveness, fostering greater diversity in the market and greater customer satisfaction. Therefore, it is crucial that SMEs are aware of these trends and strategically integrate them into their operations, thus ensuring their long-term success.