XSS attack on a web app

Last updated: 7/9/2018

This will deploy 2 application gateway , a web app, a sql server and database, OMS and other network resources. One app gateway is in detection mode and other is in prevention mode. Perform the XSS attack by following the guidleines and execute the scenario for mitigation and prevention of a XSS attack.

This Azure Resource Manager template was created by a member of the community and not by Microsoft. Each Resource Manager template is licensed to you under a license agreement by its owner, not Microsoft. Microsoft is not responsible for Resource Manager templates provided and licensed by community members and does not screen for security, compatibility, or performance. Community Resource Manager templates are not supported under any Microsoft support program or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
_artifactsLocation this will be the location for artifacts
_artifactsLocationSasToken this will be the sas key to access artifacts
location your resources will be created in this location
omsSku this will be you SKU for OMS
pipAddressType this will be the type of public IP address used for the application gateway name
sqlAdministratorName this will be the admin user for sql server
sqlServerPassword this wiil be th password for the admin user for sql server
emailToSendAlertsTo this user will get the alert emails

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-XSS-Attack-Prevention/azuredeploy.json
Install and configure Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-XSS-Attack-Prevention/azuredeploy.json
Install and Configure the Azure Cross-Platform Command-Line Interface