Complete Web Application Penetration Testing

Web Application Penetration testing can never be an exact science where a complete list of all possible issues that should be tested can be defined. Indeed, penetration testing is only an appropriate technique for testing the security of web applications under certain circumstances. The goal of this Complete Web Application Penetration Testing solution is to collect all the possible web application vulnerabilities, explain them and suggest the appropriate remediations and recommendations.

Sandrock's Web Application Penetration Testing method is based on the black box approach where the our testers know nothing or very little information about the application to be tested.

List of Web Application Tests to be carried out during this package

Server Information Domain Name Whois Lookup
Port Scanning for Open Ports
Application Fingerprining for Running Services
OS Fingerprinting for Running Operating System
   
Information Gathering Web Application Spidering
Search Engine Discovery
HTML Source Code Analysis for Developer's Comments
Identifying Application Entry Points for GET and POST Parameters
Analysis of Error Codes
   
Authentication Testing Indentification of Login Page. Paramters Identification
Vulnerable Remember Password
User Enumeration via "Incorrect Login Information" Error
Dictionary Attacks
Bruteforce Attack Simulation for Lockout Policy
Testing for CAPTCHA against Bots
Bypassing Authentication Schema
Testing "Forgot Password Reset" Mechanism
Testing for Logout Mechanism
   
Configuration Testing Insecure Transport Layer Testing for SSL/TLS Certificates
Testing for File Extensions
Testing for Old, Backup and Unreferenced Files and Direcotries
Testing for Directory Access
Testing for Application Admin Interface
Testing of Application Configuration Management
Testing of HTTP Methods and XST
   
Session Management Testing Indentification and Manipulation of Cookies attributes
Session ID Analysis. Testing for Weak Encryption
Exposed Session Variables
Testing for Session Hijacking by Cookies Stealth
Cross Site Request Forgery TestingĀ 
   
Authorization Testing Insecure Direct Object Reference-Parameter Tampering
Testing for Privilege Escalation
Bypassing Authorization Schema - Direct URL Access
   
Data Validation Testing Cross Site Scripting
SQL Injection
Code Injection
LDAP Injection
ORM Injection
SSI Injection
Xpath Injection
IMAP/SMTP Injection
OS Command Injection
XML Injection
HTTP Spitting and Smuglling
Malicious File Upload
   
Denial of Service Testing SQL Wildcard Attacks
Locking Accounts
User Input as a Loop Counter
Buffer Overflow Attacks
User Specified Object Allocation
Writing User Provided Data to Disk
Failure to Release Resources
Storing too Much Data in Session
   
Web Services Testing Web Service Information Gathering
Testing WSDL
XML Structural Testing
XML Content-level Testing
HTTP GET Parameters/REST Testing
Naughty SOAP attachments
Replay Testing
   
AJAX Testing Parameter Tampering

Let's Begin Security

  • FREE Scan for SQL Injection and XSS Flaws for Web Applications

  • FREE Port Scanning and Service Identification for Servers

  • FREE Trial on Policy Review and Tunneling Holes for Firewals