What is Security Testing?
Security Testing is the process of identifying vulnerabilities or weaknesses in application software. It tests a live running system.
Security Testing is also known as:
- Pen testing
- Ethical hacking
- White hat testing
Security Testing find issues that impact the CIA Triad
- Confidentiality of data
- Integrity of data
- Availability of data
Security Testing often find "OWASP Top 10" vulnerabilities
- The 10 most critical web app security flaws
- OWASP(Open web application security project) is the de facto industry standard.
Why do security flaws exist?
There is always a mismatch between target functionality and actual functionality.
OWASP Top 10
A1 - Injection
A2 - Broken Authentication and Session management
A3 - Cross Site Scripting (XSS)
A4 - Insecure Direct Object References
A5 - Security Misconfigurations
A6 - Sensitive Data Exposure
A7 - Missing Function Level Access Control
A8 - Cross Site Request Forgery (CSRF)
A9 - Using Components with Known Vulnerabilities
A10 - Unvalidated Redirects and Forwards
Security testing needs the tester to think like a "bad guy" i.e. find security loopholes which might be exploited.
- It's about abuse cases, not use cases.
- Valid bugs are only those that affect the CIA Triad
- Bugs are often highly technical in nature
Testers need good understanding of
- HTTP Protocol
- Web app architecture
- Common data formats
- HTML, JavaScript
- Security principles
- Vulnerability types
- Exploitability
- App development/Coding experience is invaluable
- Knowledge of special tools might be needed
Risk-Free Security Testing
- Internet-facing sites
- http://demo.testfire.net
- http://zero.webappsecurity.com
- http://crackme.cenzic.com
- http://www.vulnweb.com
- Vulnerable web apps
- WebGoat
- bWAPP
- Hackazon
- Hacme Casino
- Hacme Bank
- Linux VM bundled with vulnerable web apps
- OWASP Broken Web App project
Automated vulnerability scanning tool
- Give it a URL
- Configure authentication
- Press the "Go" button
- Dumb / brute in force
- Fast, good at finding certain flaws like XSS and SQL injection
- No recognition of context
- No recognition of sensitive data vs. unimportant data
- No recognition of business logic flaw
Manual security testing
- Exploratory in nature
- Leverages human intellect
- Simulates an attacker who is targeting your machine
- Complements automated scanning
Best tool for Security Testing:
- HTTP Proxy
Popular HTTP Intercepting proxies
- Burp Suite
- OWASP's ZAP
- Fiddler
Sample Get Request
Sample POST Request
Security Testing is the process of identifying vulnerabilities or weaknesses in application software. It tests a live running system.
Security Testing is also known as:
- Pen testing
- Ethical hacking
- White hat testing
Security Testing find issues that impact the CIA Triad
- Confidentiality of data
- Integrity of data
- Availability of data
Security Testing often find "OWASP Top 10" vulnerabilities
- The 10 most critical web app security flaws
- OWASP(Open web application security project) is the de facto industry standard.
Why do security flaws exist?
There is always a mismatch between target functionality and actual functionality.
OWASP Top 10
A1 - Injection
A2 - Broken Authentication and Session management
A3 - Cross Site Scripting (XSS)
A4 - Insecure Direct Object References
A5 - Security Misconfigurations
A6 - Sensitive Data Exposure
A7 - Missing Function Level Access Control
A8 - Cross Site Request Forgery (CSRF)
A9 - Using Components with Known Vulnerabilities
A10 - Unvalidated Redirects and Forwards
Security testing needs the tester to think like a "bad guy" i.e. find security loopholes which might be exploited.
- It's about abuse cases, not use cases.
- Valid bugs are only those that affect the CIA Triad
- Bugs are often highly technical in nature
Testers need good understanding of
- HTTP Protocol
- Web app architecture
- Common data formats
- HTML, JavaScript
- Security principles
- Vulnerability types
- Exploitability
- App development/Coding experience is invaluable
- Knowledge of special tools might be needed
Risk-Free Security Testing
- Internet-facing sites
- http://demo.testfire.net
- http://zero.webappsecurity.com
- http://crackme.cenzic.com
- http://www.vulnweb.com
- Vulnerable web apps
- WebGoat
- bWAPP
- Hackazon
- Hacme Casino
- Hacme Bank
- Linux VM bundled with vulnerable web apps
- OWASP Broken Web App project
Automated vulnerability scanning tool
- Give it a URL
- Configure authentication
- Press the "Go" button
- Dumb / brute in force
- Fast, good at finding certain flaws like XSS and SQL injection
- No recognition of context
- No recognition of sensitive data vs. unimportant data
- No recognition of business logic flaw
Manual security testing
- Exploratory in nature
- Leverages human intellect
- Simulates an attacker who is targeting your machine
- Complements automated scanning
Best tool for Security Testing:
- HTTP Proxy
Popular HTTP Intercepting proxies
- Burp Suite
- OWASP's ZAP
- Fiddler
Sample Get Request
Sample POST Request
Really nice topics you had discussed above. I am much impressed. Thank you for providing this nice information here.
ReplyDeleteSelenium Training in Chennai | Certification | Online Training Course | Selenium Training in Bangalore | Certification | Online Training Course | Selenium Training in Hyderabad | Certification | Online Training Course | Selenium Training in Coimbatore | Certification | Online Training Course | Selenium Training in Online | Certification | Online Training Course
Finding the time and actual effort to create a superb article like this is great thing. I’ll learn many new stuff right here! Good luck for the next post buddy..
ReplyDeleteSoftware Testing Services
Software Testing Company
Functional Testing Services
Test Automation Services
Functional Testing Company
Performance Testing Services
Security Testing Services
API Testing Services
Regression Testing Services
Compatibility Testing Services
Great blog. It's clearly explains about security testing. Security testing plays a major role in software development sector. Secure software can give best outcome to the end user. Penetration testing is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities. Know more here about security testing services and how it helps your business.
ReplyDelete