Quality Testing

Quality is delighting customers

Any one answer this question, how to do security testing manually for a Web page?

Views: 185

Reply to This

Replies to This Discussion

Hi,

There are lot of approaches, Open Source Security testing Approach is one of the best.

we have (ISC)2, CEH, many more.

Most of the organizations use their own approach in Security Testing.

I would strongly re command the (ISC)2 , a bit complex but addresses all concerns

Thanks,
Siddiq
Introduction: As more and more vital data is stored in web applications and the number of transactions on the web increases, proper security testing of web applications is becoming very important. Security testing is the process that determines that confidential data stays confidential (i.e. it is not exposed to individuals/ entities for which it is not meant) and users can perform only those tasks that they are authorized to perform (e.g. a user should not be able to deny the functionality of the web site to other users, a user should not be able to change the functionality of the web application in an unintended way etc.).

Some key terms used in security testing:

Before we go further, it will be useful to be aware of a few terms that are frequently used in web application security testing:

What is “Vulnerability”?
This is a weakness in the web application. The cause of such a “weakness” can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.

What is “URL manipulation”?
Some web applications communicate additional information between the client (browser) and the server in the URL. Changing some information in the URL may sometimes lead to unintended behavior by the server.

What is “SQL injection”?
This is the process of inserting SQL statements through the web application user interface into some query that is then executed by the server.

What is “XSS (Cross Site Scripting)”?
When a user inserts HTML/ client-side script in the user interface of a web application and this insertion is visible to other users, it is called XSS.

What is “Spoofing”?
The creation of hoax look-alike websites or emails is called spoofing.

Security testing approach:
In order to perform a useful security test of a web application, the security tester should have good knowledge of the HTTP protocol. It is important to have an understanding of how the client (browser) and the server communicate using HTTP. Additionally, the tester should at least know the basics of SQL injection and XSS. Hopefully, the number of security defects present in the web application will not be high. However, being able to accurately describe the security defects with all the required details to all concerned will definitely help.

1. Password cracking:
The security testing on a web application can be kicked off by “password cracking”. In order to log in to the private areas of the application, one can either guess a username/ password or use some password cracker tool for the same. Lists of common usernames and passwords are available along with open source password crackers. If the web application does not enforce a complex password (e.g. with alphabets, number and special characters, with at least a required number of characters), it may not take very long to crack the username and password.

If username or password is stored in cookies without encrypting, attacker can use different methods to steal the cookies and then information stored in the cookies like username and password.

2. URL manipulation through HTTP GET methods:
The tester should check if the application passes important information in the querystring. This happens when the application uses the HTTP GET method to pass information between the client and the server. The information is passed in parameters in the querystring. The tester can modify a parameter value in the querystring to check if the server accepts it.

Via HTTP GET request user information is passed to server for authentication or fetching data. Attacker can manipulate every input variable passed from this GET request to server in order to get the required information or to corrupt the data. In such conditions any unusual behavior by application or web server is the doorway for the attacker to get into the application.

3. SQL Injection:
The next thing that should be checked is SQL injection. Entering a single quote (‘) in any textbox should be rejected by the application. Instead, if the tester encounters a database error, it means that the user input is inserted in some query which is then executed by the application. In such a case, the application is vulnerable to SQL injection.
SQL injection attacks are very critical as attacker can get vital information from server database. To check SQL injection entry points into your web application, find out code from your code base where direct MySQL queries are executed on database by accepting some user inputs.

If user input data is crafted in SQL queries to query the database, attacker can inject SQL statements or part of SQL statements as user inputs to extract vital information from database. Even if attacker is successful to crash the application, from the SQL query error shown on browser, attacker can get the information they are looking for. Special characters from user inputs should be handled/escaped properly in such cases.

4. Cross Site Scripting (XSS):
The tester should additionally check the web application for XSS (Cross site scripting). Any HTML e.g. or any script

or any script e.g.
Yes Siddiq, you are right.

Siva, can you provide complete security testing techniques doc
Hi Shiva,

Your 1, 2, 3, 4 are Security Testing Techniques not approach.

Thanks,
Siddiq
hi usha ,

here iam sendind a document which might clarify all doubts
Attachments:
Thanks for the Doc,

Siddiq
Good one Gourisankar.

Regards,

Balaji
Nice information from all, Thanks, any body can say with example for security testing for web application ? Thanks in Advance!
So valuable information guys. Keep it up

Hello buddy,

Thanks for sharing your thoughts and yeah i have an article on "Best Approach For Security Testing Of Web Applications" and here is the link https://medium.com/@alishahndrsn/best-approach-for-security-testing...

Regards

website security testing

As per practices of quality assurance services, following are some of the widely used approaches which can be followed while performing security testing:

1. Access to Application:
Under this approach, one can login to the application with all valid and invalid user roles and should verify that he should get restricted to access it with invalid logins.

2. Data Protection:
To follow this approach, tester should make sure that data maintained in database is in encrypted form so that it gets decrypted only on providing valid auth code or password for it.

3. Brute-Force Attack:
Brute-Force Attack is something where hackers can easily access the website or servers by trying different combinations og
usernames and passwords. Testers can approach its testing by providing account suspension mechanism in which application blocks the account when continuous failure attempts are made to login the application.

4. Session Management:
Session management is also a necessary technique in security testing where session should get expire after some period of time if application remains idle.

5. Error Handling:
Error codes returned in case of any bad request or server error type issues should not contain any confidential details related to the application which can be used by any unknown sources. For example, if an application is throwing an error while login so in that case there should be no confidential details of the user or website displayed either in console or any other add- on/plugin which is being used to track that error as these can be used by any third party unknown sources.

RSS

TTWT Magazine


Advertisement

Advertisement

Advertisement

Advertisement

© 2018   Created by Quality Testing.   Powered by

Badges  |  Report an Issue  |  Terms of Service