SlideShare a Scribd company logo

What is security testing and why it is so important?

Download as PPTX, PDF
ONE BCG
ONE BCG

The document discusses the importance of security testing in identifying vulnerabilities and threats in software applications, emphasizing its role in protecting sensitive information. It outlines various types and techniques of security testing, such as vulnerability testing, penetration testing, and risk assessment, alongside examples of security flaws and the tools used for testing. Security testing is depicted as crucial for maintaining organizational integrity and preventing loss of information or revenue due to security breaches.

Technology
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Copyright © 2019 ONE BCG. All rights reserved. Security Testing - Processes & Techniques
2 Copyright © 2019 ONE BCG. All rights reserved. • Why security testing is important? • What is security testing • Examples of security flaws in an application • How does Security Testing add value to organizations? • Types of Security Testing • Security Testing Techniques • Security Testing Tools Agenda
3 Copyright © 2019 ONE BCG. All rights reserved. Sensitive information like User Name/ Passwords,Credit/Debit card details or private information stored online. Security testing is to recognize the threats in the system and measure its possible vulnerabilities, so the system does not stop functioning or is exploited. Why Security Testing is Important?
4 Copyright © 2019 ONE BCG. All rights reserved. • It ensures software applications are free from any vulnerabilities, threats, risks that may cause a big loss. • It is about finding all possible loopholes and weaknesses of the system which might result in a loss of information or revenue. • The goal of security testing is to identify the threats in the system and measure its potential vulnerabilities, so the system does not stop functioning or is exploited. • It also helps in detecting all possible security risks in the system and help developers in fixing these problems through coding. What is security testing?
5 Copyright © 2019 ONE BCG. All rights reserved. • A Student Management System is insecure if the ‘Admission’ branch can edit the data of ‘Exam’ branch • An ERP system is not secure if DEO (data entry operator) can generate ‘Reports’ • An online Shopping Mall has no security if the customer’s Credit Card Detail is not encrypted • A custom software possess inadequate security if an SQL query retrieves actual passwords of its users Examples of security flaws in an application
6 Copyright © 2019 ONE BCG. All rights reserved. • In today’s interconnected world with consumers depending more on online channels to make transactions, any security breaches lead to a loss in customer confidence and ultimately revenue. • As security attacks have grown exponentially, security testing is the only discipline that helps an organization identify where they are vulnerable and take corrective measures to prevent as well rectifies the gaps in security. • More and more organizations are getting the security audits done and testing measures to ensure that the critical applications are shielded from any breaches or unintended penetration. Security Testing add value to organizations
7 Copyright © 2019 ONE BCG. All rights reserved. Types of Security Testing
8 Copyright © 2019 ONE BCG. All rights reserved. • Vulnerability testing: – The automated computer program to proactively identify security vulnerabilities of computing systems in a network to determine where a system can be exploited and/or threatened. – Generally done through various vulnerability scanning software. Ex: OpenVas, Nessus, ZAP, Vega, and ISS. – https://www.youtube.com/watch?v=koMo_fSQGlk • Security Scanning – This is a program that communicates with a web application through the web front-end to identify potential security vulnerabilities in the web application, OS and Networks.
9 Copyright © 2019 ONE BCG. All rights reserved. • Penetration Testing – A penetration test is an attack on a computer system to find security loopholes, potentially gaining access to it, its functionality and data. – Tester may try to enter into the application / system with the help of some other application or with the help of combinations of loopholes that the application has kept open unknowingly. – It is the most effective way to practically find out potential loopholes in the application
10 Copyright © 2019 ONE BCG. All rights reserved. • Risk Assessment – This is a process of assessing and deciding on the risk involved with the type of loss and the possibility of vulnerability occurrence. – This is determined within the organization by various interviews, discussions and analysis. • Security Auditing – Security Auditing involves hands on internal inspection of Operating Systems and Applications, often via line-by-line inspection of the code. – A security audit is a systematic evaluation of the security of a company's information system.
11 Copyright © 2019 ONE BCG. All rights reserved. • Posture Assessment – It combines Security Scanning, Ethical Hacking and Risk Assessments to show an overall Security Posture of the organization. • Ethical hacking – Ethical Hacking involves number of penetration tests over the wide network on the system under test. It is conducted by ethical hackers to find possible problems in the system.
12 Copyright © 2019 ONE BCG. All rights reserved. • Access to the Application – Authentication: Example: Some of the authentication tests include a test for password quality rules, test for default logins, test for password recovery, test captcha, test for logout functionality, test for password change, test for security question/answer, etc. – Authorization: Example: Some of the authorization tests include a test for path traversal, test for missing authorization, test for horizontal access control problems, etc. Security Testing Techniques
13 Copyright © 2019 ONE BCG. All rights reserved. • Data Protection – Data Manipulation • In data manipulation, a hacker changes data used by a website to gain some advantage or to embarrass the website’s owners. Hackers will often gain access to HTML pages and change them to be satirical or offensive. • Tools: Fidler, Charles Proxy, Web Sniffer, Burp Suite • https://www.youtube.com/watch?v=8bo5kXMAcV0 – URL Manipulation • URL manipulation is the process of manipulating the website URL query strings & capture of important information by hackers. This happens when the application uses the HTTP GET method to pass information -
14 Copyright © 2019 ONE BCG. All rights reserved. between the client and the server. The information is passed in parameters in the query string. The tester can modify a parameter value in the query string to check if the server accepts it. - File Uploads • Only valid files should be permitted for uploading. • http://demo.guru99.com/Security/SEC_V1/customer/contactus.php • In the above link the upload file menu, currently accepts any file format including .exe, PHP, Js, etc. • A malicious user can upload a virus or executable file and using The file size should also be checked so that users do not upload large files that would eat up the server space.
15 Copyright © 2019 ONE BCG. All rights reserved. ● Command Execution – SQL Injection: • SQL Injection constructs illegal SQL statements on a web site application from user-supplied input. • https://www.guru99.com/learn-sql-injection-with-practical-example.html • https://www.youtube.com/watch?v=WFFQw01EYHM – Buffer Overflow: • Buffer Overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. • https://www.youtube.com/watch?v=mTrTwg03N9M
16 Copyright © 2019 ONE BCG. All rights reserved. • Client-Side Attack – Content Spoofing : • Content Spoofing tricks a user into believing that certain content appearing on a website is legitimate and not from an external source • https://www.geeksforgeeks.org/content-spoofing/ – Cross-Site Scripting : • Cross-site Scripting (XSS) forces a web site to echo attacker-supplied executable code, which loads into a user’s browser. • https://www.acunetix.com/websitesecurity/cross-site-scripting/ • https://www.youtube.com/watch?v=cbmBDiR6WaY
17 Copyright © 2019 ONE BCG. All rights reserved. • Brute Force Attack – Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. – The most obvious way to block brute-force attacks is to simply lock out accounts after a defined number of incorrect password attempts. – https://www.youtube.com/watch?v=25cazx5D_vw
18 Copyright © 2019 ONE BCG. All rights reserved. • DOS Attack – A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users. – Consider a functionality (such as registration) which typically does not require authentication. An attacker can easily place a heavy load on the server by simulating multiple registration operations and by feeding in arbitrarily huge input data through the registration fields, thus placing a further load on the server and also consuming database connections. This could cause the server to crash or slow down to a crawl.
19 Copyright © 2019 ONE BCG. All rights reserved. • Forceful Browsing – A malicious user can access the complete application from different browsers without login. – How to perform: Log in to an application then copy the URL now paste it in another browser and check whether the user is logging in or redirected to the login page. – Recommendation: The application must implement proper session/cookie management on the server-side, to ensure strict access control. This would avoid any user indirectly copy-pasting of the link to get unauthorized access into the internal pages.
20 Copyright © 2019 ONE BCG. All rights reserved. • Spoofing – Website/Email Id/Caller Id/IP Address/Mac Address/DNS/GPS Location – https://www.youtube.com/watch?v=YKH2VJvQJfc • Session Management – A web session is a sequence of the HTTP request and response transactions linked with the same user. The session management tests check how session management is handled in the web app. – You can test for session expiry after particular idle time, session termination after maximum lifetime, session termination after log out, check for session cookie scope and duration, testing if a single user can have multiple simultaneous sessions, etc.
21 Copyright © 2019 ONE BCG. All rights reserved. • Phishing Attack – It is a technique that uses trickery and deceit to obtain private data from users. – A hacker may try to impersonate a genuine website such as yahoo and then ask the unsuspecting user to confirm their account name and password. – This technique could also be used to get credit card information or any other valuable personal data.
22 Copyright © 2019 ONE BCG. All rights reserved. • Session Timeout. • A session should terminate when the user is gone through an error page. • Autofill should be off. • Check whether an application is able to view the authenticated page using the back button of the browser. • Check whether It is possible to view the contents of the authenticated pages by fetching the page from the browser cache memory and history. • Users should not have the option to remember the password as this may give unauthorized access to malicious users. Other Security Checks
23 Copyright © 2019 ONE BCG. All rights reserved. • OpenVas: This tool is used for Vulnerability Testing • Websecurity: This tool is used for Vulnerability Testing • Wapity: This tool is used for Vulnerability Testing • Vega: This tool is used for Vulnerability Testing • Zed Attack Proxy(ZAP): This tool is used for Penetration Testing • Iron Wasp: This tool is used for Vulnerability Testing • SQLMap: This tool is used for SQL Injection • BeEF(Browser Exploitation Framework): This tool is used for Penetration Testing Security Testing Tools
24 Copyright © 2019 ONE BCG. All rights reserved.

More Related Content

What's hot (20)

PDF
Security Testing for Test Professionals
TechWell
 
PPTX
Vulnerabilities in modern web applications
Niyas Nazar
 
PPTX
Security Testing for Web Application
Precise Testing Solution
 
PDF
Introduction to Security Testing
vodQA
 
PPT
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
PPSX
Web application security
Akhil Raj
 
PPT
Penetration Testing Basics
Rick Wanner
 
PPTX
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
PPTX
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
PPTX
Security testing fundamentals
Cygnet Infotech
 
PPTX
Security Testing Training With Examples
Alwin Thayyil
 
PPTX
Penetration Testing
RomSoft SRL
 
PPTX
Advanced persistent threat (apt)
mmubashirkhan
 
PDF
Vulnerability Assessment and Penetration Testing Report
Rishabh Upadhyay
 
PPTX
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
PDF
Security testing presentation
Confiz
 
PDF
Introduction to Web Application Penetration Testing
Netsparker
 
PDF
Web Application Penetration Testing
Priyanka Aash
 
PDF
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
PPTX
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Security Testing for Test Professionals
TechWell
 
Vulnerabilities in modern web applications
Niyas Nazar
 
Security Testing for Web Application
Precise Testing Solution
 
Introduction to Security Testing
vodQA
 
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Web application security
Akhil Raj
 
Penetration Testing Basics
Rick Wanner
 
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
Security testing fundamentals
Cygnet Infotech
 
Security Testing Training With Examples
Alwin Thayyil
 
Penetration Testing
RomSoft SRL
 
Advanced persistent threat (apt)
mmubashirkhan
 
Vulnerability Assessment and Penetration Testing Report
Rishabh Upadhyay
 
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
Security testing presentation
Confiz
 
Introduction to Web Application Penetration Testing
Netsparker
 
Web Application Penetration Testing
Priyanka Aash
 
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 

Similar to What is security testing and why it is so important? (20)

PPTX
How to Test for The OWASP Top Ten
Security Innovation
 
PPTX
State of the information security nation
SensePost
 
PPTX
Web applications security conference slides
Bassam Al-Khatib
 
PDF
Jouri Dufour - How About Security Testing - EuroSTAR 2013
TEST Huddle
 
PPTX
Application Security TRENDS – Lessons Learnt- Firosh Ummer
OWASP-Qatar Chapter
 
PPT
Security Testing
ISsoft
 
PDF
Common Web Application Attacks
Ahmed Sherif
 
PDF
OWASP Top Ten in Practice
Security Innovation
 
PPTX
Security Testing
BOSS Webtech
 
PPTX
AW-Infs201101067.pptx
AnonymousDevil2
 
KEY
How to break web applications
Dinis Cruz
 
PPT
Web Application Security Testing
Marco Morana
 
PPTX
Security engineering
OWASP Indonesia Chapter
 
PPTX
Security testing for web developers
matthewhughes
 
PPTX
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins
 
PPTX
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
DevDay Da Nang
 
PDF
Web application security - Course overview
Satish b
 
PDF
How to code securely: a crash course for non-coders
Jaap Karan Singh
 
PDF
Problems with parameters b sides-msp
Mike Saunders
 
ODP
Hunting Security Bugs in Modern Web Applications
Toe Khaing
 
How to Test for The OWASP Top Ten
Security Innovation
 
State of the information security nation
SensePost
 
Web applications security conference slides
Bassam Al-Khatib
 
Jouri Dufour - How About Security Testing - EuroSTAR 2013
TEST Huddle
 
Application Security TRENDS – Lessons Learnt- Firosh Ummer
OWASP-Qatar Chapter
 
Security Testing
ISsoft
 
Common Web Application Attacks
Ahmed Sherif
 
OWASP Top Ten in Practice
Security Innovation
 
Security Testing
BOSS Webtech
 
AW-Infs201101067.pptx
AnonymousDevil2
 
How to break web applications
Dinis Cruz
 
Web Application Security Testing
Marco Morana
 
Security engineering
OWASP Indonesia Chapter
 
Security testing for web developers
matthewhughes
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins
 
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
DevDay Da Nang
 
Web application security - Course overview
Satish b
 
How to code securely: a crash course for non-coders
Jaap Karan Singh
 
Problems with parameters b sides-msp
Mike Saunders
 
Hunting Security Bugs in Modern Web Applications
Toe Khaing
 
Ad

More from ONE BCG (11)

PPTX
A comprehensive guide to user behavioral analytics
ONE BCG
 
PPTX
What is product development and its process?
ONE BCG
 
PPTX
Why effective communication with clients is necessary?
ONE BCG
 
PPTX
An ultimate guide to SOLID Principles, developers must know.
ONE BCG
 
PPTX
How Artificial intelligence and machine learning are different?
ONE BCG
 
PPTX
What is Agile and Scrum, their guiding principles and methods?
ONE BCG
 
PPTX
Prototype: Its methods, techniques, and key features.
ONE BCG
 
PPTX
How to prepare a project for automated deployment?
ONE BCG
 
PPTX
What is Load, Stress and Endurance Testing?
ONE BCG
 
PPTX
Software risk analysis and management
ONE BCG
 
PPTX
Brushing skills on SignalR for ASP.NET developers
ONE BCG
 
A comprehensive guide to user behavioral analytics
ONE BCG
 
What is product development and its process?
ONE BCG
 
Why effective communication with clients is necessary?
ONE BCG
 
An ultimate guide to SOLID Principles, developers must know.
ONE BCG
 
How Artificial intelligence and machine learning are different?
ONE BCG
 
What is Agile and Scrum, their guiding principles and methods?
ONE BCG
 
Prototype: Its methods, techniques, and key features.
ONE BCG
 
How to prepare a project for automated deployment?
ONE BCG
 
What is Load, Stress and Endurance Testing?
ONE BCG
 
Software risk analysis and management
ONE BCG
 
Brushing skills on SignalR for ASP.NET developers
ONE BCG
 
Ad

Recently uploaded (20)

PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PPTX
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PDF
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
PDF
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
PDF
Exolore The Essential AI Tools in 2025.pdf
Srinivasan M
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PPTX
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PPTX
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
PPTX
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
PDF
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
Exolore The Essential AI Tools in 2025.pdf
Srinivasan M
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 

What is security testing and why it is so important?

  • 1. Copyright © 2019 ONE BCG. All rights reserved. Security Testing - Processes & Techniques
  • 2. 2 Copyright © 2019 ONE BCG. All rights reserved. • Why security testing is important? • What is security testing • Examples of security flaws in an application • How does Security Testing add value to organizations? • Types of Security Testing • Security Testing Techniques • Security Testing Tools Agenda
  • 3. 3 Copyright © 2019 ONE BCG. All rights reserved. Sensitive information like User Name/ Passwords,Credit/Debit card details or private information stored online. Security testing is to recognize the threats in the system and measure its possible vulnerabilities, so the system does not stop functioning or is exploited. Why Security Testing is Important?
  • 4. 4 Copyright © 2019 ONE BCG. All rights reserved. • It ensures software applications are free from any vulnerabilities, threats, risks that may cause a big loss. • It is about finding all possible loopholes and weaknesses of the system which might result in a loss of information or revenue. • The goal of security testing is to identify the threats in the system and measure its potential vulnerabilities, so the system does not stop functioning or is exploited. • It also helps in detecting all possible security risks in the system and help developers in fixing these problems through coding. What is security testing?
  • 5. 5 Copyright © 2019 ONE BCG. All rights reserved. • A Student Management System is insecure if the ‘Admission’ branch can edit the data of ‘Exam’ branch • An ERP system is not secure if DEO (data entry operator) can generate ‘Reports’ • An online Shopping Mall has no security if the customer’s Credit Card Detail is not encrypted • A custom software possess inadequate security if an SQL query retrieves actual passwords of its users Examples of security flaws in an application
  • 6. 6 Copyright © 2019 ONE BCG. All rights reserved. • In today’s interconnected world with consumers depending more on online channels to make transactions, any security breaches lead to a loss in customer confidence and ultimately revenue. • As security attacks have grown exponentially, security testing is the only discipline that helps an organization identify where they are vulnerable and take corrective measures to prevent as well rectifies the gaps in security. • More and more organizations are getting the security audits done and testing measures to ensure that the critical applications are shielded from any breaches or unintended penetration. Security Testing add value to organizations
  • 7. 7 Copyright © 2019 ONE BCG. All rights reserved. Types of Security Testing
  • 8. 8 Copyright © 2019 ONE BCG. All rights reserved. • Vulnerability testing: – The automated computer program to proactively identify security vulnerabilities of computing systems in a network to determine where a system can be exploited and/or threatened. – Generally done through various vulnerability scanning software. Ex: OpenVas, Nessus, ZAP, Vega, and ISS. – https://www.youtube.com/watch?v=koMo_fSQGlk • Security Scanning – This is a program that communicates with a web application through the web front-end to identify potential security vulnerabilities in the web application, OS and Networks.
  • 9. 9 Copyright © 2019 ONE BCG. All rights reserved. • Penetration Testing – A penetration test is an attack on a computer system to find security loopholes, potentially gaining access to it, its functionality and data. – Tester may try to enter into the application / system with the help of some other application or with the help of combinations of loopholes that the application has kept open unknowingly. – It is the most effective way to practically find out potential loopholes in the application
  • 10. 10 Copyright © 2019 ONE BCG. All rights reserved. • Risk Assessment – This is a process of assessing and deciding on the risk involved with the type of loss and the possibility of vulnerability occurrence. – This is determined within the organization by various interviews, discussions and analysis. • Security Auditing – Security Auditing involves hands on internal inspection of Operating Systems and Applications, often via line-by-line inspection of the code. – A security audit is a systematic evaluation of the security of a company's information system.
  • 11. 11 Copyright © 2019 ONE BCG. All rights reserved. • Posture Assessment – It combines Security Scanning, Ethical Hacking and Risk Assessments to show an overall Security Posture of the organization. • Ethical hacking – Ethical Hacking involves number of penetration tests over the wide network on the system under test. It is conducted by ethical hackers to find possible problems in the system.
  • 12. 12 Copyright © 2019 ONE BCG. All rights reserved. • Access to the Application – Authentication: Example: Some of the authentication tests include a test for password quality rules, test for default logins, test for password recovery, test captcha, test for logout functionality, test for password change, test for security question/answer, etc. – Authorization: Example: Some of the authorization tests include a test for path traversal, test for missing authorization, test for horizontal access control problems, etc. Security Testing Techniques
  • 13. 13 Copyright © 2019 ONE BCG. All rights reserved. • Data Protection – Data Manipulation • In data manipulation, a hacker changes data used by a website to gain some advantage or to embarrass the website’s owners. Hackers will often gain access to HTML pages and change them to be satirical or offensive. • Tools: Fidler, Charles Proxy, Web Sniffer, Burp Suite • https://www.youtube.com/watch?v=8bo5kXMAcV0 – URL Manipulation • URL manipulation is the process of manipulating the website URL query strings & capture of important information by hackers. This happens when the application uses the HTTP GET method to pass information -
  • 14. 14 Copyright © 2019 ONE BCG. All rights reserved. between the client and the server. The information is passed in parameters in the query string. The tester can modify a parameter value in the query string to check if the server accepts it. - File Uploads • Only valid files should be permitted for uploading. • http://demo.guru99.com/Security/SEC_V1/customer/contactus.php • In the above link the upload file menu, currently accepts any file format including .exe, PHP, Js, etc. • A malicious user can upload a virus or executable file and using The file size should also be checked so that users do not upload large files that would eat up the server space.
  • 15. 15 Copyright © 2019 ONE BCG. All rights reserved. ● Command Execution – SQL Injection: • SQL Injection constructs illegal SQL statements on a web site application from user-supplied input. • https://www.guru99.com/learn-sql-injection-with-practical-example.html • https://www.youtube.com/watch?v=WFFQw01EYHM – Buffer Overflow: • Buffer Overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. • https://www.youtube.com/watch?v=mTrTwg03N9M
  • 16. 16 Copyright © 2019 ONE BCG. All rights reserved. • Client-Side Attack – Content Spoofing : • Content Spoofing tricks a user into believing that certain content appearing on a website is legitimate and not from an external source • https://www.geeksforgeeks.org/content-spoofing/ – Cross-Site Scripting : • Cross-site Scripting (XSS) forces a web site to echo attacker-supplied executable code, which loads into a user’s browser. • https://www.acunetix.com/websitesecurity/cross-site-scripting/ • https://www.youtube.com/watch?v=cbmBDiR6WaY
  • 17. 17 Copyright © 2019 ONE BCG. All rights reserved. • Brute Force Attack – Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. – The most obvious way to block brute-force attacks is to simply lock out accounts after a defined number of incorrect password attempts. – https://www.youtube.com/watch?v=25cazx5D_vw
  • 18. 18 Copyright © 2019 ONE BCG. All rights reserved. • DOS Attack – A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users. – Consider a functionality (such as registration) which typically does not require authentication. An attacker can easily place a heavy load on the server by simulating multiple registration operations and by feeding in arbitrarily huge input data through the registration fields, thus placing a further load on the server and also consuming database connections. This could cause the server to crash or slow down to a crawl.
  • 19. 19 Copyright © 2019 ONE BCG. All rights reserved. • Forceful Browsing – A malicious user can access the complete application from different browsers without login. – How to perform: Log in to an application then copy the URL now paste it in another browser and check whether the user is logging in or redirected to the login page. – Recommendation: The application must implement proper session/cookie management on the server-side, to ensure strict access control. This would avoid any user indirectly copy-pasting of the link to get unauthorized access into the internal pages.
  • 20. 20 Copyright © 2019 ONE BCG. All rights reserved. • Spoofing – Website/Email Id/Caller Id/IP Address/Mac Address/DNS/GPS Location – https://www.youtube.com/watch?v=YKH2VJvQJfc • Session Management – A web session is a sequence of the HTTP request and response transactions linked with the same user. The session management tests check how session management is handled in the web app. – You can test for session expiry after particular idle time, session termination after maximum lifetime, session termination after log out, check for session cookie scope and duration, testing if a single user can have multiple simultaneous sessions, etc.
  • 21. 21 Copyright © 2019 ONE BCG. All rights reserved. • Phishing Attack – It is a technique that uses trickery and deceit to obtain private data from users. – A hacker may try to impersonate a genuine website such as yahoo and then ask the unsuspecting user to confirm their account name and password. – This technique could also be used to get credit card information or any other valuable personal data.
  • 22. 22 Copyright © 2019 ONE BCG. All rights reserved. • Session Timeout. • A session should terminate when the user is gone through an error page. • Autofill should be off. • Check whether an application is able to view the authenticated page using the back button of the browser. • Check whether It is possible to view the contents of the authenticated pages by fetching the page from the browser cache memory and history. • Users should not have the option to remember the password as this may give unauthorized access to malicious users. Other Security Checks
  • 23. 23 Copyright © 2019 ONE BCG. All rights reserved. • OpenVas: This tool is used for Vulnerability Testing • Websecurity: This tool is used for Vulnerability Testing • Wapity: This tool is used for Vulnerability Testing • Vega: This tool is used for Vulnerability Testing • Zed Attack Proxy(ZAP): This tool is used for Penetration Testing • Iron Wasp: This tool is used for Vulnerability Testing • SQLMap: This tool is used for SQL Injection • BeEF(Browser Exploitation Framework): This tool is used for Penetration Testing Security Testing Tools
  • 24. 24 Copyright © 2019 ONE BCG. All rights reserved.