Application vulnerability testing services
|
Vulnerability
|
Description
|
|---|---|
| Injections | Testing for injection flaws in the app (eg. SQL, LDAP, Xpath, NoSQL queries, XML parsers, JSON parsers, HTTP Headers, SMTP Headers, program arguments etc) |
| Broken Authentication and Session Management | Testing for application areas such as logout, password management, timeouts, remember me, secret question, account update, etc |
| XSS (Cross Site Scripting) | Testing for flaws in user supplied data in any of web application page sent to the browser without properly validating or escaping can cause XSS. XSS can be: Server XSS – Flawed data returned by the server. Can be stored server XSS or reflected server XSS Client XSS – Flawed data used to update the DOM with an unsafe JavaScript call. Can be Stored Client XSS or Reflected Client XSS. |
| Insecure Direct Object References | Penetration testing for exposure of reference to your application internal implementation object, such as a file, directory, or database key that can be manipulated by hacker. |
| Security Misconfiguration | Reviewing configurat of your application, frameworks, application server, web server, database server, and platform. |
| Sensitive Data Exposure | Testing and analyzing your application for sensitive data exposure, such as credit cards, tax IDs, and authentication credentials not protected and encrypted either at rest or in transit. |
| Missing Function Level Access Control | Testing your application for server not verifying function level access rights before making that functionality visible in the UI or when the same function is accessed. |
| Cross Site Request Forgery (CSRF) | Testing your application for any user defined code, website, HTML feed or any other agent that can load content into the browser can force users to submit forged request to your application. |
| Using components with known vulnerabilities | Testing and analyzing components within your application with known vulnerabilities (eg. libraries, frameworks, php modules etc) running with full privilege that can be exploited by hackers |
| Security Misconfiguration | Reviewing configurat of your application, frameworks, application server, web server, database server, and platform. |
Syntrosys Security Vulnerability Testing Approach
Metrics, Criteria, Measurement & traceability
Proposed Vulnerability testing tools
| Testing | Open SourceTool |
|---|---|
| Static Analysis tools | |
| PHP security analysis | PHP-SAT, SWAAT |
| JavaScript security analysis | JSPrime, Esprima |
| Penetration testing tools | |
| Injection, XSS, CSRF | ZAP (https://code.google.com/p/zaproxy/) |
| Broken Session Management | ZAP |
| File disclosure, local and remote include etc | ZAP |
| Weak security configuration | ZAP(TBD) |
| HTTP response spitting, cache poisoning | ZAP |
| Command execution detection | ZAP |
