In case you haven't read PART - I read it here
Lets continue..
Common attack vectors:
@Attack Vectors are the "scope" of an attacker/malicious user to attack on the application and exploit the vulnerabilities discovered by him.
The Following are some common attack vectors where an attacker can attack and gain a particular level of access to your web application or can make it unavailable to other users so that they cannot access the resources and features provided by this web app.
1. User Input Fields
2. URL & Parameter Manipulation
3. Information Disclosure (http header/server side error/etc..)
4. @Authorization
5. @Authentication
6. Insecure Data Storage
7. Insecure File Upload
8. Pivilage Elevation
9. Dos/DDos
10. Business Logics
11. Insecure Hosted Applications
12. Social Engineering
The following image includes them:
Check your existing web security:
Following are some of the question/check list to answer and have a look into to check whether your existing web application is having basic security implemented?
It can also be used as a checklist to develop a secured web application.
Infrastructure Considerations:
So #OperationalSecurity is also to be taken care of.
Web Application testing methodologies:
Lets continue..
Common attack vectors:
@Attack Vectors are the "scope" of an attacker/malicious user to attack on the application and exploit the vulnerabilities discovered by him.
The Following are some common attack vectors where an attacker can attack and gain a particular level of access to your web application or can make it unavailable to other users so that they cannot access the resources and features provided by this web app.
1. User Input Fields
2. URL & Parameter Manipulation
3. Information Disclosure (http header/server side error/etc..)
4. @Authorization
5. @Authentication
6. Insecure Data Storage
7. Insecure File Upload
8. Pivilage Elevation
9. Dos/DDos
10. Business Logics
11. Insecure Hosted Applications
12. Social Engineering
The following image includes them:
Check your existing web security:
Following are some of the question/check list to answer and have a look into to check whether your existing web application is having basic security implemented?
It can also be used as a checklist to develop a secured web application.
Infrastructure Considerations:
- Does the network provide secure communication?
- Does your deployment topology include an internal all?
- Does your deployment topology include a remote application server?
- What restrictions does infrastructure security impose?
- How are you validating user inputs?
- What do you do with the input?
- How do you authorize end users?
- How do you authorize the application in the database?
- How do you restrict access to system-level resources?
- Do you separate public and restricted access?
- How do you authenticate the Application?
- How do you authenticate with the database?
- Do you enforce strong account management practices?
- Do you store secrets?
- How do you store sensitive data?
- Do you pass sensitive data over the network?
- Do you log sensitive data?
- Why do you use particular algorithms?
- How do you secure encryption keys?
- Are you revealing your logic's unknowingly?
- Do you validate all input parameters?
- Do you pass sensitive data in parameters?
- Do you use HTTP header data for security?
- Are you revealing too much of information to the user?
- Sure you have made a check to all the corners?
- Are you exceptions default?
- Do you log fail attempts?
- Where are your logs stored?
- Are they open to public?
- Are your log files secure?
So #OperationalSecurity is also to be taken care of.
Web Application testing methodologies:
- Where to start?
- How to test a web application?
- What are the per-requisites?
- How to finding vulnerabilities?
- How to report?
- Any standards?
- Any drafts or documentation?
- How to mitigate risk?
Lets checkout few of them:
1. Owasp (www.owasp.org)
2. OSSTMM (www.isecom.org/research/osstmm.html)
3. NIST (csrc.nist.gov)
4. PTES (www.pentest-standard.org)
5. ISACA (www.isaca.org)
6. AppSec Labs Methodologies (www.appsec-labs.com) etc...
Why testing methodologies?
Testing with a particular method is known to be efficient because:
- It helps if you have missed out something.
- Defines the way to approach risk based testing
- Systematic way to conduct test.
- Proper report generation.
Having a checklist help developing a secured web application though, we never consider that an application is 100% secure but having this checklist we can say that we took security measures.
Following the standards helps a lot with security as it shows the direction. From where to start till where to end. Well, security is a never ending task! :D
0 comments:
Post a Comment