SECURITY TESTING - Bug Reaper

                  Bug Reaper

Lean about Automation Testing,Selenium WebDriver,RestAssured,Appium,Jenkins,JAVA,API Automation,TestNG,Maven, Rest API, SOAP API,Linux,Maven,Security Testing,Interview Questions

Monday, 23 September 2013

SECURITY TESTING



Security Testing is a type of software testing that intends to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.

EXAMPLE OF A BASIC SECURITY TEST
This is an example of a very basic security test which anyone can perform on a web site/application:
  • Log into the web application.
  • Log out of the web application.
  • Click the BACK button of the browser (Check if you are asked to log in again or if you are provided the logged-in application.
  • SECURITY TESTING CHECKLIST

  • a.)Verify the web page which contains important data like password, credit card numbers, secret answers for security question etc should be submitted via HTTPS (SSL).
  • b.)Verify the important information like password, credit card numbers etc should display in encrypted format.
    c.)Verify if the password is changed the user should not be able to login with the old password.
  • d.)Verify the error messages should not display any important information.
  • e.)Verify the “View Source code” option is disabled and should not be visible to the user
    f.)Verify the cookie information is stored in encrypted format.
    g.)Verify the session values are in an encrypted format in the address bar.
    h.)Verify the user account gets locked out if the user is entering the wrong password several times.
    i.)Verify to access the secured and non secured web pages directly without login.


  • SECURITY TESTING COMPLIANCE that every web application should satisfy

    1.Disable autocomplete HTML attribute
    Risk:- It is found that a password field does not enforce the disabling of the autocomplete feature.

    2.
    Missing secure and httponly attribute in encrypted session cookie
    Risk :- Cookie can access through client-side script and without secure attribute will allow the cookie to be sent over insecure connections.
    3.Cookie attribute should be set to HTTPOnlyRisk:-Cookies support a security feature known as HTTPOnly. This feature protects a cookie from being read by a Java Script. This is an additional layer of defense against Cross Site Scripting (XSS) attacks.

    4.Default web-page should not be present in the server & server should returns http 404 error message.
     Risk:- An adversary can gain information about the type of web server which may be helpful in launching further attacks.

    5.Session ID should not remain Constant after Logging In.
    Risk:-On accessing the login page of the application the user receives the session id which remains constant until the browser instance used to launch the application is closed. An adversary can hijack the session and can gain the unauthorized access to the sensitive data. 

    6.Redirect the application from http to https
    Risk:- HTTP is unsecure and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information.

    7.Enforce the use of POST method
     Risk:- GET method can pose a security risk for a web application, as they allow an attacker to modify the files stored on web server, and in some scenarios, steal the credentials of legitimate users.

    8.Disable the trace and track method
    Risk :- The response content type (message/http), and the echoing of the request text and headers in the response, indicate that the TRACE/TRACK method is enabled on the server.

    9.Cross site scripting (xss) should not be there .

    Risk:- cross site scripting vulnerabilites can be exploited to manipulate or steal cookies ,create requests that can be mistaken for those of a valid user, compromise confidentail information, or execute malicious code on end user systems. account hijacking , the attacker can hijack the user session before the session cookie expires and take actions with the privileges of the user who accessed the url,such as issuing database queries and viewing the results. malicious script execution users can unknowingly execute java_script, vbscript, activex, html, or even flash content that has been inserted into a dynamically generated page by an attacker

2 comments:

  1. Nice check list..liked ur blog.. can u please the above 9 ponits how actally to test these :)

    ReplyDelete
  2. Pretty article! I found some useful information in your blog, it was awesome to read, thanks for sharing this great content to my vision, keep sharing. Need to learn
    Security Testing Services
    Test Automation Services
    Software Testing Services
    Compatibility Testing Services
    Regression Testing Services

    ReplyDelete