What is Application Security Testing?

The purpose of this assessment was to evaluate the cyber security of your Web Application using simulated attacks to identify and exploit vulnerabilities in your Web Application. Malicious attacks are simulated using a variety of manual techniques supported by automated tools. Our penetration testing methodology goes beyond the detection process of simple scanning software to identify and prioritize the most vulnerable areas of your Web Application and recommend actionable solutions.

Talk To a Security Expert

We Will Help You To Choose The Best Plan!

Message Submitted!

Web Application Penetration Testing Methodology

KRATIKAL’s discursive method for web application penetration testing overlay the classes of vulnerabilities in the Open Web Application Security Project (OWASP) Top 10 2017, including but not limited to: Injection, Broken Authentication, Sensitive Data Exposure, XXE, Broken Access Control, Security Misconfigurations, XSS, Insecure Deserialization, using components with Known Vulnerabilities, and so more. Each and every web application penetration test is conducted consistently using globally accepted and industry standard frameworks. In order to ensure a sound and comprehensive application penetration test, Kratikal leverages industry standard frameworks as a foundation for carrying out penetration tests.

Kratikal is now empanelled by CERT-In

Kratikal provides a complete suite of Customizable Security Auditing Services.

Industry’s Best Security Standards

Our team of experts uses practices that involve the industry’s best security standards including:

OWASP Secure Coding Guidelines

  • Input Validation
  • Output Encoding
  • Session Management
  • Access Control
  • Cryptographic Practices
  • Error Handling and Logging
  • Communication Security
  • System Configuration
  • Database Security
  • File Management
  • Memory Management
  • General Coding Practices
  • Authentication and Password Management

SANS25 Secure Coding Guidelines

  • Out-of-bounds Read, Integer Overflow or Wraparound
  • Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Exposure of Sensitive Information to an Unauthorized Actor
  • Use After Free, Improper Authentication
  • Cross-Site Request Forgery (CSRF), Missing Authorization
  • Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

High Level Test Cases

Test Cases for Black-Box Assessment:

  • Information Gathering
  • Configuration and Deploy Management Testing
  • Data Validation Testing
  • Cryptography

Test Cases for Grey-Box Assessment:

  • Identity Management Testing
  • Authentication Testing
  • Authorization Testing
  • Session Management Testing
  • Input Validation Testing
  • Business Logic Testing
application security testing application security testing application security testing application security testing

Security Testing Methodology

application security testing

1

Reconnaissance

The first phase in a web application penetration test is focused on collecting as much information as possible about a target application. Reconnaissance, aka Information Gathering, is one of the most critical steps of an application pen test. This is done through the use of public tools (search engines), scanners, sending simple HTTP requests, or specially crafted requests. As a result, it is possible to force the application to leak information, e.g., disclosing error messages or revealing the versions and technologies used.
Example testing include: Conduct Search Engine Discovery and Reconnaissance for Information Leakage, Search Engine Recon, App Enumeration and App Fingerprinting, Identify app entry point

application security testing

2

Configuration Management

Comprehending the deployed configuration of the server/infrastructure hosting the web application is nearly as critical as the application security testing itself. After all, an application chain is only as strong as its weakest link. Application platforms are wide and varied, but some key platform configuration errors can compromise the application in the same way an unsecured application can compromise the server (insecure HTTP methods, old/backup files).
Example testing includes: TLS Security, App platform configuration, File Extension Handling and Cross Site Tracing, Test HTTP strict transport security, Test HTTP methods, Test File permission

application security testing

3

Authentication Testing

Authentication is the process of attempting to verify the digital identity of the sender of a communication. The most common example of such a process is the log on process. Testing the authentication schema means understanding how the authentication process works and using that information to circumvent the authentication mechanism.
Example testing includes: Weak lockout mechanism, Bypassing authentication schema, Browser cache weakness, Weaker authentication in alternative channel.

application security testing

4

Session Management

Session Management is defined as the set of all controls governing the stateful interaction between a user and the web application he/she is interacting with. In general, this covers anything from how user authentication is carried out, to what happens when they log out.
Example testing includes: Session Fixation, Cross Site Request Forgery, Cookie Management and Session Timeout, Testing for logout functionality.

application security testing

5

Authorization Testing

Authorization Testing involves understanding how the authorization process works and using that information to circumvent the authorization mechanism. Authorization is a process that comes after a successful authentication, so the pen tester will verify this point after he/she holds valid credentials, associated with a well-defined set of roles and privileges. As a result, it should be verified if it is possible to bypass the authorization schema, find a path traversal vulnerability, or find ways to escalate the privileges
Example testing includes: Directory Traversal, Privilege Escalation and Bypassing Authorization Controls, Insecure direct object reference.

application security testing

6

Data Input Validation

The most common web application security weakness is the failure to properly validate input coming from the client or from the environment before using it. This weakness leads to almost all of the major vulnerabilities in web applications, such as cross site scripting, SQL injection, interpreter injection, locale/Unicode attacks, file system attacks, and buffer overflows. Example testing include: Cross Site Scripting, SQL Injection, OS Commanding and Server- Side Injection, code injection, Local file inclusion and Remote fie inclusion, Buffer overflow

application security testing

7

Testing for Error handling

Often, during a penetration test on web applications, we come up against many error codes generated from applications or web servers. It's possible to cause these errors to be displayed by using a particular request, either specially crafted with tools or created manually. These codes are very useful to penetration testers during their activities, because they reveal a lot of information about databases, bugs, and other technological components directly linked with web applications.
Example testing include: Analysis for Error codes, Analysis for Stack Traces.

application security testing

8

Testing for Business logic

There are many examples that can be made, but the one constant lesson is "think outside of conventional wisdom". This type of vulnerability cannot be detected by a vulnerability scanner and relies upon the skills and creativity of the penetration tester. In addition, this type of vulnerability is usually one of the hardest to detect, and usually application specific but, at the same time, usually one of the most detrimental to the application, if exploited.
Example testing include: Integrity checks, Process timing, Upload of unexpected filetype, Ability to forge request.

application security testing

9

Client-side testing

Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client- side is distinct from executing on the server and returning the subsequent content.
Example testing include: JavaScript execution, Client-side URL redirection, Cross origin resource sharing and Manipulation.

application security testing

10

Denial-of-Service (Optional)

A denial of service (DoS) attack is an attempt to make a resource unavailable to its legitimate users. Traditionally, denial of service (DoS) attacks have been network based: a malicious user floods a target machine with enough traffic to make it incapable of servicing its intended users. There are, however, types of vulnerabilities at the application level that can allow a malicious user to make certain functionality unavailable. These problems are caused by bugs in the application and often are triggered by malicious or unexpected user input. This phase of testing will focus on application layer attacks against availability that can be launched by just one malicious user on a single machine. Not all clients have an appetite for DoS testing, therefore it may not always be a component of each and every penetration test.

application security testing

11

Reporting

The reporting step is intended to deliver, rank and prioritize findings and generate a clear and actionable report, complete with evidence, to the project stakeholders. The presentation of findings can occur in-person–format is most conducive for communicating results. At Kratikal, we consider this phase to be the most important and we take great care to ensure we’ve communicated the value of our service and findings thoroughly

Tools Used

We use industry benchmark security testing tools across each of the IT infrastructure as per the business and technical requirements.
Below are few from many of the tools we use:

Burpsuite

Nessus

Nmap

Acunetix

Net Sparker

DIRB

What Our Clients Say About Us?

Frequently Asked Questions

Browse through the FAQs given below to find answers to the commonly raised questions related to the VAPT services

Vulnerability Assessment and Penetration Testing (VAPT) is a security testing methodology that is composed of two, more specific methods within the same area of focus. The test is undertaken to perform security vulnerability assessment and identify the exploitable security vulnerabilities in your organization’s IT infrastructure.
You may have moved your assets to the cloud, however, that doesn’t mean that your data is 100% secure. Cloud security testing services are crucial to the security assurance of the cloud environment, systems and services.
The timeline of vulnerability assessment and penetration testing depends on the type of testing and the size of your network and applications.
There is no fixed price for a vulnerability assessment and penetration test. The cost depends on the time and effort it takes to carry out VAPT on your network and systems.
Yes, Kratikal is counted amongst the top VAPT companies in India. Our cyber security experts provide cyber security consulting services to help you protect your company’s systems, grow your business, and deploy proper security solutions to ensure safe operation.

Trusted By

Some of our valuable customers who have partnered with us.