Starting with security testing

Security test is a group of measures to secure an application against unforeseen actions that can cause the application to stop or to expose data. These actions can be intentional (caused by hackers) or unintentional. So apart from the obvious reasons why you should be sure your application is not vulnerable, you have at organization level:

  • Responsibility
  • Corporate responsibility
  • Regulatory bodies
  • Compliance
  • Legal
  • Financial

And at the technical point of view:

  • Integrity
  • Authorisation
  • Confidentiality
  • No repudiation
  • Availability
  • Authentication


So, what should you do when creating some security tests ?

You need to seek permission before you start, then try to learn on sandbox applications or virtual machine, not real environments. Keep focused when doing the tests and prepare in advance threat modelling/survey sessions.

The web security vulnerabilities are prioritized depending on exploitability, detectability and impact on software.

  • What is needed to exploit the security vulnerability?Β 

Highest exploitability when the attack needs only web browser and lowest being advanced programming and tools.

  • How easy is it to detect the threat?Β 

Highest being the information displayed on URL, Cookies, Form or Error message and lowest being source code.

  • How much damage will be done if the security vulnerability is exposed or attacked?

Highest being complete system crash and lowest being nothing at all


Threat modelling

A range of techniques for analyzing the security of an application, examples:

  • Data flow diagrams
  • Threat categorization
  • Trust levels


You need to understand how the data is manipulated in all levels:

  • Entered
  • Stored
  • Transported
  • Presented


What are the assets you want to protect, which can be physical or abstract:

  • Reputation
  • Customer data/client
  • Corporate data


Threat Modelling – STRIDE

  • Spoofing
  • Tampering
  • Repudiation
  • Information Disclosure
  • Denial of service
  • Elevation of privilege


There are so many ways to check if your application is vulnerable, like:

  • User Inputs
  • Error messages
  • URLs
  • Files and attachments
  • Request/Response headers
  • Insecure User Credentials
  • APIs
  • Cookies


If you want to test injection flaws for example, you can exploit by submitting untrusted data, also it is very common and easy to exploit causing extremely damaging problems if not fixed. This type of issue can affect UI elements, URLs, parameters in requests and cookies. Examples of Injection are SQL Injection and Cross Site Scripting,


Broken Authentication and Session Management

The causes of a insecure session management may lead to session hijacking, spoofing or fixation and to escalation of privilege. Fairly common, simple to exploit, but can have wide ranging and damaging impact. It can affect session tokens, user credentials, request parameters.





Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.