-
7/27/2019 Entersoft Advanced web application penetration
testing
1/9
https://entersoft.co.in
Entersoft Information Systems Pvt Ltd
-
7/27/2019 Entersoft Advanced web application penetration
testing
2/9
https://entersoft.co.in
is one of the offensive SECURITY AUDITs
is a complex of activities aimed to estimate currentsecurity
posture of your application by directlyattacking your
application
is != unreal attack activities
is != vulnerabilityassessment
-
7/27/2019 Entersoft Advanced web application penetration
testing
3/9
https://entersoft.co.in
Almost equal to real time attack. Realtime assessment
HELPS in
Estimating security posture of your application.
Identifying hackers primary attack vector
Proactively mitigating security risks
Keeping your website LIVE!
-
7/27/2019 Entersoft Advanced web application penetration
testing
4/9
https://entersoft.co.in
Finding the entrypointsReconnaissance
Analysis of Errorcodes
Information Gathering
HTTP methods andSSL configurationsanalysis
Infrastructure andserver levelvulnerabilitiesidentification
ConfigurationManagement Testing
Enumerationtechniques and Bruteforcing
Access restrictionstestings
Authentication Testing
-
7/27/2019 Entersoft Advanced web application penetration
testing
5/9
https://entersoft.co.in
Session fixation andsession management
vulnerabilities
Session Managementtesting
Path traversal and usermanagement testing
Access and documentcontrol testing
Authorization and accesstesting
AJacking theapplication
Exploiting andcompromisepossibility testings
Data validation testing
-
7/27/2019 Entersoft Advanced web application penetration
testing
6/9
https://entersoft.co.in
DOS testingDDOS testing
Web firewalltesting
Web server
Resilience and other testing
PerformingOWASP top 10
AnalyzingOWASP top 10
Identification and Classification[OWASP top 10/WASC]
ClassificationofVulnerabilitiesbased on risksand priority
Reporting
-
7/27/2019 Entersoft Advanced web application penetration
testing
7/9https://entersoft.co.in
Reports not to hav e any false positiveso Entersoft promises
that its Advanced Web application Penetration
Testing services will provide deliverables or output
[PDF/HTMLformatted report] that contains absolutely no false
positives
o Entersofts methodology is likely to identify much
vulnerability thatgenerally cannot be identified with traditional
penetration testingmethods. We use offensive security
methodologies. We are Advancedin our tests
No service d isruption o Entersofts Advanced WAPT methodology
makes sure your usual
operations are not effected during our penetration testing. We
do alot of study before performing a penetration testing
Unusua l testso We provide the following unusual testso DOS and
DDOS resilience testingo Zero days an CMS exploits
-
7/27/2019 Entersoft Advanced web application penetration
testing
8/9https://entersoft.co.in
Entersofts offensive security experts have enteredhall of fame
in the following major technologygiants by continuously submitting
Web
application vulnerabilities using our advancedWAPT
techniques.
Nokia Maps [XSS] Drop Box [Stored XSS] Uninor [Sensitive
information disclosure] Blackberry [XSS] Apptentive [XSS]
-
7/27/2019 Entersoft Advanced web application penetration
testing
9/9https://entersoft.co.in
[email protected]
Ph: +91-40 65810005
https://entersoft.co.in/contact
