Information Gathering
Configuration Management
Testing
Business Logic Testing
Authentication Testing
Authorization Testing
Session Management
Testing
Data Validation Testing
Denial of Service Testing
Web Services Testing
Ajax Testing
WEB APPLICATIONProposed Vulnerability Assessment Methodology
Application AnalysisVulnerability
Scanning/Exploitation
AssessmentMitigation
A simplified approach to web vulnerability assessment
Application Analysis
Application Specific
•Domain Name
• IP Address
•Development Language/ CMS Identification
• Third-Party Software Libraries
Server Specific
•Web Server Identification
•Database Server Application
Network Specific
•Network Architecture Modeling
• Proxy, Firewall Rules etc.
Vulnerability Scanning/Exploitation
Application Specific
• XSS
• Session grabbing
• Clickjacking
• Bruteforce form cracking
Server Specific
• SQL injection
• DoS attack
• Malicious code execution
• Remote shell exploits
Network Specific
• Live host scan
• Port scan
Assessment
Application Specific
•Number of fields vulnerable
• Exposed classified information
• Personal information
Server Specific
•Maximum server load evaluation
•Weak/unhashedpasswords
•Obsolete authentication mechanisms
Network Specific
•No Proxy
•Number of opened ports
• Firewall/proxy rules
References• Open Web Application Security Project. OWASP Testing Project. Published December 16,
2008. Accessed January 18, 2012. http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf
• Pete Herzog, Institute for Security and Open Methodologies. OSSTMM 3 (The Open Source Security Testing Methodology Manual: Contemporary Security Testing and Analysis