Web Application Security

A security testing is the most essential testing in the software field ,the users might compromise on the design or on the aspects based functionality, but security will not be compromised at any stage.

What makes this thing a diamond in the testing field is the confidentiality that any human what to keep on their activities, Its basic human nature to keep a secret by themselves, they don’t want any external interference in their data and of course the risks that a leaked data can cause such as:If a net banking details or credit card details are stolen then the person’s whole life’s savings will be finished in seconds

A security breach in a software can cause many adverse affects most dangerous one is the data theft and rest are like Application crashing, Database damages, Application design break or unauthorized content manipulation

Today Web application is the most commonly used IT product, we have web application for most of anything in this world. We are now using web applications for many things in our daily life like Social media, Food ordering, Online shopping, Internet banking etc.
It has limitless application in our day to day life.
So if a Web application is a common one and is used by vast customers on a day to day basis that one will definitely be tried to attack, such web applications should be tested with all the latest available security testing methods and frequent security and vulnerability tests should be done to ensure its safety.
The Web application can either be public or will be restricted one(to particular IP in most cases).The Public one here is most prone to attacks as it is publicly available to all.

Some of most common Security vulnerabilities in Web Application are:

SQL Injection :Using SQL injection an attacker can interfere with the SQL queries that an application makes to its database. Using this An attacker can fetch the data in database or corrupt the database

Cross Site Scripting: Here a malicious script is set in the vulnerable part of the web application and when the user interacts with that section the script is executed. A severe malicious script can lead to user losing the account permanently

Broken Authentication and Session Management: Here there is a potential to steal a user’s login data or clone session data to gain unauthorized access to users Account

Insecure Direct Object References: It is an access control vulnerability that arises when the critical information such as id or password is passed directly without any encryption to access any object.

Cross Site Request Forgery: This security flaw allows an attacker to make a user into submitting a web request that they did not intend. attack.

Distributed Denial of Service Attack: This type of attack involves a group of computers being harnessed together by a attacker and they flood the application with traffic
Insecure Cryptographic Storage: As the name itself says here a poorly encrypted data is targeted by attackers.

Failure to restrict URL Access :A web application will have url to access different contents and some path will be restricted to particular users or IP’s ,so failing to restrict the access to such path will make the Application vulnerable to attacks

Security test methodology

Vulnerability Scanning: Automated software is used to scan the application against known vulnerability signatures.

Security Scanning: Here the system weakness is identified and later it is fixed. Usually this is done based on a previously planned set of criteria. This can be done manually or automation

Penetration testing: It is an attack on a system with the intention of finding security breaches and loopholes, potentially gaining access to its functionality and data.

Risk Assessment: This testing includes analysis of security risks observed in the application. E.g. If a login to an account is done via Facebook.and that Facebook account is under attacked then our system is also possible under threat .So such assessments are done in Risk assessment and provide measures to avoid it.

Security Auditing: A security Auditing is like any other general auditing it inspects the application on a scheduled basis for find security flaws

Ethical hacking: Unlike external hackers, who steal for their own gains, this is done by the company authorised personals to find the vulnerabilities before an external hacker finds it.

Posture Assessment: It is a combination of Security scanning, Ethical Hacking and Risk Assessments to show an overall security posture of an organization.

Commonly Used Open source Testing tools: