A Web Application Penetration Testing Checklist Overview
Penetration testing is the process of testing a software by trained security experts (aka penetration testers or ethical hackers) in order to find out its security vulnerabilities. The objective of carrying out such a test is to strengthen the security vulnerabilities which the software may contain so that they don’t get easily exploited (or taken advantage of) by the hacking community.
In the case of web application penetration testing, the software being tested is a web application stored in a remote server which clients can access over the internet. Web applications are obviously easy targets for hackers and therefore it is imperative for the developers of these web applications to frequently carry out penetration testing to ensure their web applications stay healthy – away from various security vulnerabilities and malware attacks.
In this blog, let’s take a look at some of the elements every web application penetration testing checklist should contain, in order for the penetration testing process to be really effective.
1. Contact Form Testing: The most preferred entry point for spammers is often a web application’s contact form. Therefore the contact form you have in your web application should be able to identify and prevent such spam attacks. Including CAPTCHA is one of the easiest ways of preventing contact form spamming.
2. Proxy Server(s) Testing: Proxy servers play a huge role in scrutinizing the traffic to your web application and pointing out any malicious activity. Therefore ensure the proxy servers within your network are functioning accurately and efficiently. Tools like Burp Proxy and OWSAP ZAP can go a long way in helping you accomplish this task.
3. Spam Email Filter Testing: Ensure spam email filters are functioning properly. Verify if they are successfully filtering the incoming and outgoing traffic and blocking unsolicited emails. In other words, ensure that email security policies are being enforced properly. Because, as we all know, spam mails are the much-preferred mode of attack for hackers.
4. Network Firewall Testing: Make sure your firewall is preventing undesirable traffic from entering into your web application. Also, ensure the security policies configured using the firewall are being implemented properly. A glitch in your firewall is like sending an invitation to hackers to come and hack your web application.
5. Security Vulnerability Testing: Carry out a thorough security check on various aspects associated with your web application like servers and other such network devices and make a list of the security vulnerabilities they pose. Then find and implement ways to fix them.
6. Credential Encryption Testing: Ensure all usernames and passwords are encrypted and transferred over secure “HTTPS” connection so that these credentials are not compromised by hackers through man-in-the-middle or other such attacks. Because just as your web application needs to be secure, so is the sensitive data being submitted by your clients.
7. Cookie Testing: Cookies store data related to user sessions. Therefore this piece of sensitive information, if it is exposed to the hackers, can result in the security of many users who visit your website or web application being compromised. Therefore ensure your cookie data is not exposed. Or in other words, not available in readable format or as plain text.
8. Testing For Open Ports: Open ports on the web server on which your web application has been hosted also present a good opportunity for hackers to exploit your web application’s security. Therefore carry out this security check and ensure there are no open ports on your web server.
9. Application Login Page Testing: Ensure your web application locks itself up after a specific number of unsuccessful login attempts. This is one of the most basic elements, which, when implemented correctly can go a long way in securing your web application from hackers.
10. Error Message Testing: Ensures all your error messages are generic and do not reveal too much about the problem. If you do so, it’s like announcing to the hacking community, “we have a problem here, you’re welcome to exploit it!” For example: “Invalid Credentials” is fine, but the message should not be specific as “invalid username or password.”
11. HTTP Method(s) Testing: Also review the HTTP methods used by your web application to interact with your clients. Ensure PUT and Delete methods are not enabled, as doing so will allow hackers to easily exploit your web application.
12. Username and Password Testing: Test all the usernames/passwords that are used on your web application. Passwords should be fairly complex and usernames should not be easily guessable. Separate such weak usernames and passwords and alert those users to change them.
13. File Scanning: Ensure all files you upload to your web application or server are scanned before they are uploaded.
14. SQL Injection Testing: SQL injection is one of the most popular methods employed by hackers when it comes to exploiting web applications and websites. Therefore ensure your web application is resistant to various forms of SQL injection.
15. XSS Testing: Also ensure your web application resists cross-site scripting or XSS attacks as well.
16. Access Permission Testing: Check the access permissions of your users and in case your web application provides role-based access, then ensure users are getting access only to those parts of the web application to which they have the right. Nothing more or less.
17. User Session Testing: This is very important. Ensure that user sessions end upon log off. Because if they don’t, that valid session can be easily hijacked by hackers – this process is known as session hijacking – for carrying out malicious activity.
18. Brute Force Attack Testing: Using appropriate testing tools, ensure your web application stays safe against brute force attacks.
19. DoS (Denial of Service) Attack Testing: Also ensure your web application stays safe against DoS (Denial of Service) attacks by using appropriate testing tools.
20. Directory Browsing: Ensure directory browsing is disabled on the web server which hosts your web application. Because if you don’t, you’ll be giving hackers easy access to your restricted files.
Kevin Jones87 Posts
Kevin has been into researching and writing about network security for almost two decades, earning a reputation as one of the finest among cyber experts.