Exploiting website vulnerabilities is Number One problem in the world. This is solely because website are open to internet and hence can potentially expose sensitive data which interests the evil hackers. Thats the reason web security testing services are so important for organizations
Websites are typically vulnerable to code based or network based attacks. This enables hackers to take over and control system components such as routers, firewalls, switches and servers and in worst cases, the website code. Even though the website is plain simple and static html based, it needs detailed pen-testing (VAPT testing), and is often forgotten by IT management. Thus security testing of websites or web portals or web applications is highly required. It must be carried out by certified best penetration testing (pentest) companies who follow security testing methodologies based on OWASP Top-10 model.
Web servers and the application code running on those as a simple website or web portal, are vulnerable to various attacks. In one type of attack, the hacker can simply deface the pages, while in other serious types, the attacker can potentially steal data and disrupt website operations.
Web security testing is especially important in case of e-commerce based portals, wherein the entire business relies on website and its data contents. In case of recent trend the websites cater to mobile based applications which demands for an end to end testing for total app security. Its important to understand that merely having firewalls and Layer-7 devices are not enough because those cannot detect code level vulnerabilities, and hence a detailed website VAPT along with code security review is highly recommended.
We perform web application penetration testing using world standard OWASP Top 10 model. While we perform testing using automated web security scanners, we prefer to perform manual security testing for the following attacks. More details on OWASP Top 10 can be found here.
|A1||Injection Attacks (SQL injections, Code injections)|
|A2||Broken Authentication and Session Management|
|A3||Cross Site Scripting (XSS)|
|A4||Insecure Direct Object References|
|A6||Sensitive Data Exposure|
|A7||Missing Functional Level Access Control|
|A8||Cross Site Request Forgery ( CSRF)|
|A9||Using Components with Known Vulnerabilities|
|A10||Invalidated Redirects and Forwards|
SQL injection vulnerabilities remain a headache for Web app developers, security professionals and database administrators . In a recent survey of 800 IT security pros and developers by the Ponemon Institute and app security firm Security Innovation, 42% of developers and 46% of security practitioners admitted SQL injection at the application layer had been exploited in a recent breach against their organizations. The responses made SQL injection the most-cited attack vector on a list that included cross-site scripting and privilege escalation.
SQL injection attacks exploit nonvalidated user input to issue commands through an application to a back-end database. Finding the holes through which these attacks can be launched isn't all that difficult. One of the first things attackers like to do is to see how an application handles errors. Another way to search for vulnerable sites is through Google hacking. Google hacking uses search engines to find security gaps by leveraging the mountains of data they index. An attacker might start by entering a search query called a Google Dork designed to locate results that could offer a clue about sites that might be vulnerable. There are a number of Google Dorks that can be useful for a hacker searching for a SQL injection vulnerability to exploit.
Cross site Scripting (XSS) attacks are a type of script injection in which malicious scripts are injected into web sites forms. XSS vulnerability is the most common flaw in web applications. Cross site scripting attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.
CSRF vulnerabilities occur when a website allows an authenticated user to perform a sensitive action but does not verify that the user herself is invoking that action. The key to understanding CSRF attacks is to recognize that websites typically don't verify that a request came from an authorized user.
Instead they verify only that the request came from the browser of an authorized user. Because browsers run code sent by multiple sites, there is a danger that one site will send a request to a second site, and the second site will mistakenly think that the user authorized the request.
A file upload vulnerability is when an application does not accept uploads directly from site visitors. Instead, a visitor can provide a URL on the web that the application will use to fetch a file. That file will be saved to disk in a publicly accessible directory. An attacker may then access that file, execute it and gain access to the site.
Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish the first step. While file upload problems are found typically in php code and frameworks, other platforms exhibit those too.
Session Fixation is an attack that permits an attacker to hijack a valid user session. The attack explores a limitation in the way the web application manages the session ID, more specifically the vulnerable web application. When authenticating a user, it doesn't assign a new session ID, making it possible to use an existent session ID.
The attack consists of obtaining a valid session ID (e.g. by connecting to the application), inducing a user to authenticate himself with that session ID, and then hijacking the user-validated session by the knowledge of the used session ID. The attacker has to provide a valid session ID and try to make the victim's browser use it.
Valency Networks is a very agile, friendly and fun loving atmosphere and yet we maintain a cutting edge technical vibrant work environment.