Web sites are windows that open your organization to the outside world. Because of their nature, they have to be always “open”. You can restrict the access of a service with a password or an IP address, or you can completely close the service access from outside your organisation. But in general, you don’t do these retrictions to a web application while you already want the application to be accessed by everyone.
While the application is able to be accessed by everyone, potential threat for you is the whole world. As a result, web application security is one of the most important subjects of cyber security.
With this article, we start to a series of blog posts about the checklists for web application pentests. Please remember that these are the basic controls, but not all. Technology and the attacking methodologies change day by day, so do checklists.
We strongly recommend you to create a checklist from our posts before the penetration test (pentest) starts. Note findings next to related bullet and put the screenshots of your findings. It will be very helpful when you prepare the pentest report.
The checklists subjected in this series are as follows:
- Learning application
- Information gathering & configuration management
- Authentication
- Session management
- Authorisation
- Data validation
- Denial of service
Let’s start with learning the application:
Learning Application
- Find the IP address of the application.
- Detect the application server where application runs.
- Collect the roles and users of the application as much as possible (If it’s not a black box pentest, ask to the owner of the application).
- Detect the hosting operation system(s).
- Detect the programming language.
- Find out the detailed site map (crawling – spidering).
- Detect the input fields.
- Detect the infrastructures used in application (If it’s not a black box pentest, ask to the owner of the application).
- Find out if the web services exist.
The next “checklists for web applications” post will be about the information gathering and configuration management. Continue to follow us.
- - Hacker Academy Ltd is proud to announce that it is now an official Delivery Partner of CompTIA
- - Hacker Academy Ltd is now a CREST Accredited Penetration Testing Provider across the EMEA Region
- - Cybersecurity Engineering Bootcamp Webinar
- - Checklists for Web Application Pentests – II: Information Gathering and Configuration Management
Trusted
Our experts are NATO cleared/experienced.
Experienced
Each of our experts has more than ten years of cybersecurity experience.
Collaborated
We are members of international consortiums.
Certified
Holding well-known cybersecurity certifications.
This website uses cookies to ensure you get the best experience on our website. Cookies Policy
GOT IT