800 800 070
Available H24
Via S. Pietro All’Orto 9, Milano
Via dei Gracchi 32, Roma
Via dei Gracchi 32, Roma
Email info@argocyber.it
Web Application Penetration Testing
0
Total Cyber Attacks In 2020
+
0
%
Cyber Attacks Compared to 2014
+
%
Phishing / Social Engineering Campaigns Compared to 2018
0
Monthly Cyber Attack Average
Argo cyber security
Why choose us
Argo Cyber is a project with a high technological and specialized component unique of its kind.
Using advanced IT technologies, it identifies innovative and customized solutions for its customers.
Web Application Penetration Testing
To date, a particularly important role in the various technical assessment activities is played by security tests on web applications. The reason for this attention lies in the attack vector statistics: more than half of cyber-attacks are possible due to programming errors. This evaluation consists of a series of attack attempts involving the protocols and communication logic used by end users to interact with web applications (attack on the web server, the application structure, authentication and authorization systems, interfaces management systems, client systems, etc.). In the specific case of web applications, these attacks are based on the manipulation of HTTP packets that are exchanged between the user’s browser and the web server.
Our Web Application Penetration Testing (WAPT) focuses on the thorough security assessment of a web application. The process involves an active analysis of the application to identify any weaknesses, technical flaws and vulnerabilities, analyzing various areas such as distribution configuration management, identity management, authentication, authorization, session management, input validation, error handling, encryption, application logic, and the client side. We try to identify and exploit all the vulnerabilities of the customer’s web application by showing the attack surface, performing over 66 security checks according to the international OWASP standard with a best-effort approach. Some of the controls and vulnerabilities found during the analysis are as follows:
- Information leakage: that is the analysis of sensitive data that can be exposed by the application (information visible through the examination of html pages, embedded scripts, other files or other non-indexed material, including the server-side code that is normally not visible to ‘user, information obtainable from comments, error messages or any debugging mechanisms, if any).
- Input validation: Appropriate management of user interaction, in order to identify possible weaknesses associated with malformed input, buffer overflows, etc.
- Data modification and alterability: data tampering by altering the business logic of the application.
- Incorrect interactions with the database: for example, the ability to execute commands via SQL injection techniques, including queries and other SQL statements in the database, resulting in the acquisition, modification, deletion or introduction of data in an uncontrolled and unauthorized manner, as well as possible execution of unauthorized code.
- Session management: logout mechanisms, session timeout, possibility of improper intrusion into a session via unverified access points, session hijacking, CSRF, etc.
- Data validation : XML Injection, SQL Injection, XPATH Injection, etc.
- Command Injection: Incorrect or unauthorized interactions with the operating system (for example, “shell escapes”).
- Cross-Site Scripting (XSS): Vulnerabilities that allow uncontrolled code to run in the security context of the application user, allowing the acquisition of sensitive information and causing, for example, session hijacking, launching of attacks of phishing, etc.
- Access control vulnerabilities implemented by the application: for example, escalation of horizontal or vertical privileges or access to unauthorized features, security of data in transit, etc.
These listed above are just some of the vulnerabilities analyzed and identified during our Web Application Penetration Testing activity.
Our
Certifications
Argo Cyber constantly invests in certifications to improve the level of services offered thus guaranteeing the utmost professionalism and safety to its customers.
Web Application Penetration Testing
Stages of The Activity
01 - Information Gathering
This phase focuses on the detection and classification of all information relating to the infrastructure, the services offered, the application technology and the related entry points of the target in scope. Both a “passive discovery” which does not require any solicitation of the target and is therefore not detectable and an “active discovery” which aims to identify the network services available on the infrastructure in question – via port scanning – and to identify – using fingerprinting techniques – remote platform technologies, associated services and applications, and fuzzing non-indexed directories and files.
02 - Vulnerability Assessment
The Vulnerability Assessment phase concerns the detection of existing vulnerabilities based on the results obtained during the Information Gathering phase. The data obtained through the first phase are analyzed on the basis of information disseminated on vulnerabilities. Diffusion guaranteed by accredited organizations such as Common Vulnerabilities and Exposures (CVE) and Open-Source Vulnerability Data Base (OSVDB).
The analysis allows you to have an overview of the security level of the technological infrastructure, including standard applications and / or services, aimed at highlighting potential vulnerabilities. This phase mostly uses both open source and commercial automatic tools, such as IBM Rational AppScan, Acunetix, BurpSuite and scanners and scripts created ad hoc. An analysis of the results will then be conducted in order to identify and eliminate any false positives.
03 - Penetration Testing & Exploiting
The aforementioned phase concerns the attempt to exploit any vulnerabilities detected in the previous phases. It is a typically manual activity conducted by highly specialized resources, and often performed with ad hoc developed software. The goal is to verify that there is no real possibility of exploiting the identified vulnerabilities and / or understanding the real impact of a potential system and data intrusion.
The following activity, thanks to the use of highly specialized resources, also leads to the discovery of new vulnerabilities, often more sophisticated and with greater criticality than those identified during the Vulnerability Assessment phase (it is estimated that 70% of new vulnerabilities found in this phase). Hence the great importance of the Penetration Testing activity carried out by highly specialized resources in order to give a more truthful view of the attack surface of a web application and thus avoid false senses of security due only to the use of software automatic scanning.
04 - Reporting
At the end of the WAPT a detailed report is drawn up containing the identified vulnerabilities (with relative details of the software / service concerned, screenshot, type of vulnerability, level of criticality, and possible remediation actions).
