Website penetration testing

What is penetration testing?

A penetration test, pen test, also known as ethical hacking, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. In other words, a penetration test is a process in which methodologies and techniques are used in an attempt to identify security weaknesses and flaws that could allow a malicious attacker to cause harm or gain unauthorized access to, the resources located in the targeted system (such as databases, credit card information, sensitive personal data, etc.). Once the security flaws are identified, an analysis of the potential risks and vulnerability impact is provided alongside remediation measures.

Security testing will never be an exact science where a complete list of all possible issues that should be tested can be defined. Indeed, security testing is only an appropriate technique for testing the security of web applications under certain circumstances. Our penetration test team will push your system to its limits in a barrage of simulated cyber attacks, discovering every possible vulnerability so that your organization gets the complete picture and 100% of your data is safe.

Why is website penetration testing important?

The need for web application-oriented penetration testing is mostly driven by the change in the Security landscape. With more and more vulnerabilities being discovered in web-related products and services every year, organizations and vendors are required to keep their knowledge bases and IT infrastructures as up-to-date as possible to prevent their security status from falling behind.

The numbers don’t lie: in 2017 the total amount of registered vulnerabilities has more than doubled its numbers on 2016, according to the Common Vulnerabilities and Exposures (CVE) database, skyrocketing from 6,447 registered vulnerabilities in 2016 to 14,712 in 2017:

KiK Security vulneralities statistic by year

his is truer than ever for web applications. As the development and availability of new technologies such as APIs, IoT devices increased, the amount of potential risks and threats grows consequently. The total amount of published Cross-Site Scripting (XSS) vulnerabilities in the CVE database increased by 304.83%; from 497 registered in 2016 to 1,151 in 2017:

KiK Security vulneralities by type and year

As for SQL Injection (SQLi) vulnerabilities, the increase was of an astonishing 535,12%.

30000 +
Hours Security Experience

Takes 10 000 hours to become an world class expert. Became possible because we adore our work.

120 +
Happy clients

We are preferred provider of cyber security services and products. Strong cyber security is revenue generator.

300 +
Penetration tests

We have found more than a thousand vulnerable web sites, applications and devices.

1000 +
Protected

More than a thousand protected websites, applications and devices from criminals and malicious software attacks.

GET A FREE QUOTE

What Is Our Testing Methodology?

Passive Testing

During passive testing, a tester tries to understand the application’s logic and explores the application as a user. Tools can be used for information gathering. For example, an HTTP proxy can be used to observe all the HTTP requests and responses. At the end of this phase, the tester should generally understand all the access points and functionality of the system (e.g., HTTP headers, parameters, cookies, APIs, technology usage/patterns, etc).

For example, a tester may find a page at the following URL: https://www.example.com/login

This may indicate an authentication form where the application requests a username and password.

The following parameters represent two access points to the application: https://www.example.com/appx?id=1000&p=abc

In this case, the application shows two access points (parameters id and p). All the input points found in this phase represent a target for testing. Keeping track of the directory or call tree of the application and all the access points may be useful during active testing.

Active Testing

During active testing, a tester begins to use the methodologies described in the follow sections:

  1. Configuration and Deployment Management Testing
    • Test Network Infrastructure Configuration
    • Test Application Platform Configuration
    • File Extensions Handling for Sensitive Information
    • Review Old Backup and Unreferenced Files for Sensitive Information
    • Enumerate Infrastructure and Application Admin Interfaces
    • HTTP Methods
    • HTTP Strict Transport Security
    • RIA Cross Domain Policy
    • File Permission
    • Subdomain Takeover
    • Cloud Storage
    • Test for Content Security Policy
  2. Identity Management Testing
    • Role Definitions
    • User Registration Process
    • Account Provisioning Process
    • Testing for Account Enumeration and Guessable User Account
    • Testing for Weak or Unenforced Username Policy
  3. Authentication Testing
    • Testing for Credentials Transported over an Encrypted Channel
    • Default Credentials
    • Weak Lock Out Mechanism
    • Bypassing Authentication Schema
    • Vulnerable Remember Password
    • Browser Cache Weaknesses
    • Weak Password Policy
    • Weak Security Question Answer
    • Weak Password Change or Reset Functionalities
    • Weaker Authentication in Alternative Channel
  4. Authorization Testing
    • Directory Traversal File Include
    • Bypassing Authorization Schema
    • Privilege Escalation
    • Insecure Direct Object References
  5. Session Management Testing
    • Testing for Session Management Schema
    • Cookies Attributes
    • Session Fixation
    • Exposed Session Variables
    • Cross Site Request Forgery (CSRF)
    • Logout Functionality
    • Session Timeout
    • Session Puzzling
    • Session Hijacking
    • JSON Web Tokens
  6. Input Validation Testing
    • Testing for Reflected Cross Site Scripting (reflected XSS)
    • Stored Cross Site Scripting (Stored XSS)
    • HTTP Verb Tampering
    • HTTP Parameter Pollution
    • SQL Injection (Oracle, MySQL, SQL Server, PostgreSQL, MS Access, NoSQL Injection)
    • ORM Injection
    • Client-side
    • LDAP Injection
    • XML Injection
    • SSI Injection
    • XPath Injection
    • IMAP SMTP Injection
    • Code Injection
    • File Inclusion
    • Command Injection
    • Format String Injection
    • Incubated Vulnerability
    • HTTP Splitting Smuggling
    • HTTP Incoming Requests
    • Host Header Injection
    • Server-side Template Injection
    • Server-Side Request Forgery
    • Mass Assignment
  7. Testing for Error Handling
    • Improper Error Handling
    • Stack Traces
  8. Testing for Weak Cryptography
    • Weak Transport Layer Security
    • Padding Oracle
    • Sensitive Information Sent via Unencrypted Channels
    • Weak Encryption
  9. Business Logic Testing
    • Introduction to Business Logic
    • Business Logic Data Validation
    • Ability to Forge Requests
    • Integrity Checks
    • Process Timing
    • Number of Times a Function Can Be Used Limits
    • Circumvention of Work Flows
    • Defenses Against Application Misuse
    • Upload of Unexpected File Types
    • Upload of Malicious Files
  10. Client-side Testing
    • Testing for DOM-Based Cross Site Scripting
    • Self DOM Based Cross-Site Scripting
    • JavaScript Execution
    • HTML Injection
    • Client-side URL Redirect
    • CSS Injection
    • Client-side Resource Manipulation
    • Cross Origin Resource Sharing
    • Cross Site Flashing
    • Clickjacking
    • WebSockets
    • Web Messaging
    • Browser Storage
    • Cross Site Script Inclusion
  11. API Testing
    • Testing GraphQL

What Are the Stages of Pen Testing?

Through penetration testing, you can proactively identify the most exploitable security weaknesses before someone else does. However, there’s a lot more to it than the actual act of infiltration. Pen testing is a thorough, well thought out project that consists of several phases:

1

Planning and Preparation

Before a pen test begins, the testers and their clients need to be aligned on the goals of the test, so it’s scoped and executed properly. They’ll need to know what types of tests they should be running, who will be aware that the test is running, how much information and access the testers will have to start out with, and other important details that will ensure the test is a success.

2

Discovery

In this phase, teams perform different types of reconnaissance on their target. On the technical side, information like IP addresses can help determine information about firewalls and other connections. On the personal side, data as simple as names, job titles, and email addresses can hold great value.

3

Penetration Attempt and Exploitation

Now informed about their target, penetration experts can begin to attempt to infiltrate the environment, exploiting security weaknesses and demonstrating just how deep they can go.

4

Analysis and Reporting

Pen testers should create a report that includes details on every step of the process, highlighting what was used to successfully penetrate the web application, what security weaknesses were found, other pertinent information discovered, and recommendations for remediation.

5

Clean Up and Remediation

Pen testers should leave no trace, and need to go back through systems and remove any artifacts used during the test, since they could be leveraged by a real attacker in the future. From there, and organization can begin to make the necessary fixes to close these holes in their security infrastructure.

6

Retest

The best way to ensure an organization’s remediations are effective is to test again. Additionally, IT environments, and the methods used to attack them, are constantly evolving, so it is to be expected that new weaknesses will emerge.

What are the different types of penetration tests?

BLACK BOX TEST
BLACK BOX TEST

Аlso known as a blind test. Requires zero knowledge of the company’s assets. Penetration testers perform a complete reconnaissance phase to uncover the company’s assets and get to pick their own path around security controls as well as executing a strategy of their own.

GRAY BOX TEST
GRAY BOX TEST

In this type of tests,  penetration tester knows the role of the system and of its functionalities, and also knows (though not extensively) its internal mechanisms (especially the internal data structure and the algorithms used). However, he or she does not have access to the source code!

WHITE BOX TEST
WHITE BOX TEST

Consist in reviewing the functioning of an application and its internal structure, its processes, rather than its functionalities. Here, all the internal components of the software or application are tested through the source code, main work base of the tester.

Our Advantages

Our cyber security team will push your system to its limits in a barrage of simulated cyber attacks, discovering every possible vulnerability so that your organization gets the complete picture and 100% of your data is safe.

  • Superior Skills and Experience
  • Reputation
  • Competitive Pricing
  • Results Designed For Real Decisions

Find the Risks. Understand the Consequences. Sleep better.