Web Application Pentesting is a way to identify, analyze, and report vulnerabilities in the Web Application. This includes buffer overflow, input validation error, code execution, SQL Injection in target web Application, and Cross-site scripting.
You can repeat the testing and conduct a serious procedure. The best method to test web applications for vulnerabilities is Web Application Penetration Testing.
Web Application Penetration Testing Checklist
Information Gathering
1. GNU Wget is a program that allows you to retrieve and analyze robot.txt files.
2. Check the version number. Database Details, error technical components, and bugs can be found by asking for invalid pages.
3. Use techniques like DNS inverse queries and DNS zone transfers, as well as web-based DNS searches.
4. Conduct Directory Style Searching, vulnerability scanning and Probe URLs using tools like and Nex.
5. You can identify the entry point to the application by using Burp proxy or OWSAP ZAP. TemperIE and WebscarabTemper data.
6. You can perform Fingerprinting using a traditional fingerprint tool such as Amap or Nmap.
7.By Requesting Common File Extension such as.ASP,EXE, .HTML, .PHP ,Test for recognized file types/Extensions/Directories.
8. Check out the Accessing pages of the application front-end to see the Sources code.
Authentication Testing
1. You should check if you can reuse the session from Logout. Also, verify if an application logs out users who are idle for certain periods of time.
2. Verify whether sensitive data Remains Stored in Browser Cache.
3. You can reset your password by using social engineering to crack secretsive questions or guessing.
Check the HTML code on the login page to see if the ‘Remember my Password’ mechanism is enabled.
5. Verify that the devices communicate directly with each other and are able to use an alternate communication channel.
6. For authentication weaknesses, test CAPTCHA.
7. You can check whether there are any weak security question/answer.
8. An attacker can use stolen credit cards, phone numbers and addresses to steal customer information. A web app firewall is able to filter malicious SQL queries from traffic.
Authorization Testing
1. To Access the Resources, Test the Privilege and Role Manipulation.
2.Check for Path Traversal using input Vector Enumeration. Analyze the input validation functions in the web app.
Test for parameter and cookie tempering using web spider tools.
4. You can test for HTTP request tempering and see if you are able to illegally access reserved resources.
Configuration Manager Testing
1. Verify directory, File Enumeration review servers and application documentation. Also, make sure to check infrastructure and interfaces for application administration.
2. Perform network scans and analyze the Web server banner.
3. Verify the existence of any obsolete Documentation or Backup files. Also, verify that referenced files, such as source codes and passwords, are not missing.
4.identify the port numbers associated with the HTTP/TLS services by using NMAP or NESSUS.
5.Review the OPTIONS HTTP method with Netcat and Telnet.
6. For credentials from legitimate users, test for HTTP methods.
7. To review information from the log files, source code and default error codes, perform an application configuration management testing.
Session Administration Testing
1. To test for Cross-sight Request Forgery, check the URL’s within the Restricted Area.
2.Explore Exposed Session Variables by Inspecting the Encryption, Reuse, and Caching of , Proxies, and Caching, GET&POST.
3. To perform an Attack, gather enough cookie samples to analyze and create a valid cookie.
4. You can test the cookie attribute with intercept proxies like Burp Proxy or OWASP ZAP.
5. To avoid session sealing, test the session fixation. (session Hijacking )
Data Validation Testing
1. Analyze Javascript Coding Errors by Performing Sources Code
2. Perform Union Query SQL injection testing, standard SQL injection Testing, blind SQL query Testing, using tools such as sqlninja,sqldumper,sql power injector .etc.
3. Analyze HTML Code. Test for stored XSS. Leverage stored XSS. Using tools like XSS proxy. Backframe. Burp Proxy. OWASP. ZAP. XSS Assistant.
4. LDAP Injection Testing for sensitive information regarding users and hosts.
5. To access the Backend Mail server, perform IMAP/SMTP Injection Testing.
6. Perform XPATH Injection testing to access the confidential information
7. To find out more about XML Structure, XML Injection Testing is recommended.
8. To identify errors in input validation, code injection testing should be performed.
9. For stack and heap memory information, and control flow of the application, perform Buffer Overflow testing.
10. HTTP splitting, smuggling cookies and HTTP redirect information.
Denial of Service Testing
1. You can send large numbers of requests that run database operations. Also, you should observe slowdowns and new error messages.
2. Perform manual source code analysis. Submit a variety of inputs with varying lengths for the applications
3.Test SQL wildcard attacks to test application information. Enterprise Networks need to choose the best DDoS attacks prevention services in order to protect their networks from DDoS attacks.
4. If the application is able to handle more objects than it can allocate, Test for User will determine.
5. As a Loop counter, enter an extreme large number of input fields. You can protect your website against future attacks. Also, check out the Downtime cost for DDOS Attacks.
6. You can use a script that will automatically send a very long value to the server. This request will be recorded.
Complete Advanced .
