Insights into Application Security Testing and Best Practices

Slide Note
Embed
Share

Dive into the world of application security testing with a seasoned practitioner's advice and musings. Explore the basics, types of testing, initial steps like reconnaissance, user inputs, test cases, attack strategies, and useful tools. Learn about code reading techniques and key hints for securing applications effectively.

madelyn
madelyn Follow

Uploaded on Jul 05, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Application Security Testing A practitioner s rambling advice & musings

  2. Who am I? Security testing and software development for 13 years Manage a large FIs penetration testing team Blah blah blah

  3. The basics of APPLICATION SECURITY TESTING

  4. Types of Testing Black box White box Grey box

  5. Step Zero Reconnaissance What does the app do? What are some assumptions that are made? Platform? Language? Identify the attack surface Etc

  6. User Inputs Ports Pipes Form inputs Cookies Headers Web Services Etc .

  7. Step One - Test Cases Security testing What if ? What if I put in a -1 in the transfer amount field? How does it ? Does the server handle a 10 mb file being uploaded? Will it handle ? Etc

  8. Step Two - Attacks- aka the fun part Confirmation and refinement of test cases Your first attack is often wrong Tools are great for the low-hanging fruit

  9. Most Useful Tools Your brain Attack proxy (ZAP, Burp, Fiddler, etc ) IDE / Editor Google is your friend Your brain

  10. CODE READING 101

  11. Many different ways Some approaches User-interface down Grep Functional points Etc

  12. Some hints Look at APIs being used, and are they correct. HINT: esc_sql in Wordpress It should be noted that this function will only escape values to be used in strings in the query, as shown in the above example. That is, it only provides escaping for values that will be within quotes (as in field = '{$escaped_value}'). If your value is not going to be within quotes, your code will still be vulnerable to SQL injection. For example, this is vulnerable, because the escaped value is not surrounded by quotes in the SQL query: ORDER BY {$escaped_value}.

  13. Hints Continued <input value= <?php echo get_option( foo ); ?> /> XSS No encoding Make sure encoding is correct for the context

  14. Common Vulnerabilities Cross-site Scripting SQL injection Cross-site request forgery File upload

  15. Testing IN THE ENTERPRISE

  16. Types of Environments Large enterprises Consultancies Technology companies Government

  17. What Your Work Looks Like Typical Security Testers Day Finding Bugs Meetings Help Fixing Issues Corp BS

  18. Common Drivers Compliance Risk Nation states Business

  19. What does testing look like? Short duration Very little depth (usually) Way too many targets way too little time Looked at a different way lots of fun could be had

  20. HOW TO IMPROVE

  21. Obligatory Disclaimer Read the rules Don t be a Donkey Education purposes

  22. Resources Vulnerable apps Bug bounties CVEs Code check-ins Write your own code!

  23. Questions?

  24. THE LAB

  25. WordPress Background PHP and MySQL Plugins stored in /wp-content/plugins Themes stored in /wp-content/themes

  26. VM Has four vulnerable plugins installed Gravity forms blind SQLi Ab-google-map-travel persistent XSS Wordpress SEO blind SQLi Inboundio-marketing remote shell upload Read the code Test cases Admin login: user bitnami

  27. Useful Links Bug Bounties https://www.facebook.com/BugBounty http://www.google.com/about/appsecurity/reward-program/ https://hackerone.com/programs CVE - https://cve.mitre.org/ https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

Related


Understanding Gray Box Testing in Software Development

Understanding Gray Box Testing in Software Development

angele
Understanding Testing in Software Engineering

Understanding Testing in Software Engineering

redu_sha
Managing Application Security in Large Organizations: Insights and Best Practices

Managing Application Security in Large Organizations: Insights and Best Practices

joli_38
Testing Approach in SCREAM for E3SM Fall All-Hands 2019

Testing Approach in SCREAM for E3SM Fall All-Hands 2019

filip
Uganda's Successes in Reaching Men with HIV Testing Through Assisted Partner Notification Program

Uganda's Successes in Reaching Men with HIV Testing Through Assisted Partner Notification Program

junius
Software Testing Foundation Level: Testing Throughout the SDLC Quiz

Software Testing Foundation Level: Testing Throughout the SDLC Quiz

avani
Understanding Equivalence Class Testing and Its Application in Software Testing

Understanding Equivalence Class Testing and Its Application in Software Testing

apple
Importance of Software Testing in Preventing Catastrophic Failures

Importance of Software Testing in Preventing Catastrophic Failures

eyre
Understanding Software Testing Metrics and Tools

Understanding Software Testing Metrics and Tools

scarlett
Improving DNS Security with KINDNS Best Practices

Improving DNS Security with KINDNS Best Practices

ceis
Understanding Requirements-Based Testing in Software Development

Understanding Requirements-Based Testing in Software Development

elch741
Fundamentals of Software Testing Explained

Fundamentals of Software Testing Explained

nico
Understanding Software Testing and Best Practices

Understanding Software Testing and Best Practices

mccartin_l
Understanding HTTP Security Headers for Web Apps

Understanding HTTP Security Headers for Web Apps

pembroke_l
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Understanding the Roles of a Security Partner

Understanding the Roles of a Security Partner

zaara
Automated Security Testing Using ZAP API

Automated Security Testing Using ZAP API

buttercup
OWASP Bricks - Web Application Security Learning Platform

OWASP Bricks - Web Application Security Learning Platform

aleia
Unit Testing Legacy Code: Hijacking Singletons for Testing

Unit Testing Legacy Code: Hijacking Singletons for Testing

folkerts_j
NSCAS Test Administration Orientation 2022-2023 Overview

NSCAS Test Administration Orientation 2022-2023 Overview

maudlin_a
Evolution of Test Automation and Modern Testing Practices

Evolution of Test Automation and Modern Testing Practices

mylo
Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

mia
AI Technical Testing Best Practices Overview

AI Technical Testing Best Practices Overview

bhar
Fundamentals of Program Testing Theory

Fundamentals of Program Testing Theory

reina

More Related Content

Evolving Security Practices in DevOps: A Holistic Approach
Evolving Security Practices in DevOps: A Holistic Approach
Implementation of LFD Testing in Workplace Settings
Implementation of LFD Testing in Workplace Settings
Understanding Security in World Politics
Understanding Security in World Politics
Comprehensive Overview of E-Commerce Application Development and Computer Security
Comprehensive Overview of E-Commerce Application Development and Computer Security
Difference Between Manual Testing and Model Checking
Difference Between Manual Testing and Model Checking
Evolution of Antimicrobial Susceptibility Testing in Veterinary Medicine
Evolution of Antimicrobial Susceptibility Testing in Veterinary Medicine
Enhancing Mobile App Testing Strategies for Quality Assurance
Enhancing Mobile App Testing Strategies for Quality Assurance
Software Quality Assurance: Understanding Unit Testing and Boundary Value Testing
Software Quality Assurance: Understanding Unit Testing and Boundary Value Testing
Fundamentals of Software Testing: Quiz on Testing Principles
Fundamentals of Software Testing: Quiz on Testing Principles
Antigen Testing in Higher Education Institutions
Antigen Testing in Higher Education Institutions
Agile Security Practices and Collaboration Insights
Agile Security Practices and Collaboration Insights
Zimbabwe HIV Viral Load Testing Overview
Zimbabwe HIV Viral Load Testing Overview
Pediatric Lead Prevention Initiative: Best Practices and Screening Performance
Pediatric Lead Prevention Initiative: Best Practices and Screening Performance
Jar Testing: A Comprehensive Overview of Procedures and Applications
Jar Testing: A Comprehensive Overview of Procedures and Applications
Evolution of TLS Security Profiles and Best Practices
Evolution of TLS Security Profiles and Best Practices
Secure Software Development Best Practices
Secure Software Development Best Practices
Exploring OWASP: A Comprehensive Look at Application Security and Tools
Exploring OWASP: A Comprehensive Look at Application Security and Tools
CSU Integration into WEIS: Testing and Communication Plan Overview
CSU Integration into WEIS: Testing and Communication Plan Overview
Software Testing Principles and Practices in Software Quality
Software Testing Principles and Practices in Software Quality
BCA 601(N): Computer Network Security
BCA 601(N): Computer Network Security
Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University
Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University
West Sussex HIV Testing Plan: Strategies for Improved Diagnosis and Treatment
West Sussex HIV Testing Plan: Strategies for Improved Diagnosis and Treatment
National Accreditation Board for Testing & Calibration Laboratories Overview
National Accreditation Board for Testing & Calibration Laboratories Overview
Utah State Board of Education Testing Ethics Policy Presentation
Utah State Board of Education Testing Ethics Policy Presentation