How to perform web app pentesting step by step

A local file upload vulnerability is a vulnerability where an application allows a user to upload a malicious file directly which is then executed. A remote file upload vulnerability is a vulnerability where an application uses user input to fetch a remote file from a site on the Internet and store it locally.)

Password cracking refers to various measures used to discover computer passwords. This is usually accomplished by recovering passwords from data stored in, or transported from, a computer system. Password cracking is done by either repeatedly guessing the password, usually through a computer algorithm in which the computer tries numerous combinations until the password is successfully discovered.

Session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session?sometimes also called a session key?to gain unauthorized access to information or services in a computer system.

• Monitor the functional aspects of the web application
• Monitor the sessions and cookies related to user authentication
• Using tools like burp suite, Fiddler and Vega vulnerability scanner, we carry out the gray/black/white box testing.
• Two aspects of testing included: Internal and external
• Manual and automated testing carried out for amazing results.
• The technical team involved in the testing then conducts meeting and discusses the vulnerabilities found.
• 21.xl Report is made and then verified with senior techie before sharing for precise/accurate results.

Manual testing is performed in this scenario

• Exploratory Testing: This type of testing requires the tester?s knowledge, experience, analytical/logical skills, creativity, and intuition. The test is characterized here by poorly written specification documentation, and/or a short time for execution. We need the human skills to execute the testing process in this scenario.
• Usability Testing: This is an area in which you need to measure how user-friendly, efficient, or convenient the software or product is for the end users. Here, human observation is the most important factor, so a manual approach is preferable.
• Ad-hoc Testing: In this scenario, there is no specific approach. It is a totally unplanned method of testing where the understanding and insight of the tester is the only important factor.

Automated testing is performed in this scenario

• Regression Testing: Here, automated testing is suitable because of frequent code changes and the ability to run the regressions in a timely manner.
• Load Testing: Automated testing is also the best way to complete the testing efficiently when it comes to load testing.
• Repeated Execution: Testing which requires the repeated execution of a task is best automated
• Performance Testing: Similarly, testing which requires the simulation of thousands of concurrent users requires automation.

Internal Testing

As the name suggests, the internal pen testing is done within the organization over the LAN, hence it includes testing web applications hosted on the intranet. Basically, it includes Malicious Employee Attacks by disgruntled employees or contractors who would have resigned but aware of the internal security policies and passwords, Social Engineering Attacks, Simulation of Phishing Attacks, and Attacks using User Privileges or misuse of an unlocked terminal.

External Testing

These are attacks done externally from outside the organization and include testing web applications hosted on the internet. To simulate such attacks, testers are given the IP of the target system and not provided any other information. They are required to search and scan public web pages and find our information about target hosts and then compromise the found hosts. Basically, it includes testing servers, firewalls, and IDS.