Why Web Application Penetration Testing?

Penetration testing on web applications is critical to discover vulnerabilities and security issues that can be openly accessed and potentially exploited by anyone on the internet. Automated vulnerability scanning tools are unable to find many common security issues in modern applications such as IDORs (Insecure Direct Object Reference) and business logic flaws. Our penetration testing methodology involves manual testing of the web application by experienced security experts and covers the OWASP top ten vulnerabilities.

Tests performed

Our testing methodologies are aligned with OWASP Top 10 (Web and API), NIST and SANS Top 25.

Testing covers the following security flaws - OS Command Injections, XXE, Oauth, SSO, SQLi, XSS, CSRF, SSRF, credential brute-forcing, IDOR, Business logic, ClickJacking, DOM-based flaws, CORS, HTTP Request Smuggling, Server-Side Template Injection, Directory Traversal, Access Control, Authentication, Web Sockets, Web Cache Poisoning, Insecure Deserialization, Information Disclosure and HTTP Host Headers.

Testing Options

• Vulnerability Assessment (Identification without exploitation)
• Black-box (from an attacker’s perspective without credentials)
• Grey-box (from a malicious user’s perspective with user credentials)
• White-box (with full admin credentials and access to source code)

Web Application Vulnerability Assessments

Web Application Vulnerability Assessments, are a cost effective alternative to a Web Application Penetration Test. The main difference is that we only report on the vulnerabilities without actively exploiting them.

Penetration Test Report

Following the penetration test you will be provided with a detailed report which will cover the following:

• Executive summary and high-level results
• In-depth technical report
• Remediation advice to resolve vulnerabilities discovered
• Mitigation guidance to avoid similar vulnerabilities in the future

Why should we perform web application penetration tests?

There are a number of reasons why penetration testing may be required by organisations

• Testing by a third party is an effective way to demonstrate security posture and test the security controls in place.
• To support regulatory compliance for example PCI DSS, Data Privacy/GDPR
• Clients and partners often require proof of security testing
• Government security requirements
• Pro-active security measures in place of re-active
• Avoid legal action and reputational damage following a breach
• Cyber insurance policies may require third party security testing

How often should penetration tests be performed?

Penetration testing should be performed as part of an organisation’s risk management program. There may also be specific regulatory or compliance requirements that dictate the frequency and timing of security testing. Generally, it is recommended for testing to be performed as follows

• Full penetration test of the web applications and supporting infrastructure at least annually
• Focused penetration testing when new web applications are put live
• When any major changes are made to the web applications

Why Codigo Security?

• Cyber security consultants with 10+ years of experience
• Consultants hold professional certifications including OSCP, OSCE, OSWE, GIAC
• Wide experience working across all industry sectors
• Our penetration testers perform manual testing to discover vulnerabilities and security issues that automated tools are not able to find

Leveraging Bug Bounty Hunter Expertise

Most of our cyber security consultants are actively involved in the bug bounty hunting community. These testers are engaged in public and private bug bounty programs for brands like Amazon, Twitter, Facebook, Google, Uber, LinkedIn, the U.S. Department of Defense and others. As you would expect these systems and applications are seasoned and extremely hardened, but our consultants are still able discover and report high impact flaws in these companies on a regular basis. We leverage the techniques and expertise used by bug bounty huinters in our penetration testing methodology. One of our founders who goes under the nickname of “bongo” managed to achieve 2nd. rank amongst hundreds of security researches on Bug Bounty Hunter https://www.bugbountyhunter.com/hunter/bongo