RSS

Tag Archives: test cases for penetration testing

Security Testing – Test Cases

Authentication

  • Authentication Bypass: Verify if authentication mechanism implemented by your application can be bypassed.
  • Password Strength: Check whether the application implements strong password requirements.
  • Password field with auto complete enabled: Password fields in an application should have “Autocomplete=OFF” set.

Authorization

  • Authorization Bypass: Verify if lower privileged user can access resources of higher privileged user.

Input Validation

  • Cross site scripting: Test for cross site scripting vulnerability in all the fields that take user input and that are being reflected back on to the HTML code or JavaScript code.
  • SQL Injection: Test for SQLi vulnerability in all the fields that take user input and that are being sent to the database.
  • LDAP Injection: For applications that use LDAP, verify if input parameters are vulnerable to LDAP injection.
  • Cross site request Forgery: Test for CSRF vulnerability on all the form submissions and URLs (POST and GET requests) of the application.
  • Buffer Over flow: Check if any of the input parameters cause buffer overflow on the server or client.
  • Response Splitting: Identify input parameters that are being used in response headers and check if they are vulnerable to response splitting.

System Configuration

  • Harmful HTTP Methods Enabled: Check if harmful HTTP methods like PUT, DELETE, TRACE are enabled on the server. It is good to disable OPTIONS method also.
  • Directory Listing enabled on the server: Check if the application server allows listing of contents of a folder in application server.

Information Leakage

  • Web pages containing sensitive pages being cached:┬áVerify if the application caches pages containing sensitive data.
  • Un-encrypted sensitive data: Sensitive data need to be encrypted. It should neither be stored in plain text nor it should be stored in a encoded format.
  • Server Platform Information Leak: Check if server platform information is leaked in Response headers or error messages or default server pages.

Session Management

  • Session Hijacking: Check if the application allows users to steal session cookies and use them from their machines.
  • Session Fixation: Verify if the application allows fixation of session cookie by users or attackers.
  • Predictable session cookies: Verify whether the session cookies random enough and could not be predicted by users.
 
Leave a comment

Posted by on January 15, 2014 in Web Application Security

 

Tags: ,