At Epic Bounties we would like to show you the basic concepts to carry out a WAPT, as well as the different phases that you must execute in order to identify, gather and remediate the different vulnerabilities that your company may have.
What are web application penetration tests?
A Web Application Penetration Testing (WAPT) aims at recognising active security gaps or loopholes in the application caused by the attack.
How does a WAPT work?
The process of the penetration test is based on hacking into the computer system in order to identify vulnerabilities and possible security flaws present in the company’s application and to report them to the company.
In the past, attacks were mostly witnessed in networks. The hacker gains access to the company’s network system and then takes control of the server within the network and carries out his attack. Nowadays, however, there are already a great variety of web applications in which they are very different from each other, so there is no decisive procedure. Even so, it is necessary for companies to perform penetration tests to protect their web applications.
Main phases of web application penetration testing
Although we have previously pointed out that this type of test is not definitive for all web applications, we show the main phases to carry it out successfully:
- Information gathering.
- Vulnerability testing.
- Risk assessment.
- Results.
Information gathering
Before starting the penetration test, you need to collect valid company URLs, documentations and tests, understand the functionalities of the application, list all areas and links to be investigated, identify entry and exit points and analyse error codes in order to identify associated vulnerabilities.
Vulnerability test
This phase involves the analysis of the web application to identify security weaknesses or vulnerabilities. The problems identified will be written up and presented to the company together with the solutions studied.
As you have read above, every web application is different and therefore there are different areas where the above mentioned test should be performed. Some of the areas that would be tested are authentication, authorisation, session management, login validation, among others.
Risk assessment
This identifies the actual impact caused by the hidden vulnerability, i.e. the severity of the vulnerability it may have caused.
In order to carry out a good assessment, the vulnerability must be identified, and once identified, the estimated probability of a hacker discovering and exploiting the vulnerability must be calculated. Finally, the impact or damage that could be caused by the exploitation of the vulnerability of the web application is estimated and the severity of the risk is determined by combining the estimation of the probability with the estimation of the impact.
Results
In the last phase of the penetration test, a detailed report should be generated and submitted to the company containing all general findings of identified vulnerabilities with their respective remediation.