Penetration testing is used to test the security of a website by simulating real attacks from outside. It identifies potential vulnerabilities to prevent harmful attacks. By understanding how attacks work, the IT team can fix issues and prevent larger attacks in the future. The presentation will demonstrate a penetration testing tool that checks the login page for security issues like authentication, redirects, and hidden code. Contact information is provided for any additional questions.

1. Consulting
Services
Application
Development
Technology
Integration
Diana Calin
Robert Cotos

2.  Security (Penetration) testing is used to test the
integrity of a web-site against common attacks
that come from “outside” in a matter of security
2

3.  The role of this testing method is to identify and
fix potential holes in order to stop or prevent
attacks that can be harmful to the web site.
3

4.  By understanding and simulating real attacks the
IT team can prevent later attacks on a larger
scale.
4

5.  No configuration is necessary for this presentation
 We will present a tool that does several checks on
log in page, Netsparker, that can be found here.
5

6.  Among points we intend to touch:
 Authentication
 Redirect
 Hidden code, tags, titles, links
 iFrame
 Cookies
6

7. 7

8.  For additional information:
Diana Calin – diana.calin@osf-global.com
Robert Cotos – robert.cotos@osf-global.com
8