SlideShare a Scribd company logo
Security Testing
Rihab CHEBBAH
Contents
Introduction
SQL Injection
Disclosure of
sensitive data
Unauthorized
access
Security flaws
Types
Methods
Security Testing Conclusion
Introduction
• Testing a partial verification process of a system.
• Its main objective is to identify a maximum number of problematic behavior
of the software in order to increase the quality
Security flaws
Security flaws
SQL Injection
Vulnerabilities:
• Poor input validation in your Web applications
• Unsafe, dynamically constructed SQL commands
• Over-privileged application logins to the database
• Weak permissions that fail to restrict the application's login to the database
Countermeasures:
• Constrain and sanitize input data.
• Use type safe SQL parameters for data access..
• Use an account that has restricted permissions in the database.
Security flaws
SQL Injection - Example
105 or 1=1UserID
SELECT * FROM CreditCard WHERE UserID= 105 or 1=1
Security flaws
Unauthorized Access
Vulnerabilities:
• Lack of authorization in data access code providing unrestricted access
• Over-privileged database accounts
Countermeasures:
• Use principal permission demands to authorize the calling user.
• Use code access security permission demands to authorize the calling code.
• Use limited permissions to restrict the application's login to the database and to prevent
direct table access.
Security flaws
Unauthorized Access
Security flaws
Disclosure of sensitive data
Vulnerabilities:
• Clear text credentials passed over the network during SQL authentication
• Unencrypted sensitive application data sent to and from the database server
Countermeasures:
• Install a server certificate on the database server.
• Use an SSL connection between the Web server and database server to protect sensitive
application data.
• Use an IPSec encrypted channel between Web and database server.
4010 3190 9662 53594010 3190 9662 5359
Security flaws
Disclosure of sensitive data - example
Security testing involves testing a software in order to identify any flaws and gaps
from security and vulnerability point of view.
Testing
SecurityTesting
Security Testing
Security Testing in the coding phase : Unit Tests
₪ Test isolation
₪ Operate at the method d and class level
₪ Written by developers
₪ Executed the most frequently
Tests are run very quickly : issues are identified quickly
High test coverage
Not many security vulnerabilities can be tested
Security Testing
Security Testing during the integration and validation phase :
Integrated system Test & Operation Test
₪ Test integration between classes and modules
₪ Test integration between tiers
₪ Written by developers
₪ Executed often, but not as often as unit tests
• Can test in the application server
• Many security vulnerabilities can be tested : Injections, authentification flaws
and authorization flaws
• Some vulnerabilities may not easily tested : XSS, URL filtering performed by
A web server or application firewall
• Not executable as often as unit tests
• Overhead of starting an application server
Integrated system Test
Security Testing
Security Testing during the integration and validation phase :
Integrated system Test & Functional acceptance Test
₪ Performed on the external API
₪ Low test coverage
₪ Performed by quality assurance testers
₪ Executed the least frequently
• Full testing of external API
• Security consultants can use tools to script vulnerabilities :
 documents vulnerabilities
 easy retesting
• Low test coverage
• Developers aren’t include in testing
Functional acceptance Test
Security Testing
Methods
 Static test
 Dynamic test
Security Testing
Methods
Fuzzing Test
Fuzzing is about injecting invalid or random inputs in order
- to reveal unexpected behaviour
- to identify errors and expose potential vulnerabilities.
Security Testing
Methods
Fuzzing Test - Process
Input data preparation
Definition of input data
Program preparation
Environment
Preparation
Setup
Data transfer to
application
Reporting
Monitoring
 Observation of program behavior
 Logs
 Debuggers (!exploitable...)
 Files, processes and network monitors
 Virtualization (VMWare)
 Source code modifications (breakpoints)
 Additional techniques (Valgrind, GuardMalloc)
 Combined techniques
Security Testing
Types
Fuzzing Test - Monitoring
Security Testing
Types
Fuzzing Test – Fuzzing Test and SDLC
Initial
analysis
Design
Implemen
tation
Testing
Maintenance
Fuzzing
Security Testing
Types
Fuzzing Test – Fuzzers
Frameworks:
 Peach (http://peachfuzzer.com/)
 Sulley
Specialized fuzzers:
 JBroFuzz (OWASP)
 WSFuzzer (OWASP)
 TAOF
 Wfuzz
 Spike Proxy
 WebFuzz
Security Testing
Types
Fuzzing Test – advantages and disadvantages
 Full automatization (in most cases)
 Fuzzers find real vulnerabilities
 Ability to identify bugs which are hard to find by manual testing
 Ability to quickly obtain satisfactory results (first bug)
 Inability to find logical bugs
 Inability to find complex bugs
 Time required for performing test is very hard to specify
Security test cases checklist
Security Testing
 Input validation
 Buffer overflaws
 Injection attacks
 Disclosure of sensitive data
 ….
Conduct all data validation on a trusted system (e.g., The server)
Identify all data sources and classify them into trusted and untrusted. Validate all data from
untrusted sources (e.g., Databases, file streams, etc.)
There should be a centralized input validation routine for the application
Specify proper character sets, such as UTF-8, for all sources of input
Encode data to a common character set before validating
All validation failures should result in input rejection
Validate for expected data types
Validate data range
Validate data length
Validate all input against a "white" list of allowed characters, whenever possible
….
Security test cases checklist
Security Testing
 Access Control
 Unauthorized access
 Disclosure of sensitive data
 Tampering
 DOS & DDOS Attacks
 …
Restrict access to protected functions to only authorized users
Restrict direct object references to only authorized users
Restrict access to services to only authorized users
Restrict access to application data to only authorized users
Restrict access to user and data attributes and policy information used by access controls
Access controls should fail securely
Deny all access if the application cannot access its security configuration information
Use only trusted system objects, e.g. server side session objects, for making access
authorization decisions
If state data must be stored on the client, use encryption and integrity checking on the server
side to catch state tampering.
….
Security test cases checklist
Security Testing
 Cryptography practices
 Network eavesdropping
 Disclosure of sensitive data
 …..
All cryptographic functions used to protect secrets from the application user must be
implemented on a trusted system (e.g., The server)
Protect master secrets from unauthorized access
Cryptographic modules should fail securely
All random numbers, random file names, random GUIDs, and random strings should be
generated using the cryptographic module’s approved random number generator when these
random values are intended to be un-guessable
Cryptographic modules used by the application should be compliant to FIPS 140-2 or an
equivalent standard.
Establish and utilize a policy and process for how cryptographic keys will be managed
Security test cases checklist
Security Testing
 Authentification and Password management
 Network eavesdropping
 Disclosure of sensitive data
 Unauthorized access
 ….
Require authentication for all pages and resources, except those specifically intended to be
public
All authentication controls must be enforced on a trusted system (e.g., The server)
Establish and utilize standard, tested, authentication services whenever possible
Use a centralized implementation for all authentication controls, including libraries that call
external authentication services
Segregate authentication logic from the resource being requested and use redirection to and
from the centralized authentication control
All authentication controls should fail securely
All administrative and account management functions must be at least as secure as the primary
authentication mechanism
…
Security test cases checklist
Security Testing
 Data protection
 Network eavesdropping
 Disclosure of sensitive data
 Tampering
 Unauthorized access
 ….
Implement least privilege, restrict users to only the functionality, data and system information
that is required to perform their tasks
Encrypt highly sensitive stored information, like authentication verification data, even on the
server side. Always use well vetted algorithms, see "Cryptographic Practices" for additional
guidance
Protect server-side source-code from being downloaded by a user
Do not store passwords, connection strings or other sensitive information in clear text or in
any non-cryptographically secure manner on the client side
Remove comments in user accessible production code that may reveal backend system or
other sensitive information
Do not include sensitive information in HTTP GET request parameters
…
Security test cases checklist
Security Testing
 Communication Security
 Network eavesdropping
 Disclosure of sensitive data
 Buffer overflow
 DOS attack
Implement encryption for the transmission of all sensitive information
TLS certificates should be valid and have the correct domain name, not be expired, and be
installed with intermediate certificates when required
Failed TLS connections should not fall back to an insecure connection
Utilize TLS connections for all content requiring authenticated access and for all other
sensitive information
Utilize TLS for connections to external systems that involve sensitive information or functions
Utilize a single standard TLS implementation that is configured appropriately
Specify character encodings for all connections
Filter parameters containing sensitive information from the HTTP referer, when linking
to external sites
Testing tools
Security Testing
OWASP Zed Attack Proxy
Testing tools
Security Testing
OWASP WFuzz
Conclusion
Security testing is an important and integral part of the software developmental process.
You will need to conduct this test to find security loopholes and later close them with
appropriate security measures and techniques
Thank you for your attention !!

More Related Content

What's hot

Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilities
OWASP Delhi
 
Security Testing
Security TestingSecurity Testing
Security Testing
Qualitest
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
RomSoft SRL
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
Priyanka Aash
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
ONE BCG
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
Marco Morana
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
bilcorry
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Security Testing Training With Examples
Security Testing Training With ExamplesSecurity Testing Training With Examples
Security Testing Training With Examples
Alwin Thayyil
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
n|u - The Open Security Community
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
Michael Furman
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Abdul Wahid
 
OWASP Top Ten
OWASP Top TenOWASP Top Ten
OWASP Top Ten
Christian Heinrich
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Non Functional Testing
Non Functional TestingNon Functional Testing
Non Functional Testing
Nishant Worah
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...
Codemotion
 
Hacking and Defending APIs - Red and Blue make Purple.pdf
Hacking and Defending APIs - Red and Blue make Purple.pdfHacking and Defending APIs - Red and Blue make Purple.pdf
Hacking and Defending APIs - Red and Blue make Purple.pdf
Matt Tesauro
 

What's hot (20)

Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilities
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
Security Testing Training With Examples
Security Testing Training With ExamplesSecurity Testing Training With Examples
Security Testing Training With Examples
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
OWASP Top Ten
OWASP Top TenOWASP Top Ten
OWASP Top Ten
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
 
Non Functional Testing
Non Functional TestingNon Functional Testing
Non Functional Testing
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...
 
Hacking and Defending APIs - Red and Blue make Purple.pdf
Hacking and Defending APIs - Red and Blue make Purple.pdfHacking and Defending APIs - Red and Blue make Purple.pdf
Hacking and Defending APIs - Red and Blue make Purple.pdf
 

Viewers also liked

Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-Security
Stephen de Vries
 
Security testing ?
Security testing ?Security testing ?
Security testing ?
Maikel Ninaber
 
Software Project Management: Testing Document
Software Project Management: Testing DocumentSoftware Project Management: Testing Document
Software Project Management: Testing Document
Minhas Kamal
 
we45 - Web Application Security Testing Case Study
we45 - Web Application Security Testing Case Studywe45 - Web Application Security Testing Case Study
we45 - Web Application Security Testing Case Study
we45
 
DevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
DevOpsCon 2016 - Continuous Security Testing - Stephan KapsDevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
DevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
Stephan Kaps
 
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
Kyle Lai
 
8 Access Control
8 Access Control8 Access Control
8 Access Control
Alfred Ouyang
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
Ahmad Tariq Bhatti
 

Viewers also liked (8)

Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-Security
 
Security testing ?
Security testing ?Security testing ?
Security testing ?
 
Software Project Management: Testing Document
Software Project Management: Testing DocumentSoftware Project Management: Testing Document
Software Project Management: Testing Document
 
we45 - Web Application Security Testing Case Study
we45 - Web Application Security Testing Case Studywe45 - Web Application Security Testing Case Study
we45 - Web Application Security Testing Case Study
 
DevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
DevOpsCon 2016 - Continuous Security Testing - Stephan KapsDevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
DevOpsCon 2016 - Continuous Security Testing - Stephan Kaps
 
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
Pactera Cybersecurity - Application Security Penetration Testing - Mobile, We...
 
8 Access Control
8 Access Control8 Access Control
8 Access Control
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
 

Similar to Security testing

CohenNancyPresentation.ppt
CohenNancyPresentation.pptCohenNancyPresentation.ppt
CohenNancyPresentation.ppt
mypc72
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Security Innovation
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
Web application security (eng)
Web application security (eng)Web application security (eng)
Web application security (eng)
Anatoliy Okhotnikov
 
How to Test for The OWASP Top Ten
 How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
Security Innovation
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
Hina Rawal
 
Security Testing
Security TestingSecurity Testing
Security Testing
ISsoft
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
David Lindner
 
Owasp Proactive Controls for Web developer
Owasp  Proactive Controls for Web developerOwasp  Proactive Controls for Web developer
Owasp Proactive Controls for Web developer
Sameer Paradia
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
Desmond Devendran
 
TSS - App Penetration Testing Services
TSS - App Penetration Testing ServicesTSS - App Penetration Testing Services
TSS - App Penetration Testing Services
Ahmad Sharaf
 
Introduction to security testing raj
Introduction to security testing rajIntroduction to security testing raj
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
Anne Starr
 
information system security --internet cyber security
information system security --internet cyber securityinformation system security --internet cyber security
information system security --internet cyber security
VivekSinghShekhawat2
 
Application_security_Strategic
Application_security_StrategicApplication_security_Strategic
Application_security_Strategic
Ramesh VG
 
Web applications security conference slides
Web applications security  conference slidesWeb applications security  conference slides
Web applications security conference slides
Bassam Al-Khatib
 
Building a secure BFF at Postman
Building a secure BFF at PostmanBuilding a secure BFF at Postman
Building a secure BFF at Postman
Ankit Muchhala
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessment
Ravikumar Paghdal
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1
Setia Juli Irzal Ismail
 

Similar to Security testing (20)

CohenNancyPresentation.ppt
CohenNancyPresentation.pptCohenNancyPresentation.ppt
CohenNancyPresentation.ppt
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
Web application security (eng)
Web application security (eng)Web application security (eng)
Web application security (eng)
 
How to Test for The OWASP Top Ten
 How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Owasp Proactive Controls for Web developer
Owasp  Proactive Controls for Web developerOwasp  Proactive Controls for Web developer
Owasp Proactive Controls for Web developer
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
TSS - App Penetration Testing Services
TSS - App Penetration Testing ServicesTSS - App Penetration Testing Services
TSS - App Penetration Testing Services
 
Introduction to security testing raj
Introduction to security testing rajIntroduction to security testing raj
Introduction to security testing raj
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
information system security --internet cyber security
information system security --internet cyber securityinformation system security --internet cyber security
information system security --internet cyber security
 
Application_security_Strategic
Application_security_StrategicApplication_security_Strategic
Application_security_Strategic
 
Web applications security conference slides
Web applications security  conference slidesWeb applications security  conference slides
Web applications security conference slides
 
Building a secure BFF at Postman
Building a secure BFF at PostmanBuilding a secure BFF at Postman
Building a secure BFF at Postman
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessment
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1
 

More from Rihab Chebbah

Rédaction de-la-mémoire
Rédaction de-la-mémoireRédaction de-la-mémoire
Rédaction de-la-mémoire
Rihab Chebbah
 
BYOD - Bring Your Own Device
BYOD - Bring Your Own DeviceBYOD - Bring Your Own Device
BYOD - Bring Your Own Device
Rihab Chebbah
 
Audit and security application report
Audit and security application reportAudit and security application report
Audit and security application report
Rihab Chebbah
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
Rihab Chebbah
 
Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016
Rihab Chebbah
 
Simulation d'un réseau Ad-Hoc sous NS2
Simulation d'un réseau Ad-Hoc sous NS2Simulation d'un réseau Ad-Hoc sous NS2
Simulation d'un réseau Ad-Hoc sous NS2
Rihab Chebbah
 
Implémentation de la QoS au sein d'un IP/MPLS - Rapport
Implémentation de la QoS au sein d'un IP/MPLS - RapportImplémentation de la QoS au sein d'un IP/MPLS - Rapport
Implémentation de la QoS au sein d'un IP/MPLS - Rapport
Rihab Chebbah
 
Implémentation de la QoS au sein d'un IP/MPLS - Présentation
Implémentation de la QoS au sein d'un IP/MPLS - PrésentationImplémentation de la QoS au sein d'un IP/MPLS - Présentation
Implémentation de la QoS au sein d'un IP/MPLS - Présentation
Rihab Chebbah
 
CV Rihab chebbah
CV Rihab chebbahCV Rihab chebbah
CV Rihab chebbah
Rihab Chebbah
 
supervision data center
supervision data centersupervision data center
supervision data centerRihab Chebbah
 

More from Rihab Chebbah (10)

Rédaction de-la-mémoire
Rédaction de-la-mémoireRédaction de-la-mémoire
Rédaction de-la-mémoire
 
BYOD - Bring Your Own Device
BYOD - Bring Your Own DeviceBYOD - Bring Your Own Device
BYOD - Bring Your Own Device
 
Audit and security application report
Audit and security application reportAudit and security application report
Audit and security application report
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
 
Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016
 
Simulation d'un réseau Ad-Hoc sous NS2
Simulation d'un réseau Ad-Hoc sous NS2Simulation d'un réseau Ad-Hoc sous NS2
Simulation d'un réseau Ad-Hoc sous NS2
 
Implémentation de la QoS au sein d'un IP/MPLS - Rapport
Implémentation de la QoS au sein d'un IP/MPLS - RapportImplémentation de la QoS au sein d'un IP/MPLS - Rapport
Implémentation de la QoS au sein d'un IP/MPLS - Rapport
 
Implémentation de la QoS au sein d'un IP/MPLS - Présentation
Implémentation de la QoS au sein d'un IP/MPLS - PrésentationImplémentation de la QoS au sein d'un IP/MPLS - Présentation
Implémentation de la QoS au sein d'un IP/MPLS - Présentation
 
CV Rihab chebbah
CV Rihab chebbahCV Rihab chebbah
CV Rihab chebbah
 
supervision data center
supervision data centersupervision data center
supervision data center
 

Recently uploaded

Pharmaceutics Pharmaceuticals best of brub
Pharmaceutics Pharmaceuticals best of brubPharmaceutics Pharmaceuticals best of brub
Pharmaceutics Pharmaceuticals best of brub
danielkiash986
 
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
ShwetaGawande8
 
220711130088 Sumi Basak Virtual University EPC 3.pptx
220711130088 Sumi Basak Virtual University EPC 3.pptx220711130088 Sumi Basak Virtual University EPC 3.pptx
220711130088 Sumi Basak Virtual University EPC 3.pptx
Kalna College
 
Contiguity Of Various Message Forms - Rupam Chandra.pptx
Contiguity Of Various Message Forms - Rupam Chandra.pptxContiguity Of Various Message Forms - Rupam Chandra.pptx
Contiguity Of Various Message Forms - Rupam Chandra.pptx
Kalna College
 
Diversity Quiz Prelims by Quiz Club, IIT Kanpur
Diversity Quiz Prelims by Quiz Club, IIT KanpurDiversity Quiz Prelims by Quiz Club, IIT Kanpur
Diversity Quiz Prelims by Quiz Club, IIT Kanpur
Quiz Club IIT Kanpur
 
Observational Learning
Observational Learning Observational Learning
Observational Learning
sanamushtaq922
 
FinalSD_MathematicsGrade7_Session2_Unida.pptx
FinalSD_MathematicsGrade7_Session2_Unida.pptxFinalSD_MathematicsGrade7_Session2_Unida.pptx
FinalSD_MathematicsGrade7_Session2_Unida.pptx
JennySularte1
 
Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10
nitinpv4ai
 
Standardized tool for Intelligence test.
Standardized tool for Intelligence test.Standardized tool for Intelligence test.
Standardized tool for Intelligence test.
deepaannamalai16
 
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
Nguyen Thanh Tu Collection
 
Creation or Update of a Mandatory Field is Not Set in Odoo 17
Creation or Update of a Mandatory Field is Not Set in Odoo 17Creation or Update of a Mandatory Field is Not Set in Odoo 17
Creation or Update of a Mandatory Field is Not Set in Odoo 17
Celine George
 
Data Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsxData Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsx
Prof. Dr. K. Adisesha
 
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
andagarcia212
 
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
indexPub
 
Skimbleshanks-The-Railway-Cat by T S Eliot
Skimbleshanks-The-Railway-Cat by T S EliotSkimbleshanks-The-Railway-Cat by T S Eliot
Skimbleshanks-The-Railway-Cat by T S Eliot
nitinpv4ai
 
A Visual Guide to 1 Samuel | A Tale of Two Hearts
A Visual Guide to 1 Samuel | A Tale of Two HeartsA Visual Guide to 1 Samuel | A Tale of Two Hearts
A Visual Guide to 1 Samuel | A Tale of Two Hearts
Steve Thomason
 
220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology
Kalna College
 
Oliver Asks for More by Charles Dickens (9)
Oliver Asks for More by Charles Dickens (9)Oliver Asks for More by Charles Dickens (9)
Oliver Asks for More by Charles Dickens (9)
nitinpv4ai
 
Simple-Present-Tense xxxxxxxxxxxxxxxxxxx
Simple-Present-Tense xxxxxxxxxxxxxxxxxxxSimple-Present-Tense xxxxxxxxxxxxxxxxxxx
Simple-Present-Tense xxxxxxxxxxxxxxxxxxx
RandolphRadicy
 
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptxRESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
zuzanka
 

Recently uploaded (20)

Pharmaceutics Pharmaceuticals best of brub
Pharmaceutics Pharmaceuticals best of brubPharmaceutics Pharmaceuticals best of brub
Pharmaceutics Pharmaceuticals best of brub
 
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
INTRODUCTION TO HOSPITALS & AND ITS ORGANIZATION
 
220711130088 Sumi Basak Virtual University EPC 3.pptx
220711130088 Sumi Basak Virtual University EPC 3.pptx220711130088 Sumi Basak Virtual University EPC 3.pptx
220711130088 Sumi Basak Virtual University EPC 3.pptx
 
Contiguity Of Various Message Forms - Rupam Chandra.pptx
Contiguity Of Various Message Forms - Rupam Chandra.pptxContiguity Of Various Message Forms - Rupam Chandra.pptx
Contiguity Of Various Message Forms - Rupam Chandra.pptx
 
Diversity Quiz Prelims by Quiz Club, IIT Kanpur
Diversity Quiz Prelims by Quiz Club, IIT KanpurDiversity Quiz Prelims by Quiz Club, IIT Kanpur
Diversity Quiz Prelims by Quiz Club, IIT Kanpur
 
Observational Learning
Observational Learning Observational Learning
Observational Learning
 
FinalSD_MathematicsGrade7_Session2_Unida.pptx
FinalSD_MathematicsGrade7_Session2_Unida.pptxFinalSD_MathematicsGrade7_Session2_Unida.pptx
FinalSD_MathematicsGrade7_Session2_Unida.pptx
 
Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10
 
Standardized tool for Intelligence test.
Standardized tool for Intelligence test.Standardized tool for Intelligence test.
Standardized tool for Intelligence test.
 
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 - CẢ NĂM - FRIENDS PLUS - NĂM HỌC 2023-2024 (B...
 
Creation or Update of a Mandatory Field is Not Set in Odoo 17
Creation or Update of a Mandatory Field is Not Set in Odoo 17Creation or Update of a Mandatory Field is Not Set in Odoo 17
Creation or Update of a Mandatory Field is Not Set in Odoo 17
 
Data Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsxData Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsx
 
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
欧洲杯下注-欧洲杯下注押注官网-欧洲杯下注押注网站|【​网址​🎉ac44.net🎉​】
 
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
THE SACRIFICE HOW PRO-PALESTINE PROTESTS STUDENTS ARE SACRIFICING TO CHANGE T...
 
Skimbleshanks-The-Railway-Cat by T S Eliot
Skimbleshanks-The-Railway-Cat by T S EliotSkimbleshanks-The-Railway-Cat by T S Eliot
Skimbleshanks-The-Railway-Cat by T S Eliot
 
A Visual Guide to 1 Samuel | A Tale of Two Hearts
A Visual Guide to 1 Samuel | A Tale of Two HeartsA Visual Guide to 1 Samuel | A Tale of Two Hearts
A Visual Guide to 1 Samuel | A Tale of Two Hearts
 
220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology220711130097 Tulip Samanta Concept of Information and Communication Technology
220711130097 Tulip Samanta Concept of Information and Communication Technology
 
Oliver Asks for More by Charles Dickens (9)
Oliver Asks for More by Charles Dickens (9)Oliver Asks for More by Charles Dickens (9)
Oliver Asks for More by Charles Dickens (9)
 
Simple-Present-Tense xxxxxxxxxxxxxxxxxxx
Simple-Present-Tense xxxxxxxxxxxxxxxxxxxSimple-Present-Tense xxxxxxxxxxxxxxxxxxx
Simple-Present-Tense xxxxxxxxxxxxxxxxxxx
 
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptxRESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
 

Security testing

  • 2. Contents Introduction SQL Injection Disclosure of sensitive data Unauthorized access Security flaws Types Methods Security Testing Conclusion
  • 3. Introduction • Testing a partial verification process of a system. • Its main objective is to identify a maximum number of problematic behavior of the software in order to increase the quality
  • 5. Security flaws SQL Injection Vulnerabilities: • Poor input validation in your Web applications • Unsafe, dynamically constructed SQL commands • Over-privileged application logins to the database • Weak permissions that fail to restrict the application's login to the database Countermeasures: • Constrain and sanitize input data. • Use type safe SQL parameters for data access.. • Use an account that has restricted permissions in the database.
  • 6. Security flaws SQL Injection - Example 105 or 1=1UserID SELECT * FROM CreditCard WHERE UserID= 105 or 1=1
  • 7. Security flaws Unauthorized Access Vulnerabilities: • Lack of authorization in data access code providing unrestricted access • Over-privileged database accounts Countermeasures: • Use principal permission demands to authorize the calling user. • Use code access security permission demands to authorize the calling code. • Use limited permissions to restrict the application's login to the database and to prevent direct table access.
  • 9. Security flaws Disclosure of sensitive data Vulnerabilities: • Clear text credentials passed over the network during SQL authentication • Unencrypted sensitive application data sent to and from the database server Countermeasures: • Install a server certificate on the database server. • Use an SSL connection between the Web server and database server to protect sensitive application data. • Use an IPSec encrypted channel between Web and database server.
  • 10. 4010 3190 9662 53594010 3190 9662 5359 Security flaws Disclosure of sensitive data - example
  • 11. Security testing involves testing a software in order to identify any flaws and gaps from security and vulnerability point of view. Testing SecurityTesting
  • 12. Security Testing Security Testing in the coding phase : Unit Tests ₪ Test isolation ₪ Operate at the method d and class level ₪ Written by developers ₪ Executed the most frequently Tests are run very quickly : issues are identified quickly High test coverage Not many security vulnerabilities can be tested
  • 13. Security Testing Security Testing during the integration and validation phase : Integrated system Test & Operation Test ₪ Test integration between classes and modules ₪ Test integration between tiers ₪ Written by developers ₪ Executed often, but not as often as unit tests • Can test in the application server • Many security vulnerabilities can be tested : Injections, authentification flaws and authorization flaws • Some vulnerabilities may not easily tested : XSS, URL filtering performed by A web server or application firewall • Not executable as often as unit tests • Overhead of starting an application server Integrated system Test
  • 14. Security Testing Security Testing during the integration and validation phase : Integrated system Test & Functional acceptance Test ₪ Performed on the external API ₪ Low test coverage ₪ Performed by quality assurance testers ₪ Executed the least frequently • Full testing of external API • Security consultants can use tools to script vulnerabilities :  documents vulnerabilities  easy retesting • Low test coverage • Developers aren’t include in testing Functional acceptance Test
  • 15. Security Testing Methods  Static test  Dynamic test
  • 16. Security Testing Methods Fuzzing Test Fuzzing is about injecting invalid or random inputs in order - to reveal unexpected behaviour - to identify errors and expose potential vulnerabilities.
  • 17. Security Testing Methods Fuzzing Test - Process Input data preparation Definition of input data Program preparation Environment Preparation Setup Data transfer to application Reporting Monitoring
  • 18.  Observation of program behavior  Logs  Debuggers (!exploitable...)  Files, processes and network monitors  Virtualization (VMWare)  Source code modifications (breakpoints)  Additional techniques (Valgrind, GuardMalloc)  Combined techniques Security Testing Types Fuzzing Test - Monitoring
  • 19. Security Testing Types Fuzzing Test – Fuzzing Test and SDLC Initial analysis Design Implemen tation Testing Maintenance Fuzzing
  • 20. Security Testing Types Fuzzing Test – Fuzzers Frameworks:  Peach (http://peachfuzzer.com/)  Sulley Specialized fuzzers:  JBroFuzz (OWASP)  WSFuzzer (OWASP)  TAOF  Wfuzz  Spike Proxy  WebFuzz
  • 21. Security Testing Types Fuzzing Test – advantages and disadvantages  Full automatization (in most cases)  Fuzzers find real vulnerabilities  Ability to identify bugs which are hard to find by manual testing  Ability to quickly obtain satisfactory results (first bug)  Inability to find logical bugs  Inability to find complex bugs  Time required for performing test is very hard to specify
  • 22. Security test cases checklist Security Testing  Input validation  Buffer overflaws  Injection attacks  Disclosure of sensitive data  …. Conduct all data validation on a trusted system (e.g., The server) Identify all data sources and classify them into trusted and untrusted. Validate all data from untrusted sources (e.g., Databases, file streams, etc.) There should be a centralized input validation routine for the application Specify proper character sets, such as UTF-8, for all sources of input Encode data to a common character set before validating All validation failures should result in input rejection Validate for expected data types Validate data range Validate data length Validate all input against a "white" list of allowed characters, whenever possible ….
  • 23. Security test cases checklist Security Testing  Access Control  Unauthorized access  Disclosure of sensitive data  Tampering  DOS & DDOS Attacks  … Restrict access to protected functions to only authorized users Restrict direct object references to only authorized users Restrict access to services to only authorized users Restrict access to application data to only authorized users Restrict access to user and data attributes and policy information used by access controls Access controls should fail securely Deny all access if the application cannot access its security configuration information Use only trusted system objects, e.g. server side session objects, for making access authorization decisions If state data must be stored on the client, use encryption and integrity checking on the server side to catch state tampering. ….
  • 24. Security test cases checklist Security Testing  Cryptography practices  Network eavesdropping  Disclosure of sensitive data  ….. All cryptographic functions used to protect secrets from the application user must be implemented on a trusted system (e.g., The server) Protect master secrets from unauthorized access Cryptographic modules should fail securely All random numbers, random file names, random GUIDs, and random strings should be generated using the cryptographic module’s approved random number generator when these random values are intended to be un-guessable Cryptographic modules used by the application should be compliant to FIPS 140-2 or an equivalent standard. Establish and utilize a policy and process for how cryptographic keys will be managed
  • 25. Security test cases checklist Security Testing  Authentification and Password management  Network eavesdropping  Disclosure of sensitive data  Unauthorized access  …. Require authentication for all pages and resources, except those specifically intended to be public All authentication controls must be enforced on a trusted system (e.g., The server) Establish and utilize standard, tested, authentication services whenever possible Use a centralized implementation for all authentication controls, including libraries that call external authentication services Segregate authentication logic from the resource being requested and use redirection to and from the centralized authentication control All authentication controls should fail securely All administrative and account management functions must be at least as secure as the primary authentication mechanism …
  • 26. Security test cases checklist Security Testing  Data protection  Network eavesdropping  Disclosure of sensitive data  Tampering  Unauthorized access  …. Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks Encrypt highly sensitive stored information, like authentication verification data, even on the server side. Always use well vetted algorithms, see "Cryptographic Practices" for additional guidance Protect server-side source-code from being downloaded by a user Do not store passwords, connection strings or other sensitive information in clear text or in any non-cryptographically secure manner on the client side Remove comments in user accessible production code that may reveal backend system or other sensitive information Do not include sensitive information in HTTP GET request parameters …
  • 27. Security test cases checklist Security Testing  Communication Security  Network eavesdropping  Disclosure of sensitive data  Buffer overflow  DOS attack Implement encryption for the transmission of all sensitive information TLS certificates should be valid and have the correct domain name, not be expired, and be installed with intermediate certificates when required Failed TLS connections should not fall back to an insecure connection Utilize TLS connections for all content requiring authenticated access and for all other sensitive information Utilize TLS for connections to external systems that involve sensitive information or functions Utilize a single standard TLS implementation that is configured appropriately Specify character encodings for all connections Filter parameters containing sensitive information from the HTTP referer, when linking to external sites
  • 30. Conclusion Security testing is an important and integral part of the software developmental process. You will need to conduct this test to find security loopholes and later close them with appropriate security measures and techniques
  • 31. Thank you for your attention !!

Editor's Notes

  1. Good morning, the pupose of this presentation is to introduce security testing
  2. We will begin our presentation by an introduction, then we will present some security flaws as well as types and methods to test these flaws and we will finish by a conclusion
  3. Testing is an important part of software development and it is vital to start it as early as possible, its objectives is to find flaws and vulnerabilities of a system
  4. The database is a prime target for application level attacks. The top threats to data access code are: SQL injection Disclosure of configuration data Disclosure of sensitive application data Disclosure of database schema and connection details Unauthorized access Network eavesdropping
  5. An SQL injection attack consists of insertion of either a partial or complete SQL query via the data input or transmitted from the client to the web application. Common vulnerabilities that make your data access code susceptible to SQL injection attacks include: To counter SQL injection attacks, be sure to:
  6. For example, Let's say that the original purpose of the code was to create an SQL statement to select information about a user’s credit card, The SQL above is valid. It will return all rows from the table CreditCard, since WHERE 1equal1 is always true
  7. With inadequate authorization, users may be able to see another user's data and may be able to access other restricted data. Practices that can allow unauthorized access include: To prevent unauthorized access:
  8. This example has four users. The users select from a set of resources such as Public Share, Time Card Entry and Account Manager. Larry should not be allowed to access the Account Manager resource because Larry is not assigned to the required role. However in this example, Larry’s access is allowed in the application. The main issue is that the application does not implement the access control correctly to verify whether the user Larry is authorized to access Account Manager resource.
  9. The deployment architecture of most applications includes a physical separation of the data access code from the database server. As a result, sensitive data such as application-specific data or database login credentials must be protected from network eavesdroppers. The following practices increase vulnerability to network eavesdropping: To limit vulnerability to network eavesdropping:
  10. As shown above, while transmitting a sensitive data through the network , attackers could steal that information, Therefore we must secure our software, so how to test security software
  11. Security testing is basically a type of software testing that’s done to check whether the application or the product is secured or not. It checks to see if the application is vulnerable to attacks, if anyone hack the system or login to the application without any authorization.
  12. Unit test : test logic in classes by programmers to show code level correctness. They should be fast and not dependend on other parts of the system that you don't intend to test
  13. Integration test : Test communication paths between different parts of the module done by the test department or by developers to show that all modules work correctly together.
  14. Functional acceptance test : test use case scenario's on a limited (specially created) data set done by the test department to show that every specified scenario works as specified.
  15. We can find also other types of security testing such as static, dynamic Static test : it verifies the security of the software by analyzing either the source code or the compiled application without running the project Dynamic test : it tests the software in the running mode We can also find others method for testing software such as fuzzing test
  16. Fuzzing is a method of testing software to find security holes and unexpected behavior of an application, using semirandom data.
  17. The fuzzing process is defined as shown here, First, a generator produces test inputs. Second, the test inputs are delivered to the system under test. The delivery mechanism depends on the type of input that the system processes. Third, the system under test is monitored for crashes and other basic undesirable behavior. Also Reports describes the results of the test could be generated automatically
  18. One can monitor the target application in many ways. Such as monitor for event logs, monitor application crashes using debuggers, monitor using tools of virtualization like vmware etc ,,,
  19. application is tested by a previously prepared fuzzer. Test results are verified by testers. Next, they are sent to programmers. If any errors occur, programmers must fix the application. New build once again must pass the fuzzing process.
  20. Some frameworks are used the fuzzing test such as Peach and sulley, peach can test virtually any system for unknown vulnerabilities. From common test targets to complex proprietary systems, Peach is the fuzzer for the job. The goal of the framework sulley is to simplify not only data representation but to simplify data transmission and target monitoring as well. There are some tools specialized fuzzers such as …
  21. security test cases cheat list or check-list”, for example, can provide simple test cases and attack vectors that can be used by testers to validate exposure to common vulnerabilities, Input validation is the correct testing of any input; we should verify  the data is strongly typed, correct syntax, within length boundaries, contains only permitted characters, or that numbers are correctly signed and within range boundaries Problems resulting from incorrect input validation :
  22. Access control policies can be specified in programming languages or policy specification languages and implemented in a particular access control implementation. Policies need to be carefully designed and implemented to prevent data from unauthorized access, diclosure of sensitive data dos and ddos attacks etc
  23. The Cryptography Policy sets out when and how encryption should (or should not) be used. It includes protection of personal, confidential and commercially sensitive information and communications, key management, and procedures to ensure encrypted information can be recovered by the organisation if necessary.
  24. Authentication is the process of verification that an individual, entity or website is who it claims to be, Session Management is a process by which a server maintains the state of an entity interacting with it. Sessions are maintained on the server by a session identifier which can be passed back and forward between the client and server when transmitting and receiving requests. Sessions should be unique per user and computationally very difficult to predict
  25. Limit access to data based on the least privilege principal. Encrypt sensitive data and information like stored passwords, connection strings and properly protect decryption keys. We should Make sure all cached or temporary copies of sensitive data are protected from unauthorized access and get purged as soon as they are no longer required,
  26. When transmitting sensitive information, at any tier of the application or network architecture, encryption-in-transit should be used. We should Use a trusted certificate authority to generate public and private keys whenever possible. Moreover, proper security controls must be in place to protect the private keys from unauthorized access.
  27. is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help to automatically find security vulnerabilities in web applications while developing and testing the applications. Its also a great tool for experienced pentesters to use for manual security testing
  28. Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc
  29. Secure applications can ensure system safety and security. It can impede attacks by hackers. Security testing is one of the most important tests that you should conduct before introducing it to the commercial domain