What to check during a Pentest

Before conducting testing, it's important to establish clear objectives and scope for the pentest. This should include identifying the systems and networks that will be tested, as well as any specific vulnerabilities or threats that the organization wants to focus on.

Contact Form Testing

The most preferred entry point for spammers is often a web application’s contact form. Therefore the contact form you have in your web application should be able to identify and prevent such spam attacks. Including CAPTCHA is one of the easiest ways of preventing that.

Proxy Server(s) Testing

Proxy servers play a huge role in scrutinizing the traffic to your web application and pointing out any malicious activity. Ensure that those running?within your network are functioning accurately and efficiently. Tools like Burp Proxy and OWSAP ZAP can go a long way in helping you accomplish this task.

Spam Email Filter Testing

Ensure spam email filters are functioning properly. Verify if they are successfully filtering the incoming and outgoing traffic and blocking unsolicited emails. In other words, ensure that email security policies are being enforced properly. We all know, spam mails are the much-preferred mode of attack for hackers.

Network Firewall Testing

Make sure your firewall is preventing undesirable traffic from entering into your web application. Also, ensure the security policies configured using the firewall are being implemented properly. A glitch in your firewall is an invitation.

Security Vulnerability Testing

Carry out a thorough security check on various aspects associated with your web application like servers and other such network devices and make a list of the security vulnerabilities they pose. Then find and implement ways to fix them.

Credential Encryption Testing

Ensure all usernames and passwords are encrypted and transferred over secure “HTTPS” connection so that these credentials are not compromised by hackers through man-in-the-middle or other such attacks. Because just as your web application needs to be secure, so is the sensitive data being submitted by your clients.

Cookie Testing

Cookies store data related to user sessions. Therefore this piece of sensitive information, if it is exposed to the hackers, can result in the security of many users who visit your website or web application being compromised. Therefore ensure your cookie data is not exposed. Or in other words, not available in readable format or as plain text.

Testing For Open Ports

Open ports on the web server on which your web application has been hosted also present a good opportunity for hackers to exploit your web application’s security. Therefore carry out this security check and ensure there are no open ports on your web server.

Application Login Page Testing

Ensure your web application locks itself up after a specific number of unsuccessful login attempts. This is one of the most basic elements, which, when implemented correctly can go a long way in securing your web application from hackers.

Error Message Testing

Ensures all your error messages are generic and do not reveal too much about the problem. If you do so, it’s like announcing to the hacking community, “we have a problem here, you’re welcome to exploit it!”?For example: “Invalid Credentials” is fine, but the message should not be specific as “invalid username or password.”

HTTP Method(s) Testing

Also review the HTTP methods used by your web application to interact with your clients. Ensure PUT and Delete methods are not enabled, as doing so will allow hackers to easily exploit your web application.

Username and Password Testing

Test all the usernames/passwords that are used on your web application. Passwords should be fairly complex and usernames should not be easily guessable. Separate such weak usernames and passwords and alert those users to change them.

File Scanning

Ensure all files you upload to your web application or server are scanned before they are uploaded.

SQL Injection Testing

SQL injection is one of the most popular methods employed by hackers when it comes to exploiting web applications and websites. Therefore ensure your web application is resistant to various forms of SQL injection.

XSS Testing

Also ensure your web application resists cross-site scripting or XSS attacks as well.

Access Permission Testing

Check the access permissions of your users and in case your web application provides role-based access, then ensure users are getting access only to those parts of the?application they are allowed to. Nothing more or less.

User Session Testing

This is very important. Ensure that user sessions end upon log off. Because if they don’t, that valid session can be easily used by hackers for session hijacking.

Brute Force Attack Testing

Using appropriate testing tools, ensure your web application stays safe against?brute force attacks.

DoS (Denial of Service) Attack Testing

Also ensure your web application stays safe against DoS (Denial of Service) attacks by using appropriate testing tools.

Directory Browsing

Ensure directory browsing is disabled on the web server which hosts your web application. Because if you don’t, you’ll be giving hackers easy access to your restricted files.

Further Reading:

Pen Testing Standards

• PCI DSS ?(Payment Card Industry Data Security Standard)
• https://owasp.org/www-project-web-security-testing-guide/?(Open Web Application Security Project)
• ISO/IEC 27002 ,?OSSTMM ?(The Open Source Security Testing Methodology Manual)