Corporate and enterprises can use this scan to identify application layer vulnerabilities. In this scan we focus on web application layer running on http (80) or https(443) and try to identify critical vulnerabilities like SQL injection, Cross Site Scripting, Business logic bypass, Weak authentication, Directory browsing etc. Our team along with automated tools generate consolidated report with mitigation planning for each of these applications. This scan gives complete application security posture for corporate. Here are steps for our scanning.

»Application Footprinting – It is important to identify all applications running on particular target’s infrastructure with zero knowledge. Blueinfy is having their tools and methods by which we identify IP blocks, Hosts, Domains, Cross-domains and Child-domains. This helps in locking out all possible targets. 

»Application Discovery – In this phase we identify all live and functional application set and can move to threat modeling for each of the applications running on target’s infrastructure. 

»Application Deployment Assessment – Application deployment configurations and file system will be evaluated for web, application and database servers for security.  

»Application Enumeration and Profiling – In this phase we run several different tools against target application and enumerate entire application along with entry points and attributes for each of the resources residing on the application. This helps in profiling entire application along with modules, functionalities and resource attributes.  

»Security Control and Test Cases – On the basis of application we build a large set of possible test cases and security controls required for applications. This helps in building up all testing methods against vulnerabilities.

Attack vectors and tests – Authentication, Access Controls/Authorization, API misuse, Path traversal, Sensitive information leakage, Error handling, Session management, Protocol abuse, Input validations, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Logic bypass, Insecure crypto, Denial of Services, Malicious Code Injection, SQL injection, XPATH and LDAP injections, OS command injection, Parameter manipulations, Bruteforce, Buffer Overflow, Format string, HTTP response splitting, HTTP replay, XML injection, Canonicalization, Logging and auditing. 

»Vulnerability Assessment – On the basis of resource attribution and Control categories complete vulnerability scanning will be done using tools and manual observations. This helps in detecting vulnerabilities residing in the applications. This gives actionable item list for application security. 

»Exploitation and Pen-testing – In this case full blown penetration and exploitation of discovered vulnerabilities will be performed to detect the severity and possible impact of existing vulnerabilities.

»Mitigation Strategies – On the basis of overall findings, vulnerabilities, architecture and best practices we will build a comprehensive plan for mitigation along with recommendation. These strategies need to be implemented for overall security of application layer.  

»Reporting – All observations, findings and test sets will be reported in the final document. We will encompass overall rating for all different findings. Report will cover findings, details, recommendation, severity, impact and references. We also map these findings to OWASP, WASC, MITRE, SANS, etc. to get better comparative results with industry standards.

For more information and scan please contact us at contact@blueinfy.com