Web Penetration Testing: Critical for Secure Applications
White Knight Labs is an industry leader in web application penetration testing, identifying vulnerabilities in a range of programming languages and different environments. From testing webapps that consume HIPAA data to crytpo trading platforms, our security experts have helped secure data in every sector.
Our engineers have experience on CISA offensive cyber teams, testing hundreds of web applications across America’s crtical infrastructure.
Hunting Vulnerabilities in Webapps and APIs
Web applications are becoming increasingly relevant. Millions of people depend on web apps to handle their health information, banking information, and location data. With this growing complexity, the attack surface grows exponentially due to security flaws and human error. This risk increases as web applications become more interconnected through the linking of APIs. Security researchers find new methods of abusing these applications everyday.
By hiring a knowledgeable team of web app penetration testers to assess your application, you will be made aware of critical vulnerabilties that could lead to compromised applications and subsequent data breaches. This provides you with the foresight needed to fortify your web application and keep your most sensitive assets where they belong. Our job is to keep your business out of the headlines due to a breach.
Manual vs. automated Application Testing
Automated scanners fail to pick up on more subtle security flaws. An experienced assessor will understand the context of the application and may figure out how to abuse its logic. Many of these vulnerabilities are simply not picked up by automated tools.
The expert security engineers of White Knight Labs often make use of vulnerability scanners in the preliminary phases of an application security test, though it is only in the beginning. With a greater understanding of the application’s context, we can provide assessments that are more relevant to your user-base and individual security needs.
Our Web Pentest Methodology
White Knight Labs operates under a structured, repeatable methodology. We emphasize this concept in every engagement in order to ensure our assessment processes are reliable, reproducible, and of the highest quality. WKL’s findings can be verified by your team before and after remediation. To obtain these results, we utilize the following methodolgy:
1 – Scope Definition
Before a web application assessment can take place, WKL works hand-in-hand with the client to create a clear scope of work and rules for the engagement. Open lines of communication between the client and WKL are established during this step to create a comfortable foundation from which to assess.
- Verify in-scope apps, domains, and APIs
- Create an asset exclusion list
- Decide on engagement start/stop dates and testing hours
2 – Information Gathering
White Knight Labs engineers collect information on the target, employing a suite of OSINT (Open Source Intelligence) tools and techniques. The gathered data will help WKL to paint a picture of the operating conditions, culture, and demographics of the organization. This open source information allows us to assess risk accurately as the engagement progresses. Targeted intelligence might include:
- PDF, DOCX, XLSX, and other files found while Google Dorking Historical credential dumps
- Revealing forum posts by application developers
- Exposed robots.txt file easing enumeration and users
3 – Enumeration
During the enumeration stage, WKL incorporates automated scripts and scanning tools and other tactics. WKL engineers closely examine possible attack vectors. The information collected from this stage will be the used for exploitation in the next phase.
- Enumerating directories and authentication portals
- Checking for cloud services misconfigurations
- Correlating known vulnerabilities with the application
4 – Attack and Penetration
After notifying the client, WKL begins to exploit vulnerabilities within the web application. This is done with prudence to protect the application and it’s critcal data, while still verifying the existence of the discovered attack vectors. At this stage, we start with the OWASP Top 10 and then hunt for logic bugs and vulnerabilties that may be unique to the specific application. These attacks may include:
- SQL injection and/or Cross-Site Scripting
- Employing breached credentials
- Monitoring web app functionality for insecure protocols
- Fuzzing HTTP request parameters and HTTP verb tampering
5 – Reporting
Reporting is the final and most important stage of the assessment. The WKL assessors aggregate all of the information and provide the client with a thorough, comprehensive detailing of our findings. The report begins with a high-level breakdown of the company’s overall risk, highlighting both strengths and weaknesses in the application’s protective systems and logic. We also include strategic recommendations to aid business leaders in making informed decisions regarding the application. Further into the report, we break down each vulnerability in technical detail, including our testing process and remediation steps for the development team, making for a simple remediation process. Our reports are risk-based and impact-focused.
6 – Remediation Testing
Upon client request, White Knight Labs may perform follow-on testing post-assessment after the client organization has remediated vulnerabilities. WKL will ensure changes were implemented properly, and the risk has been mitigated. The previous assessment will be updated to reflect the more secure state of the application.
