Web Vulnerability Scanning -- In Depth

By lmalhoit Contributor ·
I've recently started using Acunetix for web vulnerability scanning. I'm a newbie to this kind of security and I'm wondering if anyone has any recommendations for what to read to really understand what's going on. I've read all the documentation on the Acunetix site, but I'm looking for more in-depth explanations, etc.

Any recommendations??

Thanks for your help!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Also manual scanning

by lmalhoit Contributor In reply to Web Vulnerability Scannin ...

I'm also interested in manual scanning. I understand how to do it, but what exactly do I look for, etc.


Collapse -

Somewhat difficult to explain in 100 words or less

by robo_dev In reply to Also manual scanning

At a high level, old-school application security testing was fairly cut-and-dried, since the number of abuse-case scenarios was fairly limited, and the focus was on making sure the underlying server and/or database was properly locked down. This is because the user interface is known and cannot typically be manipulated, changed, or substituted.

Web applications offer a world of worry, as the interface to the application can, in no way shape or form, be trusted. This means that ALL input must be inspected and validated.

On a conventional application the interface typically prevents the user from entering any data or making any input that is invalid, and even if some sort of exploit were to succeed, the user interface would not let the attacker do anything with it.

On a web application, an attacker can do everything from doing parameter tampering, to doing SQL injection in a text input box, to custom-crafting HTTP packets as they are being sent.

The risks are made greater by the fact that web applications need to be able to run on multiple web browsers, support multiple languages, and typically run in a very hostile network (the Internet).

Manual scanning involves first finding out what sorts of weaknesses exist in your particular web server platform and/or application.

Next you need to understand the application so you know where the potential entry points are, such as web forms, user login screens, web forms that query databases, etc.

Finally, it's a matter of understanding how a request/response is supposed to work for each page and then doing the manual testing to see how the application responds to invalid input.

The value in doing manual scanning is that you can focus on where the real risks exist, and not take the 'test everything' approach that an automated tool takes. However, you do need to know where to look, which is why you need to do both automated and manual scanning/testing.

Collapse -

Start with understanding the OWASP top ten

by robo_dev In reply to Web Vulnerability Scannin ...

Related Discussions

Related Forums