Testing and Evaluating Security and Resilience

Your client needs a comprehensive analysis of the vulnerabilities present in the Unsecure PWA.
In this section of the report:

Conduct Security Testing:

Test the Unsecure PWA for a range of vulnerabilities and issues, including but not limited to:

Input handling (e.g., SQL injection, XSS)
Privacy (e.g. lack of privacy policy, account management, user data encryption)
Authentication and session management (e.g., weak passwords, session timeouts)
API security and unnecessary endpoints
File handling vulnerabilities (e.g., unsafe file uploads)
Misconfigured headers and lack of security policies (e.g., CSP, CORS, HTTPS)
Redirects, forwards, and race conditions

Document Vulnerabilities:

For each issue identified, provide:

A brief description of the vulnerability and how you found it.
The potential impact on the application and its users.
An assessment of the severity (low, medium, high).

SQL Injection

SQL Injection is a critical vulnerability where attackers manipulate input fields to execute arbitrary SQL commands, often compromising the database's integrity and exposing sensitive data. Secure practices such as parameterized queries and input validation are essential to mitigate this threat.

Cross Site Scripting

Cross Site Scripting (XSS) enables attackers to inject malicious scripts into webpages, potentially hijacking user sessions or stealing sensitive information. Protecting applications against XSS involves output encoding, content security policies (CSP), and thorough input sanitisation.

Broken Authentication

Broken authentication occurs when flaws in login mechanisms allow attackers to impersonate other users, often by exploiting weak passwords or session vulnerabilities. Strengthening authentication methods through multi-factor authentication (MFA) and secure session management helps prevent these risks.

Cross Site Request Forgery

Cross Site Request Forgery (CSRF) tricks users into performing unintended actions on web applications where they are authenticated, such as transferring funds or changing settings. Implementing CSRF tokens and validating request origins are effective defences against this attack.

Tools

OpenVAS (Open Vulnerability Assessment Scanner): open-source vulnerability scanner for comprehensive vulnerability assessment in networks and web applications.
Nexpose Community Edition: free vulnerability scanner by Rapid7 for detecting vulnerabilities, misconfigurations, and exposures in systems and networks.
Nmap (Network Mapper): versatile network scanning tool for vulnerability scanning, network discovery, and security auditing to identify open ports, services, and potential vulnerabilities.
OWASP ZAP (Zed Attack Proxy): open-source web application security scanner by OWASP for detecting security vulnerabilities in web applications, including injection flaws, broken authentication, and insecure direct object references.

Page updated

Report abuse