kaluvitharana

• Nov 3rd, 2005

 

Answer

Avinash Khule

• Jan 18th, 2007

 

Hi Radhiga,
The steps to testing banking website security are :
1. First test for the URL of that bank - It should not be opened by copy and paste.
2. Check for the response time of the website after hitting the URL.
3. Check for the speed and time required to open the home page of the banking website.
4. Go for GUI testing.
5. Test the validity for the user id and password field or account no. and password fields
6. Test for the security testing of authorised user.
7. Test with invalid userid/account no. and password field, It should not be accessable.

This much is only for the security purpose of the banking website.
Rest u can test the whole functionality with valid/invalid inputs.

That's all .
Thanks & Regards,
Avinash A. Khule
9326895897.
Verisoft Infoservices Pvt. Ltd.

kiranv7

 Profile Answers by kiranv7 

• May 23rd, 2007

 

To test any web application security you need to fallow the guidelines provided by
OWSAP(open web application security project) not only banking any webapplication.

According to OWSAP if a webapplication not contain these flaws then that application is secure.

1.Cross site scripitng
2.SQL injection
3.Broken Authentication and Session Management
4.Broken access control
5.Buffer overflow
6.Unvalidated Input
7.Improper Error Handling
8.Insecure storage
9.Application Denial of Service
10.Insecure Configuration Management


Thanx

kiran vollala
9908284160

thangavelshanmugam

 Profile Answers by thangavelshanmugam 

• Jun 2nd, 2008

 

HI   AVINASH

ur ans is wrong   its not related of  Q   here asking website  security testing

we follow the some techniques
1 sql  injection
2 xss(cross site scripting)
3 intergrity checker
4 network scanning or mapping
5 war dialling
6 password cracking
7encryption decryption
8 double encoding
9cookie testing
10 url hacking


                               ks thangavel