Can any one explain about security testing for a web application?
I need the information about how we will perform security testing for a web application which is developed by asp.net?
Printable View
Can any one explain about security testing for a web application?
I need the information about how we will perform security testing for a web application which is developed by asp.net?
Explain about security testing for a web application?
How we will perform security testing for a web application which is developed by asp.net?
Check whether the text field is allowing <tags> script tags.. If this is allowed then the hacker can pass any script in the textfield itself.. Then use filters in passing the variables through post method..coz hackers can easily knows the logic of the functionality which ur using.
In security testing one and most important thing is that no-one should allowed to see restricted pages, whether it is hacker or guest or other user by any mean.
One more thing to look for is the Cookies...
Often ignored by ppl thisis a vital source for leaking information. any web based application should have their cookies encrypted and it should not be readable at all for normal people.
Thanks,
Kunal
[QUOTE=kunals;17818]One more thing to look for is the Cookies...
Often ignored by ppl thisis a vital source for leaking information. any web based application should have their cookies encrypted and it should not be readable at all for normal people.
Thanks,
Kunal[/QUOTE]
As kunal say's, the information under cookies should be encrypted, I want to add few words, the cookie should not only encrypted but there should not be any sensitive information saved in cookie, other than session information, as human can't read encrypted but bot or other crawlers may do that.