Security Testing

FEATURES SERVICES
Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended.
Web Application Security Test
Provides a comprehensive assessment of the security of the web application and the mobile devices used to interact with the application.
TCP Port Scan
Network ports are the entry points to a machine that is connected to the Internet. A service that listens on a port is able to receive data from a client application, process it and send a response back.
Web Vulnerability Scan
Open-source security application which can scan web applications for known security issues, like vulnerabilities included in the OWASP Top 10 security bugs.
Error handling
Testing for error handling includes:
- check for error codes: For example, test 408 request time-out, 400 bad requests, 404 not found, etc.
Available Tools
NMAP
OWASPZAP
NMAP
  • Short for “network mapper”, is an open source utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network.
  • It can be used for IT auditing and asset discovery as well as for security profiling of the network.
  • Free and open source
  • Cross platform (Windows, Linux/Unix, Mac)
OWASPZAP
  • Penetration testing tool for finding vulnerabilities in web applications
  • Easy to install (required Java as prerequisites)
  • Free and open source (World contribution)
  • Ideal for new developers and functional tester who are new to penetration testing
  • Support automation
  • Cross platform (Windows, Linux and Mac)
  • Becoming a framework for advanced testing
  • Fully documented and Integrated with other tools