Web Application Security Testing

Home Forums Software Testing Discussions Web Application Security Testing

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #19754
    Darwin
    Participant
    @darwin

    Recently I attended one of Dan Billing’s (a.k.a. The Test Doctor) interesting workshop on web application security testing, in which I got to explore potential security threats and vulnerabilities of a web application. As I found it useful I am sharing it here for those who are interested in security testing and looking for an application to play with.

    The application is called Juice-Shop, created for demonstrating various security vulnerabilities. It has different levels of challenges to crack. Please follow the setup guidelines from this repository link to start with.

    If you have any questions, I am more happy to help 🙂

    #19792
    Tassawer
    Participant
    @tassaweramin

    @darwin Thanks for sharing such an interactive and informative post.

    #19804
    Darwin
    Participant
    @darwin

    @tassaweramin, glad to hear that it is interactive and informative for you.

    Setting up the application ‘Juice-Shop’ is really easy.

    > Create an account in Heroku

    > Click ‘Deploy to Heroku’ button from readme file

    > Follow the options until the app is launched

    > Happy Hacking!

    #20780
    Darwin
    Participant
    @darwin

    The people who made OWASP Juice Shop published a book to help others, which acts as a good reference and a complete walk-through can be found here

    #24801
    Mustakim
    Participant
    @mustakimshaikh

    Security Testing is a must in modern times. The more technology advances, more are the threats to our privacy. In this world of digitization, the internet is an open book, and it’s required to keep ourselves and our app free from such vulnerabilities.

    #25253
    Serena
    Participant
    @serenagray

    Well, among the many available security tools, OWASP is really the best tool for security testing. OWASP ZED is an open-source tool that is widely preferred for performing security and penetration testing. The main objective of this OWASP tool is to identify the vulnerabilities before they are attacked. Here are the benefits with this tool:

    • Open-source and free tool

    • It is cross-platform, thus works on all Operating systems

    • Helps in generating reports

    • It is simple and easy to use tool, etc.

    #25255
    Rivera
    Participant
    @riveraalison

    one of the difficuult processes in web development is web testing for ever the experience candidates also.they are tried to resolve the exact test, method to fix the error .,many claps for them.Hire now to fix your web desting at Best Web design company in Chennai .

    #27241
    Rosie
    Participant
    @rosie_grey

    Thanks for such useful links. I’m looking for really effective security testing services because I had a bad experience. Without the testing, my app was faced with a data leak. It was terrible times

    #27257
    Venessa
    Participant
    @venessa

    Thank you, Darwin. Will surely check it out. I came across a good blog on Security testing a couple of days ago. I cannot find the precise link of the blog but I remember the Author. I think it was a blog by Testrig Technologies  

    #29602
    Andersen
    Participant
    @andersen234

    Web application security testing is a process that should be performed by a qualified professional. There are many tools and techniques available to test the security of web applications, but not all of them are equally effective. A qualified tester will have the experience and knowledge necessary to select the most appropriate tool for each situation. Andersen Consulting is a firm that specializes in web application security testing, and we would be happy to provide you with a quote.

    #31214
    ashwini
    Participant
    @ashwinil

    Web application security testing (WAST) is like giving your web app a security checkup. It scans for weaknesses that attackers could exploit to steal data, disrupt operations, or harm your reputation. Think of it as building a shield to protect your castle (your web app) from invaders (hackers).
    Why it matters: Keeps your data safe, meets regulations, avoids trouble, and builds trust.

    The process: Plan, gather intel, find weaknesses, assess the danger, and fix the gaps.

    Common tools: Burp Suite, OWASP ZAP, Acunetix, Netsparker.

    Pro tips: Do it regularly, involve developers, learn new tricks, and stay updated.

    You can also read more at: https://www.testrigtechnologies.com/blogs/

Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.