Penetration Test)

Generally, you need to perform a security test before launching a website of a relatively large scale. (Penetration test)

 

Security Testing generally includes the following steps:

1. Select a series of security question points and analyze the feasibility of the test. (select several questions to be tested, such as SQL injection)

2. Identify system defects and identify high-risk components. (automated tools are generally used)

3. Identify possible defects that are difficult to be tested by automated testing tools.

4. Evaluate the impact of defects on potential businesses and operations.

5. Test the existing system defense capabilities and the ability to respond to and process attack data.

6. provide suggestions for improving system security

 

Common problems are as follows: (including but not limited)

1. SQL injection.

2. XSS and csrf.

3. Cookies, session hijacking and forgery.

4. Unnecessary permissions and information leakage.

5. Data forgery and authorization issues

6. Environment andCodeSecurity (server configuration, obfuscation, shelling, etc)

 

The cause is often:

1. architecture design defects or inadequate security considerations

2. Code bug

3. Incomplete tests, insufficient code coverage (of course, high code test coverage means a high cost, generally refers to testing logic and data)

4. Did not promptly remove the testing code and release the debug information to the production environment

5. server settings, especially Permissions

6. Malicious modification by some personnel

 

It is generally divided into two parts: automation and labor.

Automation is generally implemented using a self-developed or third-party tool:

Third-party tool recommendations: IBM appscan http://www-01.ibm.com/software/awdtools/appscan/ is very expensive but very useful end-to-end testing tools

There are also some free testing tools, such as nikto and skipfish, which are not really good examples ....

These automated tools also include server scanning, chain disconnection, and spelling checks.

 

Manual testing involves the following policies:

1. codereview

• In fact, codereview is designed to put a lot of pressure on the developer, so that the developer can know that someone will view his code, so that he can provide higher quality products.
• Codereview has many other functions.ProgramDefects are one of the most important ones.

2. Manual testing

• Generally, several key processes and functions are selected for testing.

 

If you are interested, please refer to this document Technical Guide to information security testing and assessment.

And this webpage http://en.wikipedia.org/wiki/Penetration_test

 

In addition, we recommend that you set up different environments for the project (not only to ensure security)

1. Local

2. Dev is used for internal testing by the development team. Generally, programmers can only work in the local and Dev environments.

3. qat: Only QA has the permission to deploy the environment. QA works in this environment.

4. UAT users will perform tests in this environment. The establishment of this environment and Assembly compilation are often irrelevant to developers.

5. Prod