Security Testing is a non-functional software testing. It aims to discover any vulnerabilities in the system and find out that the data and resources of the system are protected from possible violators. It ensures that the software and application are free from any threats or risks that can cause a loss.
Based on that, Security Testing focus in specifics area: Network Security, System Software Security; Client-side Application Security; Server-side Application Security.
All types of Security Testing follow six basic principles:
Confidentiality: a security measure that limits access to data managed by a system.
Integrity: is intended to verify that any data received by a system is correct and trustworthy.
Authentication: a security measure that ensures protection by a mechanism that verifies the identity of the individual accessing.
Authorization: ensuring sensitive systems or data properly control access for authenticated users according to their roles or permissions.
Availability: assuring that critical information and services are available when authorised users need them.
Non-repudiation: ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.
Here are some examples of Security Testing:
Vulnerability Scanning: Vulnerability scanning is performed with the help of automated software to scan a system to detect the known vulnerability patterns.
Security Scanning: Security scanning is the identification of network and system weaknesses. Later on, it provides solutions for reducing these defects or risks. Security scanning can be carried out in both manual and automated ways.
Penetration Testing: Penetration testing is the simulation of the attack from a malicious hacker. It includes an analysis of a particular system to examine for potential vulnerabilities from a malicious hacker that attempts to hack the system.
Risk Assessment: In risk assessment testing, security risks observed in the organisation are analysed. Risks are classified into three categories, i.e., low, medium, and high. This testing endorses controls and measures to minimise the risk.
Security Auditing: Security auditing is an internal inspection of applications and operating systems for security defects. An audit can also be carried out via line-by-line checking of code.
Ethical Hacking: Ethical hacking is different from malicious hacking. The purpose of ethical hacking is to expose security flaws in the organisation’s system.
Posture Assessment: It combines security scanning, ethical hacking, and risk assessments to provide an overall security posture of an organisation.
We can use programming tools during the various Security Testing to help us improve our results:
Zed Attack Proxy (ZAP): is one of the free open-source world’s most popular tools. It scans through the web application to identify any security vulnerabilities as possible.
Wfuzz: is designed to inject random data into a web application. It can used to test boundary checks, parameter format check, and error handling issues.
Wapiti: it is a free open source. It allows auditing the security of the application.
W3af: is a Web Application Attack and Audit Framework. It creates a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.
SQLMap: is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
SonarQube: is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells in 29 programming languages.
Nogotofail: provides an easy way to confirm that the devices or applications you are using are safe against known TLS/SSL vulnerabilities and misconfigurations. Nogotofail works for Android, iOS, Linux, Windows, Chrome OS, OSX, in fact, any device you use to connect to the Internet.
Iron Wasp: is an open-source system for web application vulnerability testing. It can be customised to create custom security scanners using Python or Ruby scripting. This system is simple enough to be used by absolute beginners.
Grabber: is designed to scan small web applications, including forums and personal websites. The lightweight security testing tool has no GUI interface and is written in Python.
Arachni: is designed to identify security issues within a web application. The open-source security testing tool can uncover several vulnerabilities.