Saturday, 12 November 2016

Security Testing

This post is dedicated to the specialised branch of software testing - Software Security Testing.

Before we get into Software Security Testing which is always part of Non Functional Testing unit we will see what are the types of Software Threats -

1. Brute Force Attack

Brute Force Attack is a vital information guessing technique. In this process automated system generates many combinations of user password or pin (personal identification number) to get into the business machines with the intention of stealing the data. These attacks are crafted very carefully so that automated system should get the access to the business systems quickly.

2. Denial of Service

This type of attack is on the critical business systems like bank, payment gateways, booking sites or critical news boards. The intention of this attack is to stop users to access the application. The attack is usually  done by the automated system by creating virtual users in exponential process with the intention of blocking available bandwidth of server to deny access to any users who need information.

3. SQL Injections

SQL Injections are the SQL queries to read, modify or delete business critical information stored in the database  using presentation layer. These attacks are easy and can be planned quickly. However these attacks are most of the time risky attacks and easy to track down.

4. Trojan Attacks

Trojan attacks are most common and easy to find. In these attacks users are presented with some of the interesting tasks like disk back up, disk fragmentation or memory management and at the background  automated scripts are executed to steal information. These attacks are successful if the user follows instructions given on the websites without confirming with the security teams.

5. Fishing

These attacks are usually crafted by sending out emails to mass users. These emails are lottery, charity or some business proposals. Users fall for this type of invitations because the offer is very lucrative and directly comes to the email inbox. The email comes with some kind of URL to hit or buttons or images to click the confirmation so that users get trapped.

Now we understand the possible attacks and threats to the business so the first task is to create test strategy to find out, in our client's business such vulnerabilities are present and if present raise an issue to fix them before the business application starts handling the user information or business critical information.

Except the fishing attack all other types of attacks are tested using penetration tools. For fishing attack we usually inform the staff and add email scanners to scan the emails coming into the business network and going out of the business network.

Open source tools used for testing above attacks are Aircrack-ng, Automatic backholing, SQLMap, pfSense and Gophish respectively.

Enjoy Security Testing!