Application Testing Process
Create a threat model either listing known possible attack methods, create use cases of possible attacks
Apply known attacks
Consider known goals of the attacker (anti-goals) such as:
buy negative number of items
Attackers may attempt to violate confidentiality through interception, privilege escalation, spoofing, tampering, modification, or fabrication.
Types of testing include:
Manual testing with known threats
Automated testing with tools that do security penetration testing.
Code reviews - There are code review tools to help the code review process. Code reviews can reveal many security bugs.
Attack things the application depends on
Configuration files - Make them corrupt or delete
Registry values associated with the application
Library files - Make them unavailable, corrupt, or replace
Attack and diminish system resources including memory and disk space
Limit the availability of the network or internet
Modify system environment variables
Attack at points of user input
Use escape characters, quotes, and special characters such as semi-colons which may end statements to embed statements that may compromise a program
Overflow input buffers
Use unexpected command line switches.
Attack software design
ry to use default and test accounts to get access.
Use test software like Holodeck to try penetration testing. Sometimes developers leave test hooks in the application that may be exploited.
Probe all ports to see if the application left a port open that may be vulnerable
Fake data going to the application as though it came from an administrator or an authorized user.
Execute application functionality over and over very fast to see if a denial of service or unauthorized access condition may happen.
Test every possible method to accomplish the same task that may be provided by the application.
Leave values and input fields blank. If internal application values are reset, the application may be in an insecure state with default values such as a known default password for an administrator account.
Attack software implementation
The attacker may try to switch the data after it is checked.
Some files may have special privileges because of their names so an attacker may create files with the same names. Library files such as dlls may have special privileges. The attacker may create the file and put it in a directory that is searched by the system first before searching the directory where the original file is.
Test the program by putting every possible error condition in that will use every possible error messages. Try to find error conditions that the program did not provide for.
Test temporary data for storage of sensitive information including passwords and account names.