Services Details

Web application Testing




Web application testing estimates the security posture of your website/custom developed application. The MoxieHawk dispatch the complete unauthenticated and authenticated testing based off of strict OWASP criterion. Our engineers buckle down to discover weak points across the entire web application to secure your applications and data. Testing activities includes: hunting OWASP Top 10 Vulnerabilities, website mapping, enumeration, injection attacks (SQL, JavaScript, LDAP, etc.), Remote code execution, malicious file upload abuse testing, and furthermore.  
All testing activities performed here follows SANS 25, OWASP v4 guidelines, and checklist.

OUR METHODOLOGY

All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), OWASP Top 100 Scenerios, and customized testing frameworks.

  • Discover:Client aims are gathered and rules of engagement are obtained.
  • Analysis:Accomplish scanning and enumeration to identify critical vulnerabilities, weak areas and exploits.
  • Attack:Confirm critical vulnerabilities through exploitation and perform additional impacts over new access.
  • Reporting:Confirm critical vulnerabilities through exploitation and perform additional impacts over new access.