Latest Posts

Web Application Security Testing

Posted on by Rishan Solutions

Loading

Web application security testing helps identify vulnerabilities in web apps to prevent cyberattacks. Python provides various tools and frameworks to scan, test, and secure web applications.

Key Areas of Web Security Testing:

  • SQL Injection (SQLi)
  • Cross-Site Scripting (XSS)
  • Broken Authentication
  • Security Misconfigurations
  • Information Disclosure
  • CSRF (Cross-Site Request Forgery)

1. Setting Up Security Testing Tools

Install Python Security Tools

pip install requests bs4 selenium sqlmap

Tools Used:

  • requests → HTTP requests
  • bs4 (BeautifulSoup) → HTML parsing
  • selenium → Browser automation
  • sqlmap → SQL injection testing

2. Testing for SQL Injection (SQLi)

Using sqlmap for Automated SQL Injection Testing

sqlmap -u "http://example.com/login.php?id=1" --dbs

Detects & exploits SQL Injection vulnerabilities.

3. Scanning for XSS (Cross-Site Scripting)

Using requests and BeautifulSoup

import requests

url = "http://example.com/search?q=<script>alert('XSS')</script>"
response = requests.get(url)

if "<script>alert('XSS')</script>" in response.text:
    print("Possible XSS vulnerability detected!")

Injects an XSS payload and checks if it executes.

4. Testing for Broken Authentication

Checking Weak Login Credentials

import requests

url = "http://example.com/login"
credentials = [("admin", "admin123"), ("admin", "password"), ("user", "123456")]

for username, password in credentials:
    data = {"username": username, "password": password}
    response = requests.post(url, data=data)
    
    if "Login Successful" in response.text:
        print(f"Weak credentials found: {username} / {password}")

Detects weak credentials that hackers might use.

5. Detecting Security Headers

Checking for Missing Security Headers

url = "http://example.com"
response = requests.get(url)

security_headers = ["X-Frame-Options", "X-XSS-Protection", "Content-Security-Policy"]

for header in security_headers:
    if header not in response.headers:
        print(f"Warning: {header} is missing!")

Identifies missing security headers.

6. Detecting Sensitive Information Leakage

Checking for API Keys & Credentials in Web Pages

import re

response = requests.get("http://example.com").text

if re.search(r"(?i)apikey\s*=\s*['\"][a-zA-Z0-9]+['\"]", response):
    print("Possible API key leakage detected!")

Finds leaked API keys in public pages.

7. Automating Security Testing with Selenium

Testing CSRF (Cross-Site Request Forgery)

from selenium import webdriver

driver = webdriver.Chrome()
driver.get("http://example.com/change-password")

csrf_token = driver.find_element("name", "csrf_token").get_attribute("value")
if not csrf_token:
    print("CSRF token missing! Site vulnerable.")

Checks if CSRF protection is enabled.

8. Web Application Firewall (WAF) Evasion

Testing WAF Protection with URL Encoding

import urllib.parse

payload = "1' OR '1'='1"
encoded_payload = urllib.parse.quote(payload)

url = f"http://example.com/login?id={encoded_payload}"
response = requests.get(url)

if "Welcome" in response.text:
    print("WAF bypass detected!")

Tests if a web application firewall can be bypassed.

Best Practices for Web Security Testing

Always test in a controlled environment
Obtain permission before testing live sites
Use penetration testing tools like OWASP ZAP & Burp Suite
Automate scans but manually verify results

Leave a Reply

Your email address will not be published. Required fields are marked *