Web Application Security Testing

For web application security testing Automated & Manual both approaches need to be applied. There are plenty of automated security testing tools available open source as well as commercial. Here in this article I will be discussing about some of the automated security testing tools which I have used recently.

Selection of the security testing tool was not so easy; even though there are hundreds of tools available I was looking for one which is reliable, well known, and having good and detailed report generating capabilities.

Finally I landed upon selecting Acunetix Web Security Scanner, Shadow Security Scanner, IBM Rational AppScan, Syhunt Collapse, and N-Stalker web application security.

All of them give almost the same results; there was the major variation in the results given by Acunetix. It provides the feature for recording user logins in online forms as well as http authentications. Runs very fast as to compare with the other tools. The results were not so complicated; it generates cool reports will all details. While analyzing the results the most helpful feature I found was the capability of showing “HTML Response”; Acunetix scanner shows the attack details as well as corresponding HTML Response in the same place; that helps a lot to understand what exactly happened during the scan. I give 9/10 to this software; the only problem I faced with this software is it crashed or handed my system couple of times.

IBM Rational AppScan looks good..! Yes it only looks good. It also provides the feature for recording user logins in online forms as well as http authentications. I saved the scanning profile on one computer and tried to run it again on another system it simply displayed the “Visual Studio debugger” and application stopped responding. I guess this is the bug with the release which I was using. This application runs very slow; it displays the splash screen for almost half a minute, especially when there is antivirus installed on the computer. It has an update features; it’s a different executable which runs at the program startup. Having separate ugly window for update only feels annoying.There is one feature given under the “Scan” is “Explore Only” means the program crawls the application under test and generates the results so called as “Recommendations” by “Evaluation Scan” which are scan configuration related. It’s simply eats up most of the time; once the recommendations are applied the scan starts again and the most irritating moment comes – it shows the “visual studio error” again and again after this there no way to use this application. It means you will have to wait for a comparatively longer time to see the actual scan results. I will give 4/10 for this application.

Using N-Stalker is all together a different experience; the program actually makes you feel of being part of the SDLC. The first screen of the scan wizard itself shows the phases where an application security testing has to be done or supposed to be done; select the desired phase and continue. It has a very strong report generation and analysis capability. Browser view of crawled web pages can be seen at runtime. Also, the identified vulnerability details can be seen as it is traced. Problem is it does not provide any feature to record user logins to online forms. Will give 8/10 to this software.

Syhunt Collapse and Shadow Security Scanner are good for Web Host Scans does not give any feature to record user logins. It generates good reports but the GUI needs to be improved. The software is not much user friendly would say not for beginners. An advanced user can get what he wants from this Shadow Security Scanner. For the technical details, attack database and execution speed will give 7/10 to both of these applications.