The Web Security Testing Process
This week we will look at the pen-test process for a web application. This builds on the generic process we discussed last week in 5063CEM Practical Pentesting, giving us some strategies for testing web applications.
We will look at some testing strategies for web applications, then start to look at the recon stage, by mapping the website.
The mapping process allows us to identify areas where the application will accept and display data, as well as giving us an idea of the sites functionality. We will continue this process next week when we look at strategies for finding "Hidden" information on a site.