APPLICATION PENETRATION TEST SUPER VEDA

More documents

Recommendations

Info

Application Penetration Test for Super Veda- Sample Report -1 INTRODUCTIONThe document hereby describes the proceedings and results of anapplication penetration test conducted against Imperva's demonstrationapplication located on veda1.imperva.com. The penetration test tookplace during the month of November as part of an internal research. Thepenetration test was performed by application security experts fromImperva.ImpervaPage6 of73
Application Penetration Test for Super Veda- Sample Report -2 SCOPE & LIMITATIONS2.1 SCOPEThe test was aimed at the Super Veda online market website, accessedthrough veda1.imperva.com.The test was aimed at the application only, and did not include anyattempts to exploit network or Operating System level vulnerabilities.2.2 LIMITATIONSThere were no limitations during the test.2.3 METHODThe testing was done in a ‘Black-Box’ method, in which the testers had noinformation or prior knowledge regarding the application’s architecture orthe technology used to implement it. This type of test gives an accuratesimulation of an actual hacker attacking the system.The tools used for the penetration test are a mixture of publicly availabletools downloaded from the Internet along with special purposehomegrown tools.2.4 PRIOR KNOWLEDGEThe test team received a single test account's user and password.ImpervaPage7 of73
Page 1 and 2: APPLICATION PENETRATION TESTSUPER V
Page 3 and 4: REFERENCESREF DOCUMENT VERSION DATE
Page 5: 5.6 Script Injection into User’s
Page 9 and 10: Application Penetration Test for Su
Page 57 and 58:
Application Penetration Test for Su
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73:
show all

APPLICATION PENETRATION TEST SUPER VEDA

Create successful ePaper yourself

Delete template?

Save as template?