Rhino Security Labs

Web Application Penetration Testing

Web Penetration Testing: Critical for Secure Applications

Rhino Security Labs leads the industry in web application penetration testing, identifying vulnerabilities in a range of programming languages and environments.
From webapps in highly scalable AWS environments to legacy apps in traditional infrastructure, out security experts have helped secure data across the world.

With dozens of zero-day vulnerabilities disclosed and our research circulating on national news outlets, we consistently prove our commitment to top-notch security testing.

Web applications are only becoming more relevant. Millions of people depend on web apps to handle their most sensitive information, whether it be for financial planning or medical care. With their growing complexity comes unforeseen security flaws and simple human error. This risk increases as web applications become more interconnected through the linking of APIs. Security researchers find new methods of making these applications bend and break every day.

The best defense is a good offense. By hiring a knowledgeable team of penetration testers to assess your application, you will be made aware of every security hole that could lead to compromised applications and data breaches. This provides you with the foresight needed to fortify your web application and keep your most sensitive assets where they belong.

Web Services

Rhino Security Labs offers web service testing, manipulating and fuzzing parameters found in the WSDL. These configuration files provide a structure for SOAP (Simple Object Access Protocol) requests which the web service accepts – and to which it responds.

During a source code security review, our industry-leading experts manually analyze your application source code for security flaws. More on our Secure Code Review services here.

While web services have many unique components and risks, they can also contain many of the same vulnerabilities as typical application, such as SQL Injection.

Very often, automated vulnerability scanners fail to pick up on more subtle security flaws. An experienced assessor will understand the context of the application and may figure out how to abuse its logic. Many of these vulnerabilities are simply not picked up by automated tools.

The expert security engineers of Rhino Security Labs often make use of vulnerability scanners in the preliminary phases of an application security test, though it is only in the beginning.  With a greater understanding of the application’s context, we can provide assessments that are more relevant to your user-base and individual security needs.

Identify Your Application Security Risks

Get insight into your webapp security risk – download information on Rhino Security’s application penetration test services.

Rhino Security Labs operates under a structured, repeatable methodology. We prioritize this concept in each engagement to make certain that our assessment is reliable, reproducible, and top-notch in quality. As such, our findings can always be verified by your team, before and after the remediation. To get these results, we are guided by the following steps:

1 – Define Scope

Before a web application assessment can take place, Rhino defines a clear scope of the client. Open communication between Rhino and the client organization is encouraged at this stage to establish a comfortable foundation from which to assess.

  • Determine which of the organization’s applications or domains  are to be scanned/tested
  • Make exclusions from the assessment known (specific pages/subdomains)
  • Decide on the official testing period and confirm time zones

2 – Information Gathering

Rhino engineers collect as much information as they can on the target, employing a myriad of OSINT (Open Source Intelligence) tools and techniques. The gathered data will help us to understand the operating conditions of the organization, which allows us to assess risk accurately as the engagement progresses. Targeted intelligence might include:

  • PDF, DOCX, XLSX, and other files leaked by Google
  • Previous breaches/credential leaks
  • Revealing forum posts by application developers
  • Exposed robots.txt file

3 – Enumeration

At this stage, we incorporate automated scripts and tools, among other tactics in more advanced information gathering. Rhino engineers closely examine any possible attack vectors. The gathered information from this stage will be the basis for our exploitation in the next phase.

  • Enumerating directories/subdomains
  • Checking cloud services for possible misconfigurations
  • Correlating known vulnerabilities with the application and relevant services

4 – Attack and Penetration

With careful consideration, we begin to attack vulnerabilities found within the webapp. This is done cautiously to protect the application and its data, while still verifying the existence of discovered attack vectors. At this stage, we may perform attacks such as:

  • SQL injection and/or Cross-Site Scripting
  • Employing breached credentials and brute force tools against authorization mechanisms
  • Monitoring web app functionality for insecure protocols and functions

5 – Reporting

Reporting is the final stage of the assessment process. Rhino analysts aggregate all obtained information and provide the client with a thorough, comprehensive detailing of our findings. The report begins with a high-level breakdown of the overall risk, highlighting both strengths and weaknesses in the application’s protective systems and logic. We also include strategic recommendations to aid business leaders in making informed decisions regarding the application. Further into the report, we break down each vulnerability in technical detail, including our testing process and remediation steps for the IT team, making for a simple remediation process. We go to great lengths to ensure each report is both explicit and easy to navigate.

6 – Remediation Testing

Additionally, upon client request, Rhino Security Labs may review an assessment after the client organization has patched vulnerabilities. We will ensure changes were implemented properly, and the risk has been eliminated. The previous assessment will be updated to reflect the more secure state of the application.