The Research Of Web Application Penetration Testing

With the rapid development of Internet, web applications have been more and more used in business, finance, education, government and entertainment. However, they do exist a variety of security vulnerabilities that can be exploited, so how to do security testing effectively to ensure the security and reliability of the web applications becomes more and more important. However, because the distributed architecture of web applications,the low coupling degree between the various entities and the development of web application technology and scripting language, the diversification of web applications structure and behavioral characteristics, which has made the web application security issues become more complex. Since the testing of web application security vulnerabilities is more difficult than the traditional testing, a new challenge is presented to the field of software testing and has become a hot research topic in the field of software engineering.Penetration testing as a web application security vulnerability testing method is being widely used in web application security testing. It can find potential vulnerabilities in a web application and eliminate the corresponding threats before the release of web applications. However, in practice, the penetration testing results of web applications are directly related to the testers’ experiences and skills, which makes different penetration testing service providers or staffs get the different vulnerabilities and different vulnerability number. So there exist false positives and false negatives in the test results to varying degrees, thus making the scope of testing and the results of testing different greatly. Since the traditional penetration method using dynamic detection only, its efficiency is low. In order to avoid the test results relying on individual ability and to improve the penetration testing efficiency, we need a more scientific method to avoid false positives and false negatives as far as possible.In this article, we firstly study and analyze the security problems and the related testing methods of the Web application. Then, we proposed a combination of Tainted Mode model and the traditional penetration testing to improve the penetration testing methods. At last, we focused on the input validation vulnerabilities, especially aimed at SQL injection and cross-site scripting (XSS) vulnerabilities. The major work of this paper includes:1.Research and analyze the input validation security vulnerabilities of the Web application deeply and comprehensively, and analyze how to prevent this type of vulnerability during the practical programs.2.In order to reduce the false negative rate, false positive rate and to improve the efficiency during the penetration tests, we study and analyze the security vulnerability testing techniques of web applications and propose a penetration testing method which is a combination of static analysis and dynamic testing. According to the characteristics of the SQL injection and cross-site scripting (XSS) attacks, we designed and built corresponding rules base of static detection and dynamic penetration.3.The implement and validation of Web application penetration testing platform. In this paper, open source tool findbugs and Selenium are used to implement in the test execution layer of testing platform. At last, we use simulative web sites and real-life web sites to verify the testing platform which can effectively find SQL injections and XSS vulnerabilities in Web applications.