Exploiting the XML External Entity Injection XXE Attack VulnerabilityFebruary 24, 2021
OSINT tools, much more than Open Source and Intelligence – Part IMarch 17, 2021
In these modern times, with almost everything going “Online”, Cyber Security is the prime importance leading 2021. And along with that, the fast-paced nature of everything around us, begs the need to do as much as possible, automatically, without any or just minimal human interaction. And that extends to hold true for any Organization’s Security posture as well. So here, let’s see why do even need to actually bother about Security Automation or in this case, Web Application Security, how can it help us, and a little bit on how exactly can you start doing it.
Why do we need Web Application Security Automation in 2021?
There could be a variety of reasons why we’re trying to automate stuff, but the core underlying reason is being to save a lot of your precious time. If you find yourself doing the exact same thing over and over again, makes total sense to just automate the whole process as much as you can. It’s a small-time investment but ultimately helps save a lot of that in your future engagements.
Another good reason to go with Web Application Security Automation would be that you most certainly won’t miss out on the Easy bugs and would cover a much wider scope. If your target is a big organization, chances are you’ll miss out on a lot of legacy Web Assets, URLs, and overall Infrastructure. With the power of OSINT and some smart automation, you could ensure all of that is covered for any and every target in question, and all those Surface level bugs are scraped off automatically for you.
Finally, as you can see, it helps improve the overall efficiency of your web application penetration testing Engagements or Bug Bounties and helps you stay ahead in the game, all while penetration testing automation saves a lot of your time and manual labor, doing boring repetitive stuff.
What exactly are we trying to automate in application security testing?
Okay, so now we (hopefully) know why are trying to mess our head around with all this Automation-foo of Web Application Security. But what exactly are we trying to automate here? Well, we are basically trying to automate finding as many issues from the OWASP Top 10 guidelines as we can. Of course, we won’t be able to find each and everything, and that is something which, will probably never happen with any kind of crazy Automation or AI, but well, that’s a whole different topic for debate in itself. So our main focus here is to leverage some OSINT techniques and tools, and some smart logic, and try to automate finding the easy, surface-level bugs which you’d possibly miss out following the traditional web application security testing Approach.
What an Automated Approach of Web App Security Testing can do?
As you can possibly imagine, everything can’t be sunshine and rainbows. And same applies to our automation as well. The following are some of the Cons of an Automated Web Application Security Testing approach:
- Minimizing the False-Positives: While you can automate pretty much everything, but finally, at least, in this case, you’ll still have to manually look through and verify all the potential findings to check and confirm whether they’re actual Vulnerabilities or just some False Positive issues. There could be various possible ways that you can incorporate to try and minimize these false alarms, but as technologies evolve, that’ll always be a constant work in progress and won’t ever be just “Perfect”.
- Missing out on the Deeper stuff: While this approach helps cover a much wider Scope, if just relying completely on this, you’ll certainly miss a lot on the Deeper level of bugs. All this automation-foo is mainly, as we discussed, to cover the surface level stuff easily over a much wider coverage area rather than going deeper inside the Web Application, per se. You’ll have to have a healthy amount of balance between that Automated approach and the manual amount of efforts you put in while testing, to uncover the most amount of Vulnerabilities.