• Web applications


Penetration testing of web applications is a simulation of attacks on a system to gain access to sensitive data and determine whether the application is secure.

The goal of web application penetration testing is to detect security vulnerabilities resulting from insecure development practices in the design, coding and publishing of software or websites.

A web application penetration test typically includes:

  • User authentication testing to verify that accounts cannot compromise data;
  • Assessment of web applications for flaws and vulnerabilities such as cross-site scripting (XSS);
  • Assessing the secure configuration of web browsers and identifying features that may cause vulnerabilities;
  • Web server and database server security assessment.