W A P Testing

Our professionals at EagleClaw offer comprehensive WAP testing capabilities that scan to exploit and interact with web applications just as an attacker would, to test for existing vulnerabilities. Out testing would identify the strengths or weaknesses in web applications and web servers, by simulating dynamic exploits that compromise security. We have customized tools that crawls the web and find the URL’s to be tested. Crawl web pages and identify URLs to test. We use vulnerability scanners to import results, filter them and identify points of exposure. Our tools address the current security threats that your organizations faces and they include:

1. SQL Injection – Traditional and Blind –OWASP A1

2. OS Command Injection– OWASP A1

3. Cross-Site Scripting–OWASP A2 Services

4. Broken Authentication and Session Management–OWASP A3

5. Insecure Direct Object References–OWASP A4

6. Cross-Site Request Forgery–OWASP A5

7. Security Misconfiguration–OWASP A6

8. Insecure Cryptographic Storage–OWASP A7

9. Failure to Restrict URL Access–OWASP A8

10. Insufficient Transport Layer Protection–OWASP A9

11.  Unvalidated redirects and forwards–OWASP A10