new adventures in security testing - nordic testing days · new adventures in security testing dan...
TRANSCRIPT
![Page 1: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/1.jpg)
New Adventures
in Security
Testing
Dan Billing
www.thetestdoctor.wordpress.com
@TheTestDoctor
![Page 2: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/2.jpg)
Reflections How far has just being a 'functional
tester' taken me?
Am I excited by my work anymore?
Have I maintained and developed my
skills as a tester?
What do I have to do to make a
change?
![Page 3: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/3.jpg)
"To know what skills to focus on learning you need
to know what skills you need for your chosen
career…compare this to what skills you currently
have. The difference between the two is where
you should focus your learning"
Remaining Relevant and employable in a changing world - Testers Edition
Rob Lambert, Leanpub, 2013
Focus your learning
![Page 4: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/4.jpg)
Why
Security?
![Page 5: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/5.jpg)
![Page 6: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/6.jpg)
![Page 7: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/7.jpg)
![Page 8: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/8.jpg)
Potential Threats
...it's all about the attacks
![Page 9: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/9.jpg)
![Page 10: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/10.jpg)
![Page 11: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/11.jpg)
![Page 12: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/12.jpg)
Motivations behind attacks (Jan - Apr 2014)
Source: Hackmageddon.com
Cyber crime 61% Hacktivism 31%
![Page 13: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/13.jpg)
Recent Significant Attacks
![Page 14: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/14.jpg)
Recent Significant Attacks
![Page 15: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/15.jpg)
Recent Significant Attacks
![Page 16: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/16.jpg)
![Page 17: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/17.jpg)
Boldly Going…?
![Page 18: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/18.jpg)
First Steps • Understand the threats to your systems -
STRIDE
• Explore the OWASP website –
www.owasp.org
• Learn the OWASP Top 10 – They are the
10 Commandments of Web Security
Testing
• Learn some techniques and when to use
them
![Page 19: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/19.jpg)
• Understand your applications
and their infrastructure
• Get to know your Dev/Ops team
– they’ll be your new best
friends
• Follow the security and hacking
bloggers like Troy Hunt
• Take a course or two
![Page 20: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/20.jpg)
Play it Safe
• www.altoromutual.com – deliberately vulnerable
banking site - IBM
• http://google-gruyere.appspot.com – Structured
approach to learning exploits and vulnerabilities
• https://code.google.com/p/bodgeit/ - vulnerable
retail store, runs locally on Apache - OWASP
![Page 21: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/21.jpg)
Play it Safe
• http://www.mmeit.be/bwapp/ – bWapp: an
extremely buggy web app
• https://www.owasp.org/index.php/OWASP_Bricks
- OWASP Bricks
• A VM running your own applications
• Mobisec – a mobile security testing framework
and emulator
![Page 22: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/22.jpg)
Know Your Enemy
• www.hackmageddon.com – news and updates
on recent attacks and hacks
• www.securityninja.com – great news, research
and guidance resource
• www.hackthissite.org – Hackers legal sandbox
• www.hackthis.co.uk – another hackers sandbox
from the UK
![Page 23: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/23.jpg)
“Once you start down the dark path, forever it will dominate your destiny. Consume you it will” - Yoda
![Page 24: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/24.jpg)
![Page 25: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/25.jpg)
STRIDE SPOOFING – illegally using another's authentication information to gain
access
TAMPERING – malicious modification to either persistent data, or as it
flows through a network
REPUDIATION – Denying performing an action without other parties
having a way to prove otherwise
INFORMATION DISCLOSURE – Exposure of information to those who
should not have access
DENIAL OF SERVICE – Denying valid user access to a service
ELEVATION OF PRIVILEGE – Allowing a user access to a system
above their privilege level
![Page 26: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/26.jpg)
Injection in a Nutshell
Xkcd.com/327 – Exploits of a Mom
![Page 27: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/27.jpg)
Injection in a Nutshell
Xkcd.com/327 – Exploits of a Mom
![Page 28: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/28.jpg)
Injection – an Example
![Page 29: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/29.jpg)
Injection – an Example
![Page 30: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/30.jpg)
Cross Site Scripting
![Page 31: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/31.jpg)
XSS – an example
Exploits a victims trust in a
particular site
![Page 32: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/32.jpg)
XSS – an example
![Page 33: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/33.jpg)
Weapon of Choice
• Browser Developer Tools
• Browser plugins e.g.
TamperData, Firebug, The
Postman
• OWASP Mantra
![Page 34: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/34.jpg)
Man in the Middle • Fiddler
• Zed Attack Proxy
• Burpsuite
• nMap/Zenmap
• Beef
• Wireshark
![Page 35: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/35.jpg)
Where next…?
• Automated scanning and
regression
• Better vulnerability
detection and analysis
• Sharing knowledge
• Increased confidence
![Page 36: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/36.jpg)
SEEK! LOCATE! EXTERMINATE!
![Page 37: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/37.jpg)
EX – EXPLORE
T – THREATS
E – EXPERIMENT
R – RISKS
M – MONITOR
IN – INTERROGATE
A – ANALYSIS
T – TARGETED
E - EXPEDITED
A Security Testing
Mnemonic
![Page 38: New Adventures in Security Testing - Nordic Testing Days · New Adventures in Security Testing Dan Billing @TheTestDoctor. Reflections How far has just being a 'functional ... - OWASP](https://reader031.vdocuments.us/reader031/viewer/2022022513/5aee19cd7f8b9a572b8c42a5/html5/thumbnails/38.jpg)
Q&A
• Senior Test Engineer at New Voice Media
• www.newvoicemedia.com
• Blog: www.thetestdoctor.wordpress.com
• Twitter @thetestdoctor