Black Box Application Security Assessment
The service of Black Box Web Application Security Assessment is one of the services offered by HackSecProject. Black Box assessments are carried out with almost no prior knowledge for the attacker. HackSecProject consultants operate as a hacker does locating any logical, technical defects. They have no access to the source code. In essence, the Black Box assessment is largely composed by automated scanning with manual identification, verification, and exploitation.
HackSecProject offers this web application security assessment
1) Direct Consulting
– A manual audit over a two week period
– Upon conclusion, a full vulnerability report is delivered.
We focus on the following vulnerabilities:
– Remote Code Execution
– SQL/LDAP/XML Injection
– Broken Authentication and Session Management includes privilege escaltion vertically/horizontally
– Significant Information Leak
– Publicly viewable web content manipulation
– E-commerce specific (cart / payment manipulation)
– Typical XSS
– Common Web Flaws
– Minor Information Leakage (server configurations / application data)
If you are interested or if you have any question click here and contact them.