Penetration Testing Configuration work for web app
- or -
Post a project like this£125(approx. $156)
- Posted:
- Proposals: 8
- Remote
- #2028548
- OPPORTUNITY
- Expired
AI & Data Science Engineer | Nodejs | Ruby On Rails | AWS | GCP | Python | React | Angular |
Auckland
Design, Web & Software Development , Online Marketing , Mobile APP And Game Development Solutions
Singapore
Cyber Security Specialist, Information Security, Penetration Tester, Software Tester
Pune
8841641088681153065316381291750695214845122369952244762
Description
Experience Level: Expert
We have developed a web app and need it to conform to the following standard:
JAVASCRIPT Library Latest
Version
Javascript files must be included in the site and not
referenced in an external location – all files must be the
latest versions and any reference that is made off the site
must be https – If there is a reason for these files being
off site then the link must be identified and a clear reason
as to why the file is not included on the site.
HTTPS Only The site must be developed as though it were to contain
a certificate at the server – testing on the server will be
conducted using https and all http references must be
forwarded to https only
HTTP Response Headers These must be included in the site config this includes
X-XSS Protection, Cache-Control and Strict Transport
Security
Administrative Login The login page itself must be ip restricted, this will mean
any backend /login / admin / umbraco will need to be
restricted to the IP ranges mentioned above. This must
be applied on all instances (E.G. Razor may apply login
links per site page)
Cross Domain Script When an application includes a script from an external
domain, this script is executed by the browser within
the security context of the invoking application. The
script can, therefore, do anything that the application's
scripts can do, such as accessing application data and
performing actions within the context of the current
user.
If you include a script from an external domain,
then you are trusting that domain with the data and
functionality of your application, and you are
trusting the domain's own security to prevent an
attacker from modifying the script to perform
malicious actions within your application.
There must be a stated reason why there are files
not within the site itself.
Form Susceptibility All forms must have a preventable mechanism
for automated form submissions. Forms must
have character restriction that prevents code
strings to be entered and a maximum length of
each field must be applied. Email address’s
must be restricted to only one.
Cacheable HTTPS pages Ensure all HTTPS pages containing sensitive
information have the following directives set in
their HTTP response headers:
Cache-control: no-cache, no-store
Pragma: No-cache
Expires: -1
For more information on cache control see the
‘Cached pages’ section of the following URL:
https://www.owasp.org/index.php/Testing_for_
Logout_and_Browser_Cache_Management_(
OWASP-AT-007)
Cross Domain Referrer
Leakage
The application should never transmit any sensitive
information within the URL query string. In addition
to being leaked in the Referer header, such
information may be logged in various locations and
may be visible on-screen to untrusted parties.
Robots.txt Information disclosure -
Review the contents of the site's robots.txt file and
restrict access to sensitive information.
Cookies set without HTTP
only flag
In general, avoid disclosing environment
information, such as version numbers, error pages
and internal IP addresses.
TCP Timestamp Option The TCP timestamp option on the hosts should be
disabled. Alternatively, this could be filtered at the
SSL Certificate signed using
Weak Hashing Algorithm
Upgrade or replace SHA-1 hashing algorithm to
SHA-2.
Public accessible Login for
administration
You must restrict public access to the
administrative login. If remote access is necessary,
consider restricting access to authorised IP
addresses, this is our preferred option, using VPN
technology and/or enforcing strong, two (or more)-
factor authentication.
JAVASCRIPT Library Latest
Version
Javascript files must be included in the site and not
referenced in an external location – all files must be the
latest versions and any reference that is made off the site
must be https – If there is a reason for these files being
off site then the link must be identified and a clear reason
as to why the file is not included on the site.
HTTPS Only The site must be developed as though it were to contain
a certificate at the server – testing on the server will be
conducted using https and all http references must be
forwarded to https only
HTTP Response Headers These must be included in the site config this includes
X-XSS Protection, Cache-Control and Strict Transport
Security
Administrative Login The login page itself must be ip restricted, this will mean
any backend /login / admin / umbraco will need to be
restricted to the IP ranges mentioned above. This must
be applied on all instances (E.G. Razor may apply login
links per site page)
Cross Domain Script When an application includes a script from an external
domain, this script is executed by the browser within
the security context of the invoking application. The
script can, therefore, do anything that the application's
scripts can do, such as accessing application data and
performing actions within the context of the current
user.
If you include a script from an external domain,
then you are trusting that domain with the data and
functionality of your application, and you are
trusting the domain's own security to prevent an
attacker from modifying the script to perform
malicious actions within your application.
There must be a stated reason why there are files
not within the site itself.
Form Susceptibility All forms must have a preventable mechanism
for automated form submissions. Forms must
have character restriction that prevents code
strings to be entered and a maximum length of
each field must be applied. Email address’s
must be restricted to only one.
Cacheable HTTPS pages Ensure all HTTPS pages containing sensitive
information have the following directives set in
their HTTP response headers:
Cache-control: no-cache, no-store
Pragma: No-cache
Expires: -1
For more information on cache control see the
‘Cached pages’ section of the following URL:
https://www.owasp.org/index.php/Testing_for_
Logout_and_Browser_Cache_Management_(
OWASP-AT-007)
Cross Domain Referrer
Leakage
The application should never transmit any sensitive
information within the URL query string. In addition
to being leaked in the Referer header, such
information may be logged in various locations and
may be visible on-screen to untrusted parties.
Robots.txt Information disclosure -
Review the contents of the site's robots.txt file and
restrict access to sensitive information.
Cookies set without HTTP
only flag
In general, avoid disclosing environment
information, such as version numbers, error pages
and internal IP addresses.
TCP Timestamp Option The TCP timestamp option on the hosts should be
disabled. Alternatively, this could be filtered at the
SSL Certificate signed using
Weak Hashing Algorithm
Upgrade or replace SHA-1 hashing algorithm to
SHA-2.
Public accessible Login for
administration
You must restrict public access to the
administrative login. If remote access is necessary,
consider restricting access to authorised IP
addresses, this is our preferred option, using VPN
technology and/or enforcing strong, two (or more)-
factor authentication.
Neil B.
97% (99)Projects Completed
91
Freelancers worked with
92
Projects awarded
48%
Last project
25 Aug 2023
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies