SlideShare a Scribd company logo

Creating Practical Security Test-Cases for Web Applications

Rafal Los, profile picture
Rafal Los

The document discusses negative testing techniques for web applications. It explains that negative testing involves finding unintended functions and manipulating code in unexpected ways to uncover security vulnerabilities. The testing process involves mapping application logic and data flows, using both manual and automated testing methods to input unexpected data and manipulate application control flows. Testers must understand the application thoroughly to identify potential weaknesses in how the application handles unexpected inputs or flows.

Technology
1 of 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications
Creating Practical Security Test-Cases for Web Applications

More Related Content

PPT
TEA Presentation V 0.3
Ian McDonald
 
PPSX
Webinar #6 DFMEA
Prodeos
 
PDF
Product Development
MaRS Discovery District
 
PDF
Quality
Naren Kmar
 
PDF
Just Java2007 - Daniel Wildt - Tools For Java Test Automation
Daniel Wildt
 
PDF
Penetration testing web application web application (in) security
Nahidul Kibria
 
PPT
Web Application Security Testing
Marco Morana
 
PDF
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Denim Group
 
TEA Presentation V 0.3
Ian McDonald
 
Webinar #6 DFMEA
Prodeos
 
Product Development
MaRS Discovery District
 
Quality
Naren Kmar
 
Just Java2007 - Daniel Wildt - Tools For Java Test Automation
Daniel Wildt
 
Penetration testing web application web application (in) security
Nahidul Kibria
 
Web Application Security Testing
Marco Morana
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Denim Group
 

Similar to Creating Practical Security Test-Cases for Web Applications (20)

PPTX
PHX Session #1: Development Best Practices And How Microsoft Helps
Steve Lange
 
PDF
Secure Programming With Static Analysis
ConSanFrancisco123
 
PDF
Groovy Testing Aug2009
guest4a266c
 
PDF
Agile Development Methodologies
Nainil Chheda
 
PDF
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
Parasoft
 
PDF
Pivotal Labs Open View Presentation Quality Assurance And Developer Testing
guestc8adce
 
PDF
Groovy Testing Sep2009
Paul King
 
ZIP
Unit Testing in Java
guy_davis
 
PPTX
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries
 
PPTX
Using Pre selection tools in recruitment
willcorder
 
PDF
Achieving Peak User Experiences & Optimizing Web Performance - Load Testing, ...
Compuware APM
 
PDF
High-Octane Dev Teams: Three Things You Can Do To Improve Code Quality
Atlassian
 
PPTX
2009 06 01 The Lean Startup Texas Edition
Eric Ries
 
PDF
Role of Retrospectives in Success of Agile Project
Naresh Jain
 
PDF
Application Assessment Techniques
Denim Group
 
PDF
Secrets of Top Pentesters
amiable_indian
 
PPTX
Test Expo 2009 Site Confidence & Seriti Consulting Load Test Case Study
Stephen Thair
 
PDF
The 7 Sins of Software Engineers in HEP
Ioannis Baltopoulos
 
PPTX
2009 05 21 The Lean Startup At SIPA
Eric Ries
 
PDF
Behind The Scenes At My Spacecom
ConSanFrancisco123
 
PHX Session #1: Development Best Practices And How Microsoft Helps
Steve Lange
 
Secure Programming With Static Analysis
ConSanFrancisco123
 
Groovy Testing Aug2009
guest4a266c
 
Agile Development Methodologies
Nainil Chheda
 
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
Parasoft
 
Pivotal Labs Open View Presentation Quality Assurance And Developer Testing
guestc8adce
 
Groovy Testing Sep2009
Paul King
 
Unit Testing in Java
guy_davis
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries
 
Using Pre selection tools in recruitment
willcorder
 
Achieving Peak User Experiences & Optimizing Web Performance - Load Testing, ...
Compuware APM
 
High-Octane Dev Teams: Three Things You Can Do To Improve Code Quality
Atlassian
 
2009 06 01 The Lean Startup Texas Edition
Eric Ries
 
Role of Retrospectives in Success of Agile Project
Naresh Jain
 
Application Assessment Techniques
Denim Group
 
Secrets of Top Pentesters
amiable_indian
 
Test Expo 2009 Site Confidence & Seriti Consulting Load Test Case Study
Stephen Thair
 
The 7 Sins of Software Engineers in HEP
Ioannis Baltopoulos
 
2009 05 21 The Lean Startup At SIPA
Eric Ries
 
Behind The Scenes At My Spacecom
ConSanFrancisco123
 
Ad

More from Rafal Los (20)

PDF
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
PDF
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
Rafal Los
 
PDF
Irrational But Effective - Applying Parenthood Lessons to Cyber Security
Rafal Los
 
PPTX
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
Rafal Los
 
PPTX
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Rafal Los
 
PDF
Lies, Fables and Security Metrics
Rafal Los
 
PDF
Losing battles, winning wars
Rafal Los
 
PPTX
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
Rafal Los
 
PPTX
Operationalizing Security Intelligence [ InfoSec World 2014 ]
Rafal Los
 
PDF
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Rafal Los
 
PPTX
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rafal Los
 
PPTX
Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Rafal Los
 
PPTX
Threat modeling the security of the enterprise
Rafal Los
 
PPTX
Making Measurable Gains - Contextualizing 'Secure' in Business
Rafal Los
 
PDF
Security BSides Atlanta - "The Business Doesn't Care..."
Rafal Los
 
PPTX
Software Security Assurance - Program Building (You're going to need a bigger...
Rafal Los
 
PDF
The Future of Software Security Assurance
Rafal Los
 
PDF
Defying Logic - Business Logic Testing with Automation
Rafal Los
 
PDF
Ultimate Hack! Layers 8 & 9 of the OSI Model
Rafal Los
 
PDF
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Rafal Los
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
Rafal Los
 
Irrational But Effective - Applying Parenthood Lessons to Cyber Security
Rafal Los
 
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
Rafal Los
 
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Rafal Los
 
Lies, Fables and Security Metrics
Rafal Los
 
Losing battles, winning wars
Rafal Los
 
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
Rafal Los
 
Operationalizing Security Intelligence [ InfoSec World 2014 ]
Rafal Los
 
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Rafal Los
 
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rafal Los
 
Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Rafal Los
 
Threat modeling the security of the enterprise
Rafal Los
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Rafal Los
 
Security BSides Atlanta - "The Business Doesn't Care..."
Rafal Los
 
Software Security Assurance - Program Building (You're going to need a bigger...
Rafal Los
 
The Future of Software Security Assurance
Rafal Los
 
Defying Logic - Business Logic Testing with Automation
Rafal Los
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Rafal Los
 
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Rafal Los
 
Ad

Recently uploaded (20)

PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
A Presentation on Artificial Intelligence
memembruh336
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Spectroscopy.pptx food analysis technology
nawahassan45