Web Application Test Suite Data Sheet
Test Suite:
Web Application Test Suite
Direction:
Server

Web Application Test Suite is used for testing web applications. The suite requires a capture from a Web browsing session which is then anomalized and driven against the target Web Application. HTTP archive (HAR) captures and plaintext HTTP session files are supported. Additionally to fuzzing, Web Application Test Suite tests and detects also many vulnerabilities which are characteristic to web applications. The test suite tests SQL and LDAP injections and cross-site scripting attacks, and detects missing XSRF tokens. Web Application Test Suite supports OAuth 1.0(a) and 2.0 Authorization sequences. This makes it possible to test OAuth implementations and Web application functionality, which requires authorization. Suite can also act as an OpenID end user, and pass on (and fuzz) parameters between relying party and OpenID provider.

Used specifications

Specification
Title
RFC1945

Hypertext Transfer Protocol -- HTTP/1.0

RFC2183

Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field

RFC2388

Returning Values from Forms: multipart/form-data

RFC2616

Hypertext Transfer Protocol -- HTTP/1.1

RFC3986

Uniform Resource Identifier (URI): Generic Syntax

RFC4627

The application/json Media Type for JavaScript Object Notation (JSON)

RFC6265

HTTP State Management Mechanism

RFC5849

The OAuth 1.0 Protocol

RFC6749

The OAuth 2.0 Authorization Framework

RFC6750

The OAuth 2.0 Authorization Framework: Bearer Token Usage

RFC7230

Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing

RFC7231

Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content

RFC7232

Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests

RFC7233

Hypertext Transfer Protocol (HTTP/1.1): Caching

RFC7234

Hypertext Transfer Protocol (HTTP/1.1): Range Requests

RFC7235

Hypertext Transfer Protocol (HTTP/1.1): Authentication

OpenID Authentication 2.0 - Final

OpenID Attribute Exchange 1.0 - Final

OpenID Provider Authentication Policy Extension 1.0

OpenID Simple Registration Extension 1.0

Tool-specific information

Feature
Description
Query parameter fuzzing

Anomalization of query parameters

Cookie fuzzing

Anomalization of cookies

Extension-header fuzzing

Anomalization of X-headers

Request payload fuzzing

Anomalization of POST payload including forms and JSON payload

Blind SQL injection detection

Testing if a web application is vulnerable to SQL injections

Blind LDAP injection detection

Testing if a web application is vulnerable to LDAP injections

XSS detection

Testing if a web application is vulnerable to cross-site scripting attacks

XSRF token detection

Detecting bad and missing XSRF tokens

Data leakage detection

Detecting user-configurable forbidden data from a response

HTTP Proxy

Supports HTTP proxies

OAuth 1.0 (a) and 2.0

Fuzz OAuth authorization sequences

OpenID

Fuzz OpenID authentication sequences

Supported SafeGuard Checks

Blind LDAP Injection

Blind SQL Injection

Cross-site request forgery

Cross-site scripting

Extra cookie compared to valid case

Information leakage

LDAP injection in response

Malformed HTTP

Remote Execution

SQL injection in response

Unprotected Credentials

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis