Test Suite:
Web Application Test SuiteDirection:
ServerWeb Application Test Suite is used for testing web applications. The suite requires a capture from a Web browsing session which is then anomalized and driven against the target Web Application. HTTP archive (HAR) captures and plaintext HTTP session files are supported. Additionally to fuzzing, Web Application Test Suite tests and detects also many vulnerabilities which are characteristic to web applications. The test suite tests SQL and LDAP injections and cross-site scripting attacks, and detects missing XSRF tokens. Web Application Test Suite supports OAuth 1.0(a) and 2.0 Authorization sequences. This makes it possible to test OAuth implementations and Web application functionality, which requires authorization. Suite can also act as an OpenID end user, and pass on (and fuzz) parameters between relying party and OpenID provider.
Used specifications
Hypertext Transfer Protocol -- HTTP/1.0
Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field
Returning Values from Forms: multipart/form-data
Hypertext Transfer Protocol -- HTTP/1.1
Uniform Resource Identifier (URI): Generic Syntax
The application/json Media Type for JavaScript Object Notation (JSON)
HTTP State Management Mechanism
The OAuth 1.0 Protocol
The OAuth 2.0 Authorization Framework
The OAuth 2.0 Authorization Framework: Bearer Token Usage
Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing
Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests
Hypertext Transfer Protocol (HTTP/1.1): Caching
Hypertext Transfer Protocol (HTTP/1.1): Range Requests
Hypertext Transfer Protocol (HTTP/1.1): Authentication
OpenID Authentication 2.0 - Final
OpenID Attribute Exchange 1.0 - Final
OpenID Provider Authentication Policy Extension 1.0
OpenID Simple Registration Extension 1.0
Tool-specific information
Anomalization of query parameters
Anomalization of cookies
Anomalization of X-headers
Anomalization of POST payload including forms and JSON payload
Testing if a web application is vulnerable to SQL injections
Testing if a web application is vulnerable to LDAP injections
Testing if a web application is vulnerable to cross-site scripting attacks
Detecting bad and missing XSRF tokens
Detecting user-configurable forbidden data from a response
Supports HTTP proxies
Fuzz OAuth authorization sequences
Fuzz OpenID authentication sequences
Blind LDAP Injection
Blind SQL Injection
Cross-site request forgery
Cross-site scripting
Extra cookie compared to valid case
Information leakage
LDAP injection in response
Malformed HTTP
Remote Execution
SQL injection in response
Unprotected Credentials
Test tool general features
- Fully automated black-box negative testing
- Ready-made test cases
- Written in Java(tm)
- GUI command line remote interface modes
- Instrumentation (health-check) capability
- Support and maintenance
- Comprehensive user documentation
- Results reporting and analysis