Manual Security Testing Procedures

3 min read Web Security Fundamentals

Manual Security Testing Procedures

Implement systematic manual testing:

#!/bin/bash
# /usr/local/bin/manual-security-test.sh

# Manual Security Testing Checklist

echo "=== Manual Security Testing Checklist ==="
echo "Target: $1"
echo "Date: $(date)"
echo "Tester: $(whoami)"
echo

# Function to prompt for test result
test_step() {
    local test_name="$1"
    local test_command="$2"
    
    echo -e "\n[TEST] $test_name"
    echo "Command: $test_command"
    echo -n "Result (pass/fail/na): "
    read result
    echo -n "Notes: "
    read notes
    
    echo "$test_name|$result|$notes" >> manual-test-results.csv
}

# Authentication and Session Management Tests
echo -e "\n=== Authentication Tests ==="

test_step "Password Complexity Enforcement" \
    "Try creating weak passwords in the application"

test_step "Account Lockout Mechanism" \
    "Attempt 5+ failed logins and verify lockout"

test_step "Session Timeout" \
    "Leave session idle for configured timeout period"

test_step "Session Fixation" \
    "Check if session ID changes after login"

test_step "Concurrent Session Handling" \
    "Login from multiple browsers/locations"

# Input Validation Tests
echo -e "\n=== Input Validation Tests ==="

test_step "SQL Injection - Login Form" \
    "Enter: ' OR '1'='1 in username/password fields"

test_step "XSS - Reflected" \
    "Enter: <script>alert('XSS')</script> in search/input fields"

test_step "XSS - Stored" \
    "Submit: <img src=x onerror=alert('XSS')> in forms that store data"

test_step "Command Injection" \
    "Enter: ; ls -la or | whoami in input fields"

test_step "XML/XXE Injection" \
    "Upload XML with external entity references"

test_step "Path Traversal" \
    "Try: ../../etc/passwd in file parameter fields"

# Access Control Tests
echo -e "\n=== Access Control Tests ==="

test_step "Horizontal Privilege Escalation" \
    "Access other users' resources by changing IDs in URLs"

test_step "Vertical Privilege Escalation" \
    "Access admin functions with regular user account"

test_step "Direct Object Reference" \
    "Modify object IDs in URLs to access unauthorized resources"

test_step "Missing Function Level Access Control" \
    "Access admin URLs directly without authentication"

# Configuration Security Tests
echo -e "\n=== Configuration Tests ==="

test_step "Default Credentials" \
    "Check for default admin/admin, root/root credentials"

test_step "Directory Listing" \
    "Navigate to directories without index files"

test_step "Backup File Disclosure" \
    "Check for .bak, .old, .backup file extensions"

test_step "Error Message Information Leakage" \
    "Trigger errors and check for stack traces/system info"

test_step "HTTP Methods" \
    "curl -X OPTIONS/PUT/DELETE/TRACE target"

# Generate summary report
echo -e "\n=== Test Summary ==="
echo "Total Tests: $(wc -l < manual-test-results.csv)"
echo "Passed: $(grep -c "|pass|" manual-test-results.csv)"
echo "Failed: $(grep -c "|fail|" manual-test-results.csv)"
echo "N/A: $(grep -c "|na|" manual-test-results.csv)"

# Create detailed report
cat > manual-test-report.html << EOF
<!DOCTYPE html>
<html>
<head>
    <title>Manual Security Test Report</title>
    <style>
        .fail { background-color: #ffcccc; }
        .pass { background-color: #ccffcc; }
        .na { background-color: #ffffcc; }
    </style>
</head>
<body>
    <h1>Manual Security Test Report</h1>
    <p>Date: $(date)</p>
    <table border="1">
        <tr><th>Test</th><th>Result</th><th>Notes</th></tr>
EOF

while IFS='|' read -r test result notes; do
    echo "<tr class='$result'><td>$test</td><td>$result</td><td>$notes</td></tr>" >> manual-test-report.html
done < manual-test-results.csv

echo "</table></body></html>" >> manual-test-report.html