The most basic step in dealing with attacks is finding a combination of assessment tools that can identify vulnerabilities and reduce exposure
Last December, over 100,000 WordPress websites were compromised due to a vulnerability in a popular plugin, resulting in Google blacklisting over 11,000 domains.
CMS platforms like WordPress or SharePoint Online are immensely popular and supported by a broad developer community. This advantage is accompanied by the risk of expanding the web application attack surface.
The most basic step in dealing with the new attack landscape is to find a combination of assessment tools that can identify as many vulnerabilities as possible and reduce exposure. Here’s a list of the most effective website exposure assessment tools.
Application-Level Tools
Many successful attacks both start and end on the client-side. Due to the evolution of web technologies, such as HTML5, JSON and REST, more complex challenges arise on the client-side. For example, attackers can exploit misconfigured HTML5-based applications, granting them direct access to file systems, history, cookies and email accounts.
Client Honeypot: You can leverage your honeypot network to understand an attack’s approach and behavior to learn about what measures to take to identify suspicious clients’ registry modifications or file systems writes, for example. Check out the following honeypot open source projects:
Running these tools requires basic knowledge of Python.
Client configuration scanning (e.g. browser security, privileges) – One of the accompanying challenges at this level has to do with the privileges involved with associated content management systems that leave administration capabilities wide open.
"To ensure your service’s resilience, load tests that simulate DDoS attacks need to be performed on both pre-production and production environments"
Infrastructure Assessment Tools
The enterprise infrastructure layer is much more complex than in the past. It is loosely coupled, comprised of internal and external data centers such as public IaaS clouds. In this heterogeneous environment, it is much more difficult to continuously govern all your assets to ensure data is protected at all times. This involves having to protect underlying infrastructure that might not be under your direct control if it is managed by a hosting service or in the cloud.
The following tools can help you scan infrastructure where it is hosted, including your environment’s network topology:
Availability and User Experience Assessment Tools
We hear of massive DDoS attacks daily, as today’s attackers can easily obtain the tools and resources needed to quickly coordinate and launch them. The following tools help assess the site’s potential availability and experience under DDoS load.
To ensure your service’s resilience, load tests that simulate DDoS attacks need to be performed on both pre-production and production environments. The following tools let you simulate loads and learn about website performance bottlenecks. After testing how your website responds to basic ‘post’ requests, you may continue to stress-test your website, simulating DDoS attacks.
- IMacros for Chrome – This free basic tool enables you to simulate post request loads to easily test your application’s robustness.
The following commercial tools enable simulating millions of users:
- BlazeMeter – Based on JMeter, open source platform.
- LoadStormPro – Free basic load testing.
- Ixia BreakingPoint – Testing solution that includes DDoS and botnet simulation.
Platform Hardening Tools
Popular platforms such as WordPress or SharePoint Online provide enterprises with flexibility and a rich feature set by means of extensions and plugins. However, as a system’s functionality extends so does its attack surface.
Any plugin integration may impact the entire platform. As a result, you are required to continuously research, scan and eliminate the increasing amount of vulnerabilities. As we all know, hardening can be very challenging as it involves many different tasks and is prone to human error. Take a look at this SharePoint platform hardening paper for further examples.
Here are some platform hardening tools:
- WordPress security testing: http://wpscan.org/
- SharePoint security testing: https://www.owasp.org/index.php/Research_for_SharePoint_(MOSS)#SharePoint_Hacking_Tools
- Learn about how to protect REST-based websites built on SharePoint 2013
Web Application Development
The attack surface is growing for evolving web 2.0 technologies, especially on the client side. Vulnerabilities can be found at the user, browser and the endpoint configuration levels. It’s vital that web application developers are aware of their application’s vulnerabilities and consider factors such as user behavior and browser security capabilities.
These Chrome extensions help developers create more secure applications and quickly detect potential breaches.
- Penetration tests: Check out d3coder and Request Maker.
- Form Fuzzer: Fuzzing is an art made simple with this easy-to-use Chrome extension. While it is not professional-grade, it is a nice tool to start with.
- Websecurify is a useful toolkit for websites and web application vulnerability scanning.
Nimrod Luria is co-founder and CTO and Sentrix. Sentrix provides the CloudDMZ solution, protecting enterprise web applications from attacks.