Hands On With Guided Testing

The Websecurify Suite Scanner is a lot more then it seems. In this blog post we will show you how to make use of a little known feature, internally known as guided testing. So, let's get started.

Screenshot 01

Before we dig into the fun stuff let's examine our current situation. Let's say, for the sake of this example, that we want to test http://target/. All we have to do is to simply navigate to Scanner and enter the target URL. After we press enter and confirm the checkbox we are on our way for a good doze of web security vulnerabilities.

This scenario looks simple, indeed, and of course this is the kind of thing all web security scanners do. However, if you are like us you may notice that there were several interesting opportunities we could have taken advantage of and make the scanner results a lot better.

For example, imagine that http://target/ was already opened in another tab. While you were busy with typing the target URL, Websecurify Suite Scanner was collecting vital data behind your back without you even noticing. Such as, if the web app was a rich JavaScript application that generated constant flow of requests to the server, the Scanner would have known about them before the test was even in progress. Even better, if you had decided to click on the login first button, before the test was started, the Scanner would have record the entire login flow for latter inspection. All of this happened transparently without you even knowing.

What Is Guided Testing

The scenario illustrated above is known as guided testing. In other words, the Scanner is actively trying to learn from your the behavior of your application before and during the test. The data is collected only if the Scanner is opened and the data collected only applies to the targeted that was specified. If you decide to interact with the application while the test is in progress (we strongly encourage this) it is likely that the scanner will reach deeper into your application structure and as a result discover more interesting vulnerabilities.

As far as we know guided testing is unique to Websecurify Suite and it is one of those features that are truly innovative. We believe that computers should do as much uplifting with as little interaction as possible. What we basically did here is to make our Scanner smarter.