VA-PT of a Magento based application having Magento extension purchases - Cyber Security Case Study
Scenario
A web application built with Wordpress was presented with limited scope. However, allowed full port-scan in test environment. Resulted with High, medium and low level severity issues.
Testing methodology
As the scope was limited for web app, Automated scan was performed by limiting to provided scope. While exploitation was done manually. In terms of web server, port status was checked by automated tools and exploitation was performed manually
Risk Found
Business Risk
----------