VA-PT of a Magento based application having Magento extension purchases - Cyber Security Case Study
A web application built with Wordpress was presented with limited scope. However, allowed full port-scan in test environment. Resulted with High, medium and low level severity issues.
As the scope was limited for web app, Automated scan was performed by limiting to provided scope. While exploitation was done manually. In terms of web server, port status was checked by automated tools and exploitation was performed manually