Web Application Security Assessment

Web Application and Penetration Testing reviews provide organisations with a real-world view of what malicious attackers could potentially do to and within their environments. 

Few organisations can match the experience and expertise of Intouch World in this field. While automated tools have their place, nothing substitutes for manual testing done by expert individuals. 
The resulting report will incorporate all information security control area findings into a single application controls assessment document, with clear, concise, jargon-free findings and recommendations sufficient for risk management. Intouch World can also be engaged to provide services in support of implementing findings and recommendations. 

Assessment Coverage Areas

Web Applications 

  • Buffer overflows 
  • Cross site scripting 
  •  SQL Injections 
  •  Source code disclosure 
  •  HTTP Response Splitting 
  • Link Injection 
  •  Cross site request forgery 
  •  Windows File Parameter Alteration 
  •  URL Decoding DoS 
  •  Internal IP Address Disclosure
  •  Application Physical Path Disclosure 
  •  Host Header Information Leakage 
  •  Phishing through URL Redirection 
  •  Unencrypted Login Request 
  •  Insecure HTTP Methods 
  •  HTTP TRACE / TRACK Methods . etc 


Using the above tests we then attempt to: 

  • Gain unauthorised access to servers or devices 
  • Obtain sensitive information 
  • Modify data 
  • Access another customers information and accounts 
  • Access protected functionality without valid credentials
  • Modify and manipulating data 
  • Capture another user's information 
  • Highjack user sessions 


Intouch World is a multi service, professional IT consulting organization based in Bangalore, India. Established in 1999, the company pr.


Tel: +91 80 2543 4312 / +91 9845 021 510
Fax: +91 80 2543 4314
Email: ricky@intouchworld.net