Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Bishop Fox Application Penetration Testing Methodology

Overview of Bishop Fox’s methodology for application penetration testing.

Preview of cover page of the Bishop Fox Application Penetration Testing Methodology.

Learn the Bishop Fox approach to Application Penetration Testing.

Bishop Fox’s application penetration testing methodology identifies application security vulnerabilities by combining automated and manual testing techniques.

Assessments begin by crawling and footprinting the application. Next, the assessment team conducts vulnerability scans with automated tools and manually validates the results. Finally, the team manually identifies and exploits implementation errors and business logic in an attempt to gain access to privileged application functionality, sensitive information, and the underlying application infrastructure.

This Methodology document provides an overview of the following penetration testing phases:

  • Pre-assessment
  • Discovery and Product Testing
  • Analysis and Reporting

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.