Bishop Fox Application Penetration Testing Methodology
Overview of Bishop Fox’s methodology for application penetration testing.
Learn the Bishop Fox approach to Application Penetration Testing.
Bishop Fox’s application penetration testing methodology identifies application security vulnerabilities by combining automated and manual testing techniques.
Assessments begin by crawling and footprinting the application. Next, the assessment team conducts vulnerability scans with automated tools and manually validates the results. Finally, the team manually identifies and exploits implementation errors and business logic in an attempt to gain access to privileged application functionality, sensitive information, and the underlying application infrastructure.
This Methodology document provides an overview of the following penetration testing phases:
- Discovery and Product Testing
- Analysis and Reporting