FAQ

Web Application Testing

A web application penetration test requires more than experience—it needs the precise use of the right tooling. At binsec GmbH, we combine established open-source utilities, commercial solutions, and our own in-house tools to assess the security of web applications end-to-end.

Information Gathering

• dig – DNS queries and initial target infrastructure analysis.
• binsec.tools – our in-house utilities:
  • SubDomainFinder – mapping external attack surface via subdomains.
  • CertWatch – certificate transparency and issuance monitoring.
• nmap – port and service discovery with version and script-based analysis.

Detection & Documentation

• gowitness and eyewitness – automated screenshots and inventory of discovered hosts and endpoints.
• wappalyzer and binsec.tools WebCompScan – detection of frameworks, libraries, and CMS components.

Web Application Testing

• curl – targeted requests and reproducible minimal test cases.
• Burp Suite Professional – our primary testing platform with extensions like Autorize, Upload Scanner, and custom Python scripts.
• ffuf – fuzzing of paths, parameters, and hidden endpoints.
• nikto – classic vulnerability scanner as a complementary check.

API Testing

• Postman and Bruno – structured collections and reproducible API workflows.
• jwt_tool – analysis and manipulation of JSON Web Tokens.
• sqlmap and sstimap – automated testing for SQL and SSTI injection vulnerabilities.

Cryptography & Transport

• binsec.tools SSLCheck (plus the standalone CLI sslcheck) – in-depth TLS configuration review.
• binsec.tools HTTPHeaderCheck – analysis of security-relevant HTTP headers.

Scripting & Automation

• Python – tailor-made scripts, proofs of concept, and automation for specific test cases.

Conclusion

A successful web application pentest does not rely on a single tool but on the coordinated combination of multiple approaches. This ensures realistic coverage of all relevant attack vectors—from infrastructure and APIs to application-specific logic.