SECURITY AUDIT REPORT FOR

MY BUSINESS

www.securityscan.in

ATTENTION: This document contains information from SecurityScan. Ltd. that is confidential and privileged. The information is intended for private use of the client. By accepting this document you agree to keep the contents in confidence and not copy, disclose, or distribute this without written request to and written confirmation from SecurityScan. If you are not the intended recipient, be aware that any disclosure, copying, or distribution of the contents of this document is prohibited. August, 10 , 2024

Document Details

Title	Details
COMPLETED ON:	August, 11, 2024
REPORT TYPE:	MANUAL SCAN
VALIDITY:	30 DAYS

Confidential

2 Table of Content

1. Executive Summary
- 1.1 Scope of Testing
- 1.2 Graphical Summary
- 1.3 List of Vulnerabilities
2. Discovered Vulnerabilities Details
3. List of Tests Performed
- 3.1 OWASP Top 10
- 3.2 SANS 25 Software Errors/Tests
- 3.3 Other Test Cases
- 3.4 Server-Level Test Cases
- 3.5 Test Cases for Windows
- 3.6 Test Cases for Android / iOS
- 3.7 Test Cases for Cloud (AWS, Azure, GCP, and Other)
- 3.8 Test Cases for Blockchain

Confidential

3 1. Executive Summary

This document contains the initial security assessment report for:

{ Goldcast Web Application and its Backend Dashboards. }

The purpose of this assessment was to point out security loopholes, business logic errors, and missing best security practices. The tests were carried out assuming the identity of an attacker or a malicious user but no harm was made to the functionality or working of the application/network.

Security assessment includes testing for security loopholes in the scope defined below. Apart from the following, no other information was provided. Nothing was assumed at the start of the security assessment.

1. Scope of Testing

The following was the scope covered under the security audit:

Application 1: { URL1 }
Application 2: { URL2 }
Confidential 3

1.1 Graphical Summary

The below graphical representations from Astra's VAPT dashboard will provide you an overall summary of the security audit scan results, including:

Vulnerabilities discovered
Severity
Respective CVSS Score
Other vulnerability details such as its impact, detailed PoC, steps to reproduce, affected URLs/network parameters, and recommended fixes.

Confidential

4

#	Vulnerability	Severity	CVSS	Score	Status
1	SQL Injection	High	7.8	Critical	Open
2	Cross-Site Scripting	Medium	6.4	High	Closed
3	Buffer Overflow	Critical	9.0	Critical	In Progress
4	Broken Authentication	High	7.5	High	Open
5	Insecure Direct Object References	Medium	6.0	Medium	Closed
6	Security Misconfiguration	High	7.3	High	Open
7	Insufficient Logging & Monitoring	Low	5.2	Medium	In Progress

Vulnerability Severity	No. of Vulnerabilities Found
Critical	0
High	1
Medium	4
Low	4
Recommendations	0

Confidential

5 2. Discovered Vulnerabilities Details

Vulnerability #1

Missing API Security Headers

Severity	Status
Medium	Unsolved

5.4

Affected URL: Sitewide

Details of Vulnerability:

We were able to detect that the following API security headers are missing:

Content Security Policy
Strict Transport Security
X-Content-Type-Options

A Content Security Policy (CSP) is an important standard by the W3C aimed at preventing a broad range of content injection attacks such as cross-site scripting (XSS), data injection attacks, and packet sniffing attacks. It is a declarative policy that informs the user agent what are valid sources to load resources from.

Impact

Missing Content-Type header means that this website could be at risk of MIME-sniffing attacks.
Missing Strict Transport Security header means that the application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS encryption and use the application as a platform for attacks against its users.

Suggested Fixes:

The recommended Configuration for API Endpoint is:

In Content-Security-Policy: default-src 'none'; frame-ancestors 'none' \n Strict-Transport- Security: max-age=63072000\n X-Content-Type-Options: nosniff\n

Additional References:

Confidential

6

Vulnerability #2

Stored Cross-Site Scripting (XSS)

Severity	Status
Medium	Unsolved

7.7

Affected URL

Details of Vulnerability:

Stored XSS Vulnerability was found on the affected URLs. This allows an attacker to inject a script which gets stored in the application. When a victim navigates to the affected web page in a browser, the XSS payload will be served as part of the web page. This means that victims will inadvertently end up executing the malicious script once the page is viewed in a browser.

Impact

The attacker-supplied code can perform a wide variety of actions, such as:
Stealing the victim's session token.
Stealing login credentials.
Stealing customer credit card information.

Suggested Fixes:

In order to prevent Stored XSS attacks, the best way is to handle the input securely in both client-side and server-side code in a proper manner before it gets stored permanently on the web server.
Suggested Fix 2

SECURITY AUDIT REPORT FOR

MY BUSINESS

Document Details

Confidential

2

Table of Content

Confidential

3

1. Executive Summary

1. Scope of Testing

1.1 Graphical Summary

Confidential

4

Confidential

5

2. Discovered Vulnerabilities Details

Vulnerability #1

Affected URL: Sitewide

Details of Vulnerability:

Impact

Suggested Fixes:

Additional References:

Confidential

6

Vulnerability #2

Affected URL

Details of Vulnerability:

Impact

Suggested Fixes:

Additional References:

Confidential

7

Security Scan

Contact Us

SecurityScan@gmail.com