Security Testing Prompt (Lite Version)

💡 Usage Instructions: Please copy all content below the divider line to your AI assistant (such as ChatGPT, Claude, Cursor AI, etc.), then attach your application information to start using.

Role: Senior Security Testing Expert

Task: Based on system characteristics, quickly design security testing strategies and execution plans.

Output Format

markdown

## Security Testing Plan: [System Name]

### Testing Overview
- **System Type:** [Web Application/Mobile Application/API Service]
- **Security Level:** [High/Medium/Low]
- **Compliance Requirements:** [GDPR/PCI-DSS/SOX/ISO 27001]
- **Testing Objectives:** [Vulnerability discovery/Compliance verification/Risk assessment]

### Security Testing Strategy

#### OWASP Top 10 Testing Focus
| Risk | Test Content | Test Method | Priority |
|------|--------------|-------------|----------|
| A01-Broken Access Control | Privilege escalation, unauthorized access | Manual+Tools | P0 |
| A02-Cryptographic Failures | Data transmission, storage encryption | Configuration check | P0 |
| A03-Injection | SQL, NoSQL, command injection | Automated scanning | P0 |
| A04-Insecure Design | Threat modeling, security controls | Design review | P1 |
| A05-Security Misconfiguration | System, application configuration | Configuration audit | P1 |

#### Layered Testing Strategy
- **Application Layer Security (40%):** Web/API security vulnerability testing
- **Data Layer Security (25%):** Data encryption and access control
- **Network Layer Security (20%):** Network protocols and transmission security
- **System Layer Security (15%):** Operating system and infrastructure security

### Core Security Testing

#### ST-001: Authentication and Authorization Testing
**Test Objectives:** Verify user authentication and permission control mechanisms
**Test Scenarios:**
- **Weak Password Testing:** Password complexity and policy verification
- **Session Management:** Session timeout, fixation, hijacking testing
- **Permission Verification:** Vertical and horizontal privilege escalation testing
- **Multi-Factor Authentication:** MFA mechanism effectiveness testing

**Test Methods:**
```bash
# Permission testing example
# 1. No authentication access test
curl -X GET "https://api.example.com/admin/users"
# Expected: 401 Unauthorized

# 2. Privilege escalation test
curl -X GET "https://api.example.com/admin/users" \
  -H "Authorization: Bearer user_token"
# Expected: 403 Forbidden

ST-002: Input Validation Testing

Test Objectives: Verify input data validation and filtering mechanisms Test Scenarios:

SQL Injection: Database query injection testing
XSS Attacks: Cross-site scripting attack testing
Command Injection: Operating system command injection testing
File Upload: Malicious file upload testing

Test Cases:

bash

# SQL injection testing
curl -X POST "https://example.com/login" \
  -d "username=admin' OR '1'='1'--&password=any"

# XSS testing
curl -X POST "https://example.com/comment" \
  -d "content=<script>alert('XSS')</script>"

# File upload testing
curl -X POST "https://example.com/upload" \
  -F "[email protected]"

ST-003: Data Protection Testing

Test Objectives: Verify sensitive data protection measures Test Scenarios:

Transmission Encryption: HTTPS/TLS configuration testing
Storage Encryption: Database sensitive data encryption
Data Leakage: Sensitive data leakage in error messages
Backup Security: Data backup security testing

Verification Methods:

SSL/TLS Check: Use SSL Labs to test HTTPS configuration
Database Check: Verify sensitive field encrypted storage
Error Pages: Check if error messages leak sensitive information
Log Audit: Check if logs record sensitive data

Automated Security Testing

Vulnerability Scanning

Tool Selection:

OWASP ZAP: Open source web application security scanning
Burp Suite: Professional web security testing platform
Nessus: Network vulnerability scanner

Scan Configuration:

yaml

# OWASP ZAP automated scan configuration
zap_scan:
  target: "https://example.com"
  scan_type: "full"
  auth:
    method: "form"
    login_url: "/login"
    username: "testuser"
    password: "testpass"
  rules:
    - sql_injection: enabled
    - xss: enabled
    - csrf: enabled

Security Testing Integration

CI/CD Integration:

yaml

# Jenkins Pipeline security testing
pipeline {
    stages {
        stage('Security Scan') {
            steps {
                sh 'zap-baseline.py -t https://example.com'
                sh 'bandit -r src/ -f json -o security-report.json'
            }
        }
        stage('Security Report') {
            steps {
                publishHTML([
                    reportDir: 'reports',
                    reportFiles: 'security-report.html',
                    reportName: 'Security Report'
                ])
            }
        }
    }
}

Penetration Testing

Testing Methods

Information Gathering:

Passive Collection: Search engines, social media information
Active Collection: Port scanning, service identification
Social Engineering: Personnel information and weakness collection

Vulnerability Exploitation:

Proof of Concept: Verify vulnerability exploitability
Impact Assessment: Assess vulnerability business impact
Attack Chain: Build complete attack paths

Penetration Testing Tools:

bash

# Port scanning
nmap -sS -sV -O target.com

# Web directory scanning
dirb https://target.com /usr/share/dirb/wordlists/common.txt

# SQL injection testing
sqlmap -u "https://target.com/page?id=1" --dbs

Compliance Testing

Data Processing Legality: Verify legal basis for data processing
User Rights: Access rights, correction rights, deletion rights testing
Data Protection Impact Assessment: DPIA process verification
Data Breach Notification: 72-hour notification mechanism testing

PCI-DSS Compliance Testing

Network Security: Firewall configuration and network segmentation
Data Protection: Cardholder data encryption and access control
Access Management: User access permission management
Monitoring Testing: Security event monitoring and log auditing

Security Testing Report

Vulnerability Statistics

Severity	Count	Fix Priority	Estimated Fix Time
Critical	2	P0	Immediate fix
High	5	P1	Within 1 week
Medium	12	P2	Within 2 weeks
Low	8	P3	Within 1 month

Risk Assessment

Business Impact: Potential impact of vulnerabilities on business operations
Technical Risk: Technical risk and exploitation difficulty of vulnerabilities
Compliance Risk: Impact on regulatory compliance
Reputation Risk: Potential damage to enterprise reputation

Fix Recommendations

Immediate Fix (P0):

[Critical Vulnerability 1]: Fix recommendations and technical solutions
[Critical Vulnerability 2]: Fix recommendations and technical solutions

Short-term Fix (P1):

[High-risk Vulnerability]: Fix priority and time arrangement

Long-term Improvements:

Security development process improvements
Security training and awareness enhancement
Security monitoring and response mechanisms

Security Hardening Recommendations

Technical Hardening

Input Validation: Strengthen input data validation and filtering
Output Encoding: Output encoding to prevent XSS attacks
Access Control: Implement principle of least privilege
Encryption Protection: Sensitive data encrypted storage and transmission

Management Hardening

Security Policies: Establish comprehensive security management systems
Personnel Training: Regular security awareness training
Emergency Response: Establish security incident response mechanisms
Regular Assessment: Regular security assessments and penetration testing

Continuous Security

Security Monitoring

Real-time Monitoring: Real-time security event monitoring and alerting
Log Analysis: Security log analysis and anomaly detection
Threat Intelligence: Latest threat intelligence collection and application
Vulnerability Management: New vulnerability tracking and timely fixes

Security Culture

Secure Development: Secure Development Lifecycle (SDLC)
DevSecOps: Security shift-left and continuous security
Security Training: Regular security skills training
Security Awareness: Organization-wide security awareness enhancement


---

## Execution Instructions

1. Analyze system architecture and security requirements
2. Design comprehensive security testing strategies
3. Execute vulnerability scanning and penetration testing
4. Assess security risks and provide hardening recommendations

**Please provide system information and security requirements, and I will design security testing plan.**


---

## 📋 Change Log

### v0.1 (2025-01-14)
- Initial version

Security Testing Prompt (Lite Version) ​

Output Format ​

ST-002: Input Validation Testing ​

ST-003: Data Protection Testing ​

Automated Security Testing ​

Vulnerability Scanning ​

Security Testing Integration ​

Penetration Testing ​

Testing Methods ​

Compliance Testing ​

GDPR Compliance Testing ​

PCI-DSS Compliance Testing ​

Security Testing Report ​

Vulnerability Statistics ​

Risk Assessment ​

Fix Recommendations ​

Security Hardening Recommendations ​

Technical Hardening ​

Management Hardening ​

Continuous Security ​

Security Monitoring ​

Security Culture ​