Search Call 1-800-383-5193 Emergency Contact
Client

NDA Protected Technology Client

Services used

DevOps Management
See similar case studies

External VAPT for Public-Facing Web Infrastructure

Public-facing web platforms expose far more than just content to the internet. Bobcares partnered with a US-based cybersecurity organization to conduct an external vulnerability assessment and penetration test, uncovering configuration gaps, availability risks, and exposed components, and providing insights to support effective remediation.
Case Study Section

Business Challenge

Public-facing services exposed security gaps and availability risks, increasing attack surface and operational concerns.

Technology Used

dnsenum recon-ng nmap nikto wpscan XSStrike pentest-tools website scanner sqlmap

Blueprint

Bobcares performed an external VAPT to identify exposed components and risks, delivering clear findings to support secure remediation.

web

VAPT Testing

The Client

The client operates public-facing web services that support users globally. The environment includes a WordPress-based primary website and multiple public subdomains. High availability, content delivery networks, caching layers, and third-party performance tools play a key role in daily operations.

Given the exposure of internet-facing assets, maintaining visibility into security risks was critical to protect uptime, trust, and operational continuity.

The Challenge

  • Platform and component details were publicly accessible, increasing the attack surface.
  • HTTP security headers and CSP were missing or inconsistent across endpoints.
  • Multiple forms and feeds presented potential CSRF exposure.
  • Scans flagged possible susceptibility to slow request denial-of-service attacks.
  • Third-party scripts and performance tools added client-side complexity and risk vectors.

Why Bobcares

Bobcares was chosen by the client for our hands-on approach to black-box testing, clear identification of practical risks, and ability to translate technical findings into insights that teams can act on with confidence. The assessment required a clear, evidence-driven view of externally visible risks without relying on internal access.

What We Delivered

Bobcares conducted a targeted external vulnerability assessment and penetration test across the primary domain, uncovering public subdomains. The engagement covered reconnaissance, service discovery, application testing, client-side analysis, and availability checks. The findings were documented clearly with raw evidence and prioritized summaries.

Key Components and Implementation Highlights

Reconnaissance & Discovery

DNS and subdomain enumeration identified multiple public-facing services and endpoints.

Service & Application Analysis

Port scanning and fingerprinting revealed exposed services, CMS endpoints, and application components. WordPress themes, plugins, feeds, and admin-related paths were identified.

Security Headers & Configuration Review

Testing confirmed missing or inconsistent CSP, Referrer-Policy, and other HTTP security headers across several responses.

Client-Side & DOM Analysis

Dynamic client-side scripts from performance tooling were flagged for potentially risky constructs, though no direct DOM XSS was confirmed.

Form & Availability Testing

Multiple forms showed possible CSRF exposure. Slow request behavior flagged potential denial-of-service risks on HTTP endpoints.

Key Aspects and Modules

  • External black-box testing of internet-facing assets.
  • Header, CMS, and component visibility assessment.
  • Client-side and DOM behavior analysis.
  • Form discovery and CSRF exposure checks.
  • Availability risk identification through slow request testing.

The Results

Key Metric

Observation
High-Risk Findings None detected
Medium-Risk Findings Potential DoS susceptibility
Low-Risk Findings Missing headers and policies
Informational Findings Component and endpoint visibility

The Business Impact

  • Availability risks highlighted potential exposure to service disruption.
  • Increased visibility into exposed components reduced uncertainty around attack surface size.
  • Configuration gaps affecting browser-side protection were clearly documented.
  • Evidence-based reporting supported informed remediation and compliance discussions.

Technologies Used

  • dnsenum
  • recon-ng
  • nmap
  • nikto
  • wpscan
  • XSStrike
  • pentest-tools website scanner
  • sqlmap

What’s Next

The VAPT report delivered a detailed inventory of externally visible risks and exposed components. The findings provide a clear foundation for remediation, security hardening, and future reassessments.

Conclusion

This report gave the client a clear external view of its public-facing web environment. Documented findings, raw evidence, and prioritized insights helped translate technical exposure into actionable security decisions.

The case highlights how Bobcares applies structured external testing to strengthen availability, reduce risk, and support confident growth for internet-facing platforms.