Vulnerability Assessment

Square One Technologies Inc. was contracted to perform a comprehensive vulnerability assessment for the Maryland CMS, specifically focusing on its MHBE URLs and associated AWS Environment. The primary objective was to assess potential vulnerabilities, thereby ensuring that appropriate information security controls were effectively implemented across both the web applications and the cloud environment. The rigorous vulnerability assessment included, but was not limited to, a range of advanced testing techniques: network-level diagnostics such as ping sweeps and port scans of target hosts; comprehensive vulnerability scanning against targets; application-level manipulation; client-side Java/ActiveX reverse engineering; and detailed analysis of common application flaws like the OWASP Top 10, XSS (cross-site scripting) with explicitly designed payloads, SQL Injection with crafted malicious payloads, SSRF (server-side request forgery), and Backdoor Vulnerability Analysis.