beSTORM Client
The main beSTORM Client window consists of three panes: Project Settings, Module Browser, and Preview. When a test is in progress, the Project Settings pane is replaced with the Test Information pane, and the Module Browser pane with Test Progress pane.
Project Settings pane
The Project Settings pane displays the current project's settings, project name, and number of parallel processes in use while a test is running. When the project is network-related, it displays the Hostname or IP address, Port, and the transport Protocol being used for testing.
Module Browser pane
The Module Browser pane displays the current module configuration and controls the testing behavior. By locking and setting the position of a module, you can direct beSTORM to test certain sections while ignoring others.
Preview pane
The Preview pane displays the current position of the module. You can export the current content of the Preview pane into a file for further manual testing. Selecting Export generates a platform-independent Perl script that imitates the behavior of beSTORM, providing the same sequence of events that caused the data shown to be sent to the remote server.
Test Information pane
The Test Information pane appears after a test starts running and allows you to monitor the progress of the current test, identify what is being tested, and display what is currently being fuzzed. As soon as a vulnerability is detected, the counter will increase. Clicking on the counter displays the attack vector that triggered the problem, as well as the outcome of the problem.
Test Progress pane
The Test Progress pane appears after a test starts running and allows you to monitor the progress of the current test and see the momentary and average speed of the test measured as Saturation Rate Threshold (that is, tests per second).
Exception Information window
The Exception Information window displays information relevant to the exception that was detected. beSTORM can detect a variety of issues in products. The issues, or exceptions, are referred to as such as they are unexpected behavior being manifested by the product being tested. Whenever beSTORM tests a network protocol, file specification, or API calls, the exceptions beSTORM looks for relates to any behavior that caused the software being tested to stop responding, overflow an internal buffer, access information that it would otherwise not be able to access, manipulate or change items it should not have access to, etc.
For other types of testing, such as in the case of Web Applications, exceptions are not as limited, but include problems which manifest as cross-site scripting, SQL injection, code injection, and command execution vulnerabilities. The following Exception Information window example displays information relevant to the exception related to a network protocol.
Whenever possible, a stack dump, as well as the trigger for the exception, is displayed at the Exception data section of the dialog box, and in any case an attack vector is displayed at the bottom of the screen. Once the product being tested recovers, beSTORM will continue its testing until it has exhausted all possible attack vectors. If the product does not recover, beSTORM will halt and await further instructions from you.
Conclusion window
If you select Report from the Test Information pane while a test is running, beSTORM will pause the test and show a temporary conclusion of the test up to this point.
This window includes general information about the test, including: reason for pause (error, user request, etc.), connectivity status, number of vulnerabilities detected, and the number of combinations ran in the last session. On the right-side of the window is a list that displays the test cases in the tested module, which tests were exhausted, tests not in process, and tests not started yet.
Select Export to generate a fully detailed HTML report that includes all data collected throughout the test process. Select Finish to close the project and load the last saved status. You can resume the scan by selecting Resume.
