Security Testing Automation

Overview

Comprehensive security testing automation patterns for continuous security validation, including penetration testing, fuzzing, compliance checks, and automated test generation using Claude Code.

Security Test Suite Generator

// security/test-generator.ts
import { ClaudeSDK } from '@claude/sdk';
 
export class SecurityTestGenerator {
  constructor(private claude: ClaudeSDK) {}
  
  async generateSecurityTestSuite(
    component: string,
    vulnerabilityTypes: string[]
  ): Promise<SecurityTestSuite> {
    const prompt = `
Generate a comprehensive security test suite for:
Component: ${component}
Vulnerability Types: ${vulnerabilityTypes.join(', ')}
 
Include:
1. Unit tests for security controls
2. Integration tests for authentication/authorization
3. Penetration tests for common attacks
4. Fuzzing tests for input validation
5. Performance tests for DoS prevention
    `;
    
    const response = await this.claude.generateCode(prompt);
    
    return {
      unitTests: this.parseUnitTests(response),
      integrationTests: this.parseIntegrationTests(response),
      penetrationTests: this.parsePenetrationTests(response),
      fuzzingTests: this.parseFuzzingTests(response),
      performanceTests: this.parsePerformanceTests(response)
    };
  }
}

Penetration Testing

// Penetration test example
describe('Security: API Endpoint', () => {
  let penTest: PenTest;
  
  beforeEach(() => {
    penTest = new PenTest(endpoint);
  });
  
  describe('SQL Injection', () => {
    it('should prevent SQL injection in query parameters', async () => {
      const payloads = [
        "' OR '1'='1",
        "1; DROP TABLE users;--",
        "' UNION SELECT * FROM users--",
        "admin'--",
        "1' AND '1' = '1"
      ];
      
      for (const payload of payloads) {
        const response = await penTest.test({
          params: { id: payload }
        });
        
        expect(response.status).not.toBe(500);
        expect(response.body).not.toContain('SQL');
        expect(response.body).not.toContain('error');
      }
    });
  });
  
  describe('XSS Prevention', () => {
    it('should sanitize user input to prevent XSS', async () => {
      const xssPayloads = [
        '<script>alert("XSS")</script>',
        '<img src=x onerror=alert("XSS")>',
        '<svg onload=alert("XSS")>',
        'javascript:alert("XSS")',
        '<iframe src="javascript:alert(\`XSS\`)"></iframe>'
      ];
      
      for (const payload of xssPayloads) {
        const response = await penTest.test({
          body: { comment: payload }
        });
        
        expect(response.body).not.toContain(payload);
        expect(response.body).not.toContain('<script>');
        expect(response.headers['content-type']).toContain('application/json');
      }
    });
  });
  
  describe('Authentication Bypass', () => {
    it('should prevent authentication bypass attempts', async () => {
      const bypassAttempts = [
        { headers: { authorization: 'Bearer invalid' } },
        { headers: { authorization: 'Bearer ' } },
        { headers: {} },
        { headers: { authorization: 'Basic YWRtaW46YWRtaW4=' } }
      ];
      
      for (const attempt of bypassAttempts) {
        const response = await penTest.test(attempt);
        expect(response.status).toBe(401);
      }
    });
  });
  
  describe('Rate Limiting', () => {
    it('should enforce rate limits', async () => {
      const requests = Array(100).fill(null).map(() => 
        penTest.test({ method: 'POST' })
      );
      
      const responses = await Promise.all(requests);
      const rateLimited = responses.filter(r => r.status === 429);
      
      expect(rateLimited.length).toBeGreaterThan(0);
    });
  });
});

Test Runner

// security/test-runner.ts
export class SecurityTestRunner {
  async runSecurityTests(suite: SecurityTestSuite): Promise<TestResults> {
    const results: TestResults = {
      passed: 0,
      failed: 0,
      skipped: 0,
      vulnerabilities: []
    };
    
    const phases = [
      { name: 'Unit Tests', tests: suite.unitTests },
      { name: 'Integration Tests', tests: suite.integrationTests },
      { name: 'Penetration Tests', tests: suite.penetrationTests },
      { name: 'Fuzzing Tests', tests: suite.fuzzingTests }
    ];
    
    for (const phase of phases) {
      console.log(`\n🔒 Running ${phase.name}...`);
      
      const phaseResults = await this.runTestPhase(phase.tests);
      results.passed += phaseResults.passed;
      results.failed += phaseResults.failed;
      results.vulnerabilities.push(...phaseResults.vulnerabilities);
    }
    
    await this.reporter.generateReport(results);
    
    return results;
  }
  
  private async executeTest(test: Test): Promise<TestResult> {
    const env = await this.setupTestEnvironment(test);
    
    try {
      const startTime = Date.now();
      const result = await test.execute(env);
      const duration = Date.now() - startTime;
      
      const analysis = await this.analyzeTestResult(result);
      
      return {
        passed: analysis.passed,
        duration,
        vulnerability: analysis.vulnerability,
        details: analysis.details
      };
    } finally {
      await this.cleanupTestEnvironment(env);
    }
  }
}

CI/CD Security Pipeline

// .claude/security-pipeline.ts
export const securityPipeline: Pipeline = {
  name: 'security-testing',
  triggers: ['push', 'pull_request', 'schedule:0 */6 * * *'],
  
  stages: [
    {
      name: 'dependency-scan',
      steps: [
        {
          name: 'npm-audit',
          command: 'npm audit --json',
          continueOnError: false
        },
        {
          name: 'snyk-test',
          command: 'snyk test --severity-threshold=medium',
          continueOnError: false
        }
      ]
    },
    {
      name: 'static-analysis',
      parallel: true,
      steps: [
        {
          name: 'eslint-security',
          command: 'eslint . --ext .ts,.tsx --config .eslintrc.security.js'
        },
        {
          name: 'semgrep',
          command: 'semgrep --config=auto --error'
        }
      ]
    },
    {
      name: 'security-tests',
      steps: [
        {
          name: 'unit-security-tests',
          command: 'jest --testMatch="**/*.security.test.ts"'
        },
        {
          name: 'penetration-tests',
          command: 'npm run test:penetration',
          timeout: 1800 // 30 minutes
        }
      ]
    }
  ],
  
  notifications: {
    onFailure: ['security-team@company.com'],
    onVulnerability: ['security-team@company.com', 'dev-team@company.com']
  }
};

Test Types

1. Input Validation Testing

  • Test boundary conditions
  • Test special characters
  • Test encoding issues
  • Test buffer overflows

2. Authentication Testing

  • Test credential brute forcing
  • Test session management
  • Test password policies
  • Test MFA implementation

3. Authorization Testing

  • Test privilege escalation
  • Test access control bypass
  • Test IDOR vulnerabilities
  • Test role-based access

4. Injection Testing

  • SQL injection
  • NoSQL injection
  • Command injection
  • LDAP injection
  • XPath injection

5. Business Logic Testing

  • Test workflow bypasses
  • Test race conditions
  • Test price manipulation
  • Test quantity limits

See Also