Web application penetration test and partial code review of a newly developed internal web application