Professional Documents
Culture Documents
Rapid7 Insightappsec Appspider Attack Types Datasheet2
Rapid7 Insightappsec Appspider Attack Types Datasheet2
Rapid7 Insightappsec Appspider Attack Types Datasheet2
• ASP.NET ViewState
• Custom Directory
• LDAP Injection
Injection
Security (ViewState Module • Server Side Template
Check)
• Custom Parameter • Local Storage Usage Injection
• Reflected
Clear Text in a Cookie Tampering) Attack
Cross-Site
(Password exposure).
• HTTPS Downgrade Scripting Simple (XSS,
• XPath Injection
• Cross Origin Resources
• HTTPS Everywhere Simple)
• X-Powered-By
Sharing (CORS)
• Information • Reflection • X-XSS-Protection
• Cross-Site
Disclosure in
Request
Forgery (CSRF)
Comments
• Reverse Clickjacking
Learn more at www.rapid7.com/insightappsec. 071919